diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000..326d390f7 --- /dev/null +++ b/.gitignore @@ -0,0 +1,9 @@ +*.tar +*.zip +*.gzip +*.gz +.vscode +.DS_Store +src/react/node_modules +src/react/build +/.idea \ No newline at end of file diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md new file mode 100644 index 000000000..a515b12e9 --- /dev/null +++ b/ISSUE_TEMPLATE.md @@ -0,0 +1,23 @@ +### Operating System (OS/VERSION): + +Type here, e.g. CentOS 6 + +### VestaCP Version: + +Type here, e.g. 3.14159 + +### Installed Software (what you got with the installer): + +Type here, e.g. php-fpm, apache, nginx, mysql + +### Steps to Reproduce: + +Type here, e.g. install vesta and type rm -rf / --no-preserve-root + +### Related Issues/Forum Threads: + +Found anything that might be related to this? It might help us find the cause. + +### Other Notes: + +Anything else? diff --git a/LICENSE.txt b/LICENSE similarity index 100% rename from LICENSE.txt rename to LICENSE diff --git a/README.md b/README.md index d0fdbe4c9..b953eea6f 100644 --- a/README.md +++ b/README.md @@ -1,29 +1,44 @@ [Vesta Control Panel](http://vestacp.com/) ================================================== +Vesta is back under active development as of 25 February 2024. We are commited to open source, and will engage with the community to identify the new roadmap for Vesta. Stay tuned! + +[![Join the chat at https://gitter.im/vesta-cp/Lobby](https://badges.gitter.im/vesta-cp/Lobby.svg)](https://gitter.im/vesta-cp/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) + * Vesta is an open source hosting control panel. * Vesta has a clean and focused interface without the clutter. * Vesta has the latest of very innovative technologies. - -How to install +How to install (2 step) ---------------------------- Connect to your server as root via SSH ```bash ssh root@your.server ``` -Download the installation script +Download the installation script, and run it: ```bash -curl -O http://vestacp.com/pub/vst-install.sh +curl https://vestacp.com/pub/vst-install.sh | bash ``` -Run it +How to install (3 step) +---------------------------- +If the above example does not work, try this 3 step method: +Connect to your server as root via SSH +```bash +ssh root@your.server +``` + +Download the installation script: +```bash +curl -O https://vestacp.com/pub/vst-install.sh +``` +Then run it: ```bash bash vst-install.sh ``` License ---------------------------- -Vesta is licensed under [GPL v3 ](https://github.com/serghey-rodin/vesta/blob/master/LICENSE.txt) license +Vesta is licensed under [GPL v3 ](https://github.com/outroll/vesta/blob/master/LICENSE) license diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..c7499444a --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,5 @@ +# Security Policy + +## Reporting a Vulnerability + +Please report security issues to dev@vestacp.com diff --git a/bin/v-acknowledge-user-notification b/bin/v-acknowledge-user-notification new file mode 100755 index 000000000..19ea65f85 --- /dev/null +++ b/bin/v-acknowledge-user-notification @@ -0,0 +1,66 @@ +#!/bin/bash +# info: update user notification +# options: USER NOTIFICATION +# +# The function updates user notification. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +nid=$2 + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER NOTIFICATION' +is_format_valid 'user' 'nid' +is_object_valid 'user' 'USER' "$user" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Updating notification +update_object_value 'notifications' 'NID' "$nid" '$ACK' 'yes' 2>/dev/null + +# Checking last notification +if [ -e "$USER_DATA/notifications.conf" ]; then + if [ -z "$(grep NID= $USER_DATA/notifications.conf)" ]; then + notice='no' + fi + if [ -z "$(grep "ACK='no'" $USER_DATA/notifications.conf)" ]; then + notice='no' + fi +else + notice='no' +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Updating notification counter +if [ "$notice" = 'no' ]; then + if [ -z "$(grep NOTIFICATIONS $USER_DATA/user.conf)" ]; then + sed -i "s/^TIME/NOTIFICATIONS='no'\nTIME/g" $USER_DATA/user.conf + else + update_user_value "$user" '$NOTIFICATIONS' "no" + fi +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-activate-vesta-license b/bin/v-activate-vesta-license new file mode 100755 index 000000000..fefed2027 --- /dev/null +++ b/bin/v-activate-vesta-license @@ -0,0 +1,67 @@ +#!/bin/bash +# info: activate vesta license +# options: MODULE LICENSE +# +# The function activates and registers the vesta license + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +module=$(echo $1 | tr '[:lower:]' '[:upper:]') +license=$2 + +# Importing system environment +source /etc/profile + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +# Checking arg number +check_args '2' "$#" 'MODULE LICENSE' +is_user_format_valid "$license" "license" + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Activating license +v_host='https://vestacp.com/checkout' +answer=$(curl -s "$v_host/activate.php?licence_key=$license&module=$module") +check_result $? "cant' connect to vestacp.com " $E_CONNECT + +# Checking server answer +if [[ "$answer" != '0' ]]; then + echo "Error: $module license $license is invalid" + exit $E_INVALID +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Updating vesta.conf +if [ -z "$(grep "${module}_KEY" $VESTA/conf/vesta.conf)" ]; then + echo "${module}_KEY='$license'" >> $VESTA/conf/vesta.conf +else + sed -i "s/${module}_KEY=.*/${module}_KEY='$license'/g" $VESTA/conf/vesta.conf +fi + +# Activating sftpjail +if [ "$module" = 'SFTPJAIL' ]; then + setsid $BIN/v-add-sys-sftp-jail 2>/dev/null +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-backup-ftp-host b/bin/v-add-backup-ftp-host deleted file mode 100755 index e6c8d26cd..000000000 --- a/bin/v-add-backup-ftp-host +++ /dev/null @@ -1,101 +0,0 @@ -#!/bin/bash -# info: add backup ftp host -# options: HOST USERNAME PASSWORD [PATH] [PORT] -# -# The function adds ftp host for system backups - - -#----------------------------------------------------------# -# Variable&Function # -#----------------------------------------------------------# - -# Argument defenition -host=$1 -ftp_user=$2 -ftp_password=$3 -ftp_path=${4-/backup} -ftp_port=${5-21} -A3='******' - -# Includes -source $VESTA/func/main.sh -source $VESTA/conf/vesta.conf - -# Defining ftp command function -ftpc() { - ftp -p -n $host $ftp_port < /dev/null 2>&1 -ftmpdir="$ftp_path/vst.bK76A9SUkt" -ftp_result=$(ftpc "mkdir $ftmpdir" "rm $ftmpdir"|grep -v Trying) -if [ ! -z "$ftp_result" ] ; then - echo "$ftp_result" - rm -rf $tmpdir - echo "Error: can't create temp folder on the ftp" - log_event "$E_FTP" "$EVENT" - exit $E_FTP -fi - -# Adding backup host -echo "HOST='$host' -USERNAME='$ftp_user' -PASSWORD='$ftp_password' -BPATH='$ftp_path' -PORT='$ftp_port' -TIME='$TIME' -DATE='$DATE'" > $VESTA/conf/ftp.backup.conf -chmod 660 $VESTA/conf/ftp.backup.conf - - -#----------------------------------------------------------# -# Vesta # -#----------------------------------------------------------# - -# Update vesta.conf -if [ -z "$(grep LANGUAGE $VESTA/conf/vesta.conf)" ]; then - echo "BACKUP_SYSTEM='ftp'" >> $VESTA/conf/vesta.conf -else - bckp=$(echo "$BACKUP_SYSTEM,ftp" |\ - sed "s/,/\n/g"|\ - sort -r -u |\ - sed "/^$/d"|\ - sed ':a;N;$!ba;s/\n/,/g') - sed -i "s/BACKUP_SYSTEM=.*/BACKUP_SYSTEM='$bckp'/g" $VESTA/conf/vesta.conf -fi - -# Logging -log_event "$OK" "$EVENT" - -exit diff --git a/bin/v-add-backup-host b/bin/v-add-backup-host new file mode 100755 index 000000000..bccaa03ee --- /dev/null +++ b/bin/v-add-backup-host @@ -0,0 +1,200 @@ +#!/bin/bash +# info: add backup host +# options: TYPE HOST USERNAME PASSWORD [PATH] [PORT] +# +# This function adds a backup host + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +type=$1 +host=$2 +user=$3 +password=$4; HIDE=4 +path=${5-/backup} +port=$6 + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +# Defining ftp command function +ftpc() { + ftp -p -n $host $port <" { + if {\$count < \$argc} { + set arg [lindex \$argv \$count] + send "\$arg\r" + incr count + } else { + send "exit\r" + set output "Disconnected." + if {[info exists rc] != 1} { + set rc $OK + } + } + exp_continue + } + + timeout { + set output "Connection timeout." + set rc $E_CONNECT + } + } + + if {[info exists output] == 1} { + puts "\$output" + } + + exit \$rc +EOF +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +if [ "$type" != 'local' ];then + check_args '4' "$#" "TYPE HOST USERNAME PASSWORD [PATH] [PORT]" + is_format_valid 'user' 'host' 'path' 'port' + is_password_valid + if [ "$type" = 'sftp' ]; then + which expect >/dev/null 2>&1 + check_result $? "expect command not found" $E_NOTEXIST + fi + host "$host" >/dev/null 2>&1 + check_result $? "host connection failed" "$E_CONNECT" +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking network connection +if [ "$type" = 'ftp' ]; then + if [ -z $port ]; then + port=21 + fi + fconn=$(ftpc 2>&1) + ferror=$(echo $fconn |\ + grep -i -e failed -e error -e "can't" -e "not conn" -e "incorrect") + if [ ! -z "$ferror" ]; then + echo "Error: can't login to ftp $user@$host" + log_event "$E_CONNECT" "$ARGUMENTS" + exit $E_CONNECT + fi + + # Checking write permissions + if [ -z $path ]; then + ftmpdir="vst.bK76A9SUkt" + else + ftpc "mkdir $path" > /dev/null 2>&1 + ftmpdir="$path/vst.bK76A9SUkt" + fi + ftp_result=$(ftpc "mkdir $ftmpdir" "rm $ftmpdir"|grep -v Trying) + if [ ! -z "$ftp_result" ] ; then + echo "$ftp_result" + rm -rf $tmpdir + echo "Error: can't create $ftmpdir folder on the ftp" + log_event "$E_FTP" "$ARGUMENTS" + exit $E_FTP + fi +fi +if [ "$type" = 'sftp' ]; then + if [ -z $port ]; then + port=22 + fi + if [ -z $path ]; then + sftmpdir="vst.bK76A9SUkt" + sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1 + else + if sftpc "mkdir $path" > /dev/null 2>&1 ; then + sftmpdir="$path/vst.bK76A9SUkt" + sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1 + else + sftmpdir="$path/vst.bK76A9SUkt" + sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1 + fi + fi + rc=$? + if [[ "$rc" != 0 ]]; then + case $rc in + $E_CONNECT) echo "Error: can't login to sftp $user@$host";; + $E_FTP) echo "Error: can't create temp folder on the sftp host";; + esac + log_event "$rc" "$ARGUMENTS" + exit "$rc" + fi +fi + + +# Adding backup host +if [ $type != 'local' ]; then + time_n_date=$(date +'%T %F') + time=$(echo "$time_n_date" |cut -f 1 -d \ ) + date=$(echo "$time_n_date" |cut -f 2 -d \ ) + str="HOST='$host'\nUSERNAME='$user'\nPASSWORD='$password'" + str="$str\nBPATH='$path'\nPORT='$port'\nTIME='$time'\nDATE='$date'" + echo -e "$str" > $VESTA/conf/$type.backup.conf + chmod 660 $VESTA/conf/$type.backup.conf +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Update vesta.conf +if [ -z "$(grep BACKUP_SYSTEM $VESTA/conf/vesta.conf)" ]; then + echo "BACKUP_SYSTEM='$type'" >> $VESTA/conf/vesta.conf +else + bckp=$(echo "$BACKUP_SYSTEM,$type" |\ + sed "s/,/\n/g"|\ + sort -r -u |\ + sed "/^$/d"|\ + sed ':a;N;$!ba;s/\n/,/g') + sed -i "s/BACKUP_SYSTEM=.*/BACKUP_SYSTEM='$bckp'/g" $VESTA/conf/vesta.conf +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-cron-job b/bin/v-add-cron-job index 75a396a09..6b67eab43 100755 --- a/bin/v-add-cron-job +++ b/bin/v-add-cron-job @@ -10,14 +10,14 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 min=$2 hour=$3 day=$4 month=$5 wday=$6 -command=$(echo $7 | sed "s/'/%quote%/g") +command=$(echo $7 |sed "s/'/%quote%/g") job=$8 restart=$9 @@ -25,8 +25,7 @@ restart=$9 source $VESTA/func/main.sh source $VESTA/conf/vesta.conf -# Assing new value -A7="$command" +HIDE=7 #----------------------------------------------------------# @@ -34,13 +33,13 @@ A7="$command" #----------------------------------------------------------# check_args '7' "$#" 'USER MIN HOUR DAY MONTH WDAY COMMAND [JOB] [RESTART]' -validate_format 'user' 'min' 'hour' 'day' 'month' 'wday' 'command' +is_format_valid 'user' 'min' 'hour' 'day' 'month' 'wday' 'command' is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_package_full 'CRON_JOBS' get_next_cronjob -validate_format 'job' +is_format_valid 'job' is_object_new 'cron' 'JOB' "$job" @@ -48,9 +47,14 @@ is_object_new 'cron' 'JOB' "$job" # Action # #----------------------------------------------------------# +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Concatenating cron string str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'" -str="$str CMD='$command' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" +str="$str CMD='$command' SUSPENDED='no' TIME='$time' DATE='$date'" # Adding to crontab echo "$str" >> $VESTA/data/users/$user/cron.conf @@ -72,14 +76,12 @@ sync_cron_jobs # Increasing cron value increase_user_value $user '$U_CRON_JOBS' -# Restart crond +# Restarting crond $BIN/v-restart-cron -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +check_result $? "Cron restart failed" >/dev/null # Logging log_history "added cron job $job" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-cron-letsencrypt-job b/bin/v-add-cron-letsencrypt-job new file mode 100755 index 000000000..19b6de7c8 --- /dev/null +++ b/bin/v-add-cron-letsencrypt-job @@ -0,0 +1,43 @@ +#!/bin/bash +# info: add letsencrypt cronjob +# options: NONE +# +# The script for enabling letsencrypt cronjob + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Add cron job +cmd="sudo /usr/local/vesta/bin/v-update-sys-queue letsencrypt" +check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null) +if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then + $BIN/v-add-cron-job admin '*/5' '*' '*' '*' '*' "$cmd" +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-cron-reports b/bin/v-add-cron-reports index d38eaf4f8..df7859054 100755 --- a/bin/v-add-cron-reports +++ b/bin/v-add-cron-reports @@ -1,6 +1,6 @@ #!/bin/bash # info: add cron reports -# opions: user +# options: user # # The script for enabling reports on cron tasks and administrative # notifications. @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -46,12 +46,10 @@ sync_cron_jobs # Restart crond $BIN/v-restart-cron -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +check_result $? "Cron restart failed" >/dev/null # Logging log_history "enabled cron reporting" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-cron-restart-job b/bin/v-add-cron-restart-job index b751c9adb..9b0612655 100755 --- a/bin/v-add-cron-restart-job +++ b/bin/v-add-cron-restart-job @@ -1,6 +1,6 @@ #!/bin/bash # info: add cron reports -# opions: NONE +# options: NONE # # The script for enabling restart cron tasks @@ -38,6 +38,6 @@ fi #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-cron-vesta-autoupdate b/bin/v-add-cron-vesta-autoupdate index 84c041c40..8b8d13677 100755 --- a/bin/v-add-cron-vesta-autoupdate +++ b/bin/v-add-cron-vesta-autoupdate @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=admin # Includes @@ -34,9 +34,14 @@ fi # Action # #----------------------------------------------------------# -# Define time somewhere at nigth -min=$(gen_password '012345' '2') -hour=$(gen_password '1234567' '1') +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + +# Define time somewhere at night +min=$(generate_password '012345' '2') +hour=$(generate_password '1234567' '1') day='*' month='*' wday='*' @@ -44,7 +49,7 @@ command='sudo /usr/local/vesta/bin/v-update-sys-vesta-all' # Concatenating cron string str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'" -str="$str CMD='$command' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" +str="$str CMD='$command' SUSPENDED='no' TIME='$time' DATE='$date'" # Adding to crontab echo "$str" >> $VESTA/data/users/$user/cron.conf @@ -66,14 +71,12 @@ sync_cron_jobs # Increasing cron value increase_user_value $user '$U_CRON_JOBS' -# Restart crond +# Restarting crond $BIN/v-restart-cron -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +check_result $? "Cron restart failed" >/dev/null # Logging log_history "added cron job $job" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-database b/bin/v-add-database index 6c6a539f9..438b473ec 100755 --- a/bin/v-add-database +++ b/bin/v-add-database @@ -15,11 +15,11 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 database="$user"_"$2" dbuser="$user"_"$3" -dbpass=$4 +password=$4; HIDE=4 type=${5-mysql} host=$6 charset=${7-UTF8} @@ -30,27 +30,25 @@ source $VESTA/func/main.sh source $VESTA/func/db.sh source $VESTA/conf/vesta.conf -# Hiding password -A4='******' -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" - #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DATABASE DBUSER DBPASS [TYPE] [HOST] [CHARSET]' -validate_format 'user' 'database' 'dbuser' 'dbpass' 'charset' +is_format_valid 'user' 'database' 'dbuser' 'charset' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_type_valid "$DB_SYSTEM" "$type" is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_new 'db' 'DB' "$database" get_next_dbhost -is_object_valid "../../../conf/$type" 'DBHOST' "$host" +is_object_valid "../../../conf/$type" 'HOST' "$host" is_object_unsuspended "../../../conf/$type" 'DBHOST' "$host" #is_charset_valid is_package_full 'DATABASES' +is_password_valid +dbpass="$password" #----------------------------------------------------------# @@ -68,14 +66,15 @@ esac # Vesta # #----------------------------------------------------------# -# Update time and date -DATE=$(date +%F) -TIME=$(date +%T) +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) # Adding db to db conf str="DB='$database' DBUSER='$dbuser' MD5='$md5' HOST='$host' TYPE='$type'" -str="$str CHARSET='$charset' U_DISK='0' SUSPENDED='no' TIME='$TIME'" -str="$str DATE='$DATE'" +str="$str CHARSET='$charset' U_DISK='0' SUSPENDED='no' TIME='$time'" +str="$str DATE='$date'" echo "$str" >> $USER_DATA/db.conf chmod 660 $USER_DATA/db.conf @@ -85,6 +84,6 @@ increase_user_value "$user" '$U_DATABASES' # Logging log_history "added $type database $database" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-database-host b/bin/v-add-database-host index 12cd0f9ab..c7b23ddfb 100755 --- a/bin/v-add-database-host +++ b/bin/v-add-database-host @@ -13,11 +13,11 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition type=$1 host=$2 dbuser=$3 -dbpass=$4 +password=$4; HIDE=4 max_db=${6-500} charsets=${7-UTF8,LATIN1,WIN1250,WIN1251,WIN1252,WIN1256,WIN1258,KOI8} template=${8-template1} @@ -27,8 +27,31 @@ source $VESTA/func/main.sh source $VESTA/func/db.sh source $VESTA/conf/vesta.conf -# Hiding password -A4='******' +is_mysql_host_alive() { + mycnf=$(mktemp) + echo "[client]">$mycnf + echo "host='$HOST'" >> $mycnf + echo "user='$USER'" >> $mycnf + echo "password='$PASSWORD'" >> $mycnf + chmod 600 $mycnf + mysql --defaults-file=$mycnf -e 'SELECT VERSION()' >/dev/null 2>&1 + rm $mycnf + if [ '0' -ne "$?" ]; then + echo "Error: MySQL connection to $host failed" + log_event "$E_CONNECT" "$ARGUMENTS" + exit $E_CONNECT + fi +} + +is_pgsql_host_alive() { + export PGPASSWORD="$dbpass" + psql -h $host -U $dbuser -c "SELECT VERSION()" > /dev/null 2>&1 + if [ '0' -ne "$?" ]; then + echo "Error: PostgreSQL connection to $host failed" + log_event "$E_CONNECT" "$ARGUMENTS" + exit $E_CONNECT + fi +} #----------------------------------------------------------# @@ -37,10 +60,12 @@ A4='******' args_usage='TYPE HOST DBUSER DBPASS [MAX_DB] [CHARSETS] [TPL]' check_args '4' "$#" "$args_usage" -validate_format 'host' 'dbuser' 'dbpass' 'max_db' 'charsets' 'template' -is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' -is_type_valid "$DB_SYSTEM" "$type" +is_format_valid 'host' 'dbuser' 'max_db' 'charsets' 'template' +#is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' +#is_type_valid "$DB_SYSTEM" "$type" is_dbhost_new +is_password_valid +dbpass="$password" case $type in mysql) is_mysql_host_alive ;; pgsql) is_pgsql_host_alive ;; @@ -51,27 +76,44 @@ esac # Action # #----------------------------------------------------------# -# Concatentating db host string +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + +# Concatenating db host string case $type in mysql) str="HOST='$host' USER='$dbuser' PASSWORD='$dbpass'"; str="$str CHARSETS='$charsets' MAX_DB='$max_db' U_SYS_USERS=''"; - str="$str U_DB_BASES='0' SUSPENDED='no' TIME='$TIME' DATE='$DATE'";; + str="$str U_DB_BASES='0' SUSPENDED='no' TIME='$time' DATE='$date'";; pgsql) str="HOST='$host' USER='$dbuser' PASSWORD='$dbpass'"; str="$str CHARSETS='$charsets' TPL='$template' MAX_DB='$max_db'"; str="$str U_SYS_USERS='' U_DB_BASES='0' SUSPENDED='no'"; - str="$str TIME='$TIME' DATE='$DATE'";; + str="$str TIME='$time' DATE='$date'";; esac -# Adding host to conf -echo "$str" >> $VESTA/conf/$type.conf -chmod 660 $VESTA/conf/$type.conf - #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Adding host to conf +echo "$str" >> $VESTA/conf/$type.conf +chmod 660 $VESTA/conf/$type.conf + +# Updating vesta.conf +if [ -z "$(grep DB_SYSTEM $VESTA/conf/vesta.conf)" ]; then + echo "DB_SYSTEM='$type'" >> $VESTA/conf/vesta.conf +else + db=$(echo "$DB_SYSTEM,$type" |\ + sed "s/,/\n/g"|\ + sort -r -u |\ + sed "/^$/d"|\ + sed ':a;N;$!ba;s/\n/,/g') + sed -i "s/DB_SYSTEM=.*/DB_SYSTEM='$db'/g" $VESTA/conf/vesta.conf +fi + # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-dns-domain b/bin/v-add-dns-domain index 41038d616..17bdc4ae3 100755 --- a/bin/v-add-dns-domain +++ b/bin/v-add-dns-domain @@ -1,6 +1,6 @@ #!/bin/bash # info: add dns domain -# options: USER DOMAIN IP [NS1] [NS2] [NS3] [NS4] [RESTART] +# options: USER DOMAIN IP [NS1] [NS2] [NS3] [..] [NS8] [RESTART] # # The function adds DNS zone with records defined in the template. If the exp # argument isn't stated, the expiration date value will be set to next year. @@ -13,56 +13,75 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | sed -e 's/\.*$//g' -e 's/^\.*//g') -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 ip=$3 ns1=$4 ns2=$5 ns3=$6 ns4=$7 -restart=$8 +ns5=$8 +ns6=$9 +ns7=${10} +ns8=${11} +restart=${12} # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '3' "$#" 'USER DOMAIN IP [NS1] [NS2] [NS3] [NS4]' -validate_format 'user' 'domain' 'ip' +check_args '3' "$#" 'USER DOMAIN IP [NS1] [NS2] [NS3] [..] [NS8] [RESTART]' +is_format_valid 'user' 'domain' 'ip' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" -is_domain_new 'dns' +is_domain_new 'dns' "$domain" is_package_full 'DNS_DOMAINS' - template=$(get_user_value '$DNS_TEMPLATE') -is_dns_template_valid +is_dns_template_valid $template if [ ! -z "$ns1" ]; then - ns1=$(echo $4 | sed -e 's/\.*$//g' -e 's/^\.*//g') - validate_format 'ns1' + ns1=$(echo $4 |sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns1' fi if [ ! -z "$ns2" ]; then - ns2=$(echo $5 | sed -e 's/\.*$//g' -e 's/^\.*//g') - validate_format 'ns2' + ns2=$(echo $5 |sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns2' fi - if [ ! -z "$ns3" ]; then - ns3=$(echo $6 | sed -e 's/\.*$//g' -e 's/^\.*//g') - validate_format 'ns3' + ns3=$(echo $6 |sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns3' fi if [ ! -z "$ns4" ]; then - ns4=$(echo $7 | sed -e 's/\.*$//g' -e 's/^\.*//g') - validate_format 'ns4' + ns4=$(echo $7 |sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns4' +fi +if [ ! -z "$ns5" ]; then + ns5=$(echo $8 |sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns5' +fi +if [ ! -z "$ns6" ]; then + ns6=$(echo $9 |sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns6' +fi +if [ ! -z "$ns7" ]; then + ns7=$(echo ${10} |sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns7' +fi +if [ ! -z "$ns8" ]; then + ns8=$(echo ${11} |sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns8' fi @@ -81,6 +100,7 @@ if [ -z $ns2 ]; then fi soa="$ns1" exp=$(date +%F -d "+ 1 year") +serial=$(date +'%Y%m%d01') ttl=14400 # Reading template @@ -88,13 +108,30 @@ template_data=$(cat $DNSTPL/$template.tpl) # Deleting unused nameservers if [ -z "$ns3" ]; then - template_data=$(echo "$template_data" | grep -v %ns3%) + template_data=$(echo "$template_data" |grep -v %ns3%) fi if [ -z "$ns4" ]; then - template_data=$(echo "$template_data" | grep -v %ns4%) + template_data=$(echo "$template_data" |grep -v %ns4%) +fi +if [ -z "$ns5" ]; then + template_data=$(echo "$template_data" |grep -v %ns5%) +fi +if [ -z "$ns6" ]; then + template_data=$(echo "$template_data" |grep -v %ns6%) +fi +if [ -z "$ns7" ]; then + template_data=$(echo "$template_data" |grep -v %ns7%) +fi +if [ -z "$ns8" ]; then + template_data=$(echo "$template_data" |grep -v %ns8%) fi -# Add dns zone to the user config +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + +# Adding dns zone to the user config echo "$template_data" |\ sed -e "s/%ip%/$ip/g" \ -e "s/%domain_idn%/$domain_idn/g" \ @@ -103,21 +140,25 @@ echo "$template_data" |\ -e "s/%ns2%/$ns2/g" \ -e "s/%ns3%/$ns3/g" \ -e "s/%ns4%/$ns4/g" \ - -e "s/%time%/$TIME/g" \ - -e "s/%date%/$DATE/g" > $USER_DATA/dns/$domain.conf + -e "s/%ns5%/$ns5/g" \ + -e "s/%ns6%/$ns6/g" \ + -e "s/%ns7%/$ns7/g" \ + -e "s/%ns8%/$ns8/g" \ + -e "s/%time%/$time/g" \ + -e "s/%date%/$date/g" > $USER_DATA/dns/$domain.conf chmod 660 $USER_DATA/dns/$domain.conf records="$(wc -l $USER_DATA/dns/$domain.conf |cut -f 1 -d ' ')" # Adding dns.conf record dns_rec="DOMAIN='$domain' IP='$ip' TPL='$template' TTL='$ttl' EXP='$exp'" -dns_rec="$dns_rec SOA='$soa' RECORDS='$records' SUSPENDED='no' TIME='$TIME'" -dns_rec="$dns_rec DATE='$DATE'" +dns_rec="$dns_rec SOA='$soa' SERIAL='$serial' SRC='' RECORDS='$records'" +dns_rec="$dns_rec SUSPENDED='no' TIME='$time' DATE='$date'" echo "$dns_rec" >> $USER_DATA/dns.conf chmod 660 $USER_DATA/dns.conf -# Create system configs +# Creating system configs if [[ "$DNS_SYSTEM" =~ named|bind ]]; then if [ -e '/etc/named.conf' ]; then dns_conf='/etc/named.conf' @@ -135,14 +176,14 @@ if [[ "$DNS_SYSTEM" =~ named|bind ]]; then # Updating domain dns zone update_domain_zone - # Set permissions - chmod 640 $conf - chown root:$dns_group $conf + # Changing permissions + chmod 640 $HOMEDIR/$user/conf/dns/$domain.db + chown root:$dns_group $HOMEDIR/$user/conf/dns/$domain.db fi # Updating dns-cluster queue if [ ! -z "$DNS_CLUSTER" ]; then - cmd="$BIN/v-add-remote-dns-domain $user $domain no" + cmd="$BIN/v-add-remote-dns-domain $user $domain yes" echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe fi @@ -156,15 +197,11 @@ increase_user_value "$user" '$U_DNS_DOMAINS' increase_user_value "$user" '$U_DNS_RECORDS' "$records" # Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-dns $restart +check_result $? "DNS restart failed" # Logging log_history "added dns domain $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-dns-on-web-alias b/bin/v-add-dns-on-web-alias index 762692130..705594f34 100755 --- a/bin/v-add-dns-on-web-alias +++ b/bin/v-add-dns-on-web-alias @@ -1,6 +1,6 @@ #!/bin/bash -# info: add dns domain or dns record based on web domain alias restart -# options: USER DOMAIN +# info: add dns domain or dns record after web domain alias +# options: USER ALIAS IP [RESTART] # # The function adds dns domain or dns record based on web domain alias. @@ -9,15 +9,11 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(echo $2 | sed -e 's/\.*$//g' -e 's/^\.*//g') -domain_idn=$(idn -t --quiet -a "$domain") -dom_alias=$(idn -t --quiet -u "$3" ) -dom_alias=$(echo $dom_alias | sed -e 's/\.*$//g' -e 's/^\.*//g') -dom_alias=$(echo $dom_alias | tr '[:upper:]' '[:lower:]') -dom_alias_idn=$(idn -t --quiet -a "$dom_alias" ) -restart="$4" +alias=$2 +ip=$3 +restart=$4 # Includes source $VESTA/func/main.sh @@ -29,58 +25,54 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# -check_args '3' "$#" 'USER DOMAIN ALIAS' -validate_format 'user' 'domain' -is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +check_args '3' "$#" 'USER ALIAS IP [RESTART]' +is_format_valid 'user' 'alias' 'ip' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" -is_object_valid 'web' 'DOMAIN' "$domain" -is_object_unsuspended 'web' 'DOMAIN' "$domain" +if [ -e "$USER_DATA/dns/$alias.conf" ]; then + exit +fi #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Parsing domain values -get_domain_values 'web' +# Logging +log_event "$OK" "$ARGUMENTS" -# Check if it a simple domain -if [ $(echo -e "${dom_alias//\./\n}" | wc -l) -le 2 ]; then - if [ ! -e "$USER_DATA/dns/$dom_alias.conf" ]; then - $BIN/v-add-dns-domain \ - $user $dom_alias $IP '' '' '' '' '' $restart > /dev/null - fi +# Define additional vars +sub_domain=$(echo "$alias" |awk -F '.' '{print $1}') +top_domain=$(echo "$alias" |sed -e "s/^$sub_domain.//") +domain_lvl=$(echo "$alias" |grep -o "\." |wc -l) + +# Adding second level domain +if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then + $BIN/v-add-dns-domain \ + $user $alias $ip '' '' '' '' '' '' '' '' $restart >> /dev/null + exit +fi + +# Adding top-level domain and then its sub +$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' '' '' '' $restart >> /dev/null + +# Checking top-level domain +if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then + exit +fi + +# Checking subdomain record +if [ "$sub_domain" == '*' ]; then + check_record=$(grep -w "RECORD='\*'" $USER_DATA/dns/$top_domain.conf) else - # Check subdomain - sub=$(echo "$dom_alias" | cut -f1 -d . -s) - dom=$(echo "$dom_alias" | sed -e "s/^$sub.//" ) + check_record=$(grep -w "RECORD='$sub_domain'" $USER_DATA/dns/$top_domain.conf) +fi - # Ignore short domains like co.uk, com.au and so on - if [ "${#dom}" -le '6' ]; then - exit - fi - - if [ ! -e "$USER_DATA/dns/$dom.conf" ]; then - $BIN/v-add-dns-domain \ - $user $dom $IP '' '' '' '' $restart > /dev/null - - if [ $? -eq 0 ]; then - $BIN/v-add-dns-record \ - $user $dom "$sub" A $IP '' '' $restart - fi - else - if [ "$sub" == '*' ]; then - rec=$(grep -w "RECORD='\*'" $USER_DATA/dns/$dom.conf) - else - rec=$(grep -w "RECORD='$sub'" $USER_DATA/dns/$dom.conf) - fi - if [ -z "$rec" ]; then - $BIN/v-add-dns-record \ - $user $dom "$sub" A $IP '' '' $restart > /dev/null - fi - fi +# Adding subdomain record +if [ -z "$check_record" ]; then + $BIN/v-add-dns-record \ + $user $top_domain "$sub_domain" A $ip '' '' $restart >> /dev/null fi @@ -88,6 +80,6 @@ fi # Vesta # #----------------------------------------------------------# -# No Logging +# No logging exit diff --git a/bin/v-add-dns-record b/bin/v-add-dns-record index f145007da..bbf8edd8b 100755 --- a/bin/v-add-dns-record +++ b/bin/v-add-dns-record @@ -12,11 +12,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 record=$(idn -t --quiet -u "$3" ) record=$(echo "$record" | tr '[:upper:]' '[:lower:]') rtype=$(echo "$4"| tr '[:lower:]' '[:upper:]') @@ -41,18 +40,31 @@ fi # Add trailing dot at the end of NS/CNAME/MX/PTR/SRV record if [[ $rtype =~ NS|CNAME|MX|PTR|SRV ]]; then trailing_dot=$(echo $dvalue | grep "\.$") - if [ -z $trailing_dot ]; then + if [ -z "$trailing_dot" ]; then dvalue="$dvalue." fi fi +if [ $rtype != "CAA" ]; then + dvalue=${dvalue//\"/} + + if [[ "$dvalue" =~ [\;[:space:]] ]]; then + dvalue='"'"$dvalue"'"' + fi +fi + +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '5' "$#" 'USER DOMAIN RECORD TYPE VALUE [PRIORITY] [ID] [RESTART]' -validate_format 'user' 'domain' 'record' 'rtype' 'dvalue' +is_format_valid 'user' 'domain' 'record' 'rtype' 'dvalue' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -60,7 +72,7 @@ is_object_valid 'dns' 'DOMAIN' "$domain" is_object_unsuspended 'dns' 'DOMAIN' "$domain" is_package_full 'DNS_RECORDS' get_next_dnsrecord -validate_format 'id' +is_format_valid 'id' is_object_new "dns/$domain" 'ID' "$id" is_dns_fqnd "$rtype" "$dvalue" is_dns_nameserver_valid "$domain" "$rtype" "$dvalue" @@ -70,10 +82,15 @@ is_dns_nameserver_valid "$domain" "$rtype" "$dvalue" # Action # #----------------------------------------------------------# +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Adding record zone="$USER_DATA/dns/$domain.conf" dns_rec="ID='$id' RECORD='$record' TYPE='$rtype' PRIORITY='$priority'" -dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" +dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$time' DATE='$date'" echo "$dns_rec" >> $zone chmod 660 $zone @@ -82,6 +99,7 @@ sort_dns_records # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -100,21 +118,17 @@ fi # Vesta # #----------------------------------------------------------# -# Upddate counters +# Update counters records="$(wc -l $USER_DATA/dns/$domain.conf | cut -f1 -d ' ')" update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records" increase_user_value "$user" '$U_DNS_RECORDS' # Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-dns $restart +check_result $? $E_RESTART 'dns failed to restart' # Logging log_history "added $rtype dns record $record for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-domain b/bin/v-add-domain index cf0e22abe..e383481a6 100755 --- a/bin/v-add-domain +++ b/bin/v-add-domain @@ -25,9 +25,9 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [IP] [RESTART]' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' if [ ! -z "$ip" ] ; then - validate_format 'ip' + is_format_valid 'ip' fi is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -39,50 +39,43 @@ is_object_unsuspended 'user' 'USER' "$user" # Get ip if it wasn't defined if [ -z "$ip" ]; then - ip=$(get_user_ip $user) + get_user_ip if [ -z "$ip" ]; then - echo "Error: no avaiable IP address" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + check_result $E_NOTEXIST "no avaiable IP address" fi fi -# Web domain +# Working on web domain if [ ! -z "$WEB_SYSTEM" ]; then $BIN/v-add-web-domain $user $domain $ip 'no' - return_code=$? + check_result $? "can't add web domain" >/dev/null fi -# Proxy support -if [ ! -z "$PROXY_SYSTEM" ] && [ "$return_code" -eq 0 ]; then - extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls" - extentions="$extentions,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav" - extentions="$extentions,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm" - $BIN/v-add-web-domain-proxy $user $domain 'default' "$extentions" 'no' +# Working on DNS domain +if [ ! -z "$DNS_SYSTEM" ]; then + $BIN/v-add-dns-domain $user $domain $ip "" "" "" "" "" '' '' '' 'no' + check_result $? "can't add dns domain" >/dev/null fi -# DNS domain -if [ ! -z "$DNS_SYSTEM" ] && [ "$return_code" -eq 0 ]; then - $BIN/v-add-dns-domain $user $domain $ip 'no' - return_code=$? -fi - -# Mail domain -if [ ! -z "$MAIL_SYSTEM" ] && [ "$return_code" -eq 0 ]; then +# Working on mail domain +if [ ! -z "$MAIL_SYSTEM" ]; then $BIN/v-add-mail-domain $user $domain - return_code=$? + check_result $? "can't add mail domain" >/dev/null fi -# Restart services -if [ "$restart" != 'no' ] && [ "$return_code" -eq 0 ]; then - $BIN/v-restart-web - $BIN/v-restart-proxy - $BIN/v-restart-dns -fi +# Restarting services +$BIN/v-restart-web $restart +check_result $? "can't restart web" > /dev/null + +$BIN/v-restart-proxy $restart +check_result $? "can't restart proxy" > /dev/null + +$BIN/v-restart-dns $restart +check_result $? "can't restart dns" > /dev/null #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# -exit $return_code +exit diff --git a/bin/v-add-firewall-ban b/bin/v-add-firewall-ban index 26dc6cbc3..a1eed13eb 100755 --- a/bin/v-add-firewall-ban +++ b/bin/v-add-firewall-ban @@ -12,7 +12,7 @@ # Importing system variables source /etc/profile -# Argument defenition +# Argument definition ip=$1 chain=$(echo $2|tr '[:lower:]' '[:upper:]') @@ -29,7 +29,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'IP CHAIN' -validate_format 'ip' 'chain' +is_format_valid 'ip' 'chain' is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' @@ -59,8 +59,13 @@ fi # Adding chain $BIN/v-add-firewall-chain $chain +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Adding ip to banlist -echo "IP='$ip' CHAIN='$chain' TIME='$TIME' DATE='$DATE'" >> $conf +echo "IP='$ip' CHAIN='$chain' TIME='$time' DATE='$date'" >> $conf $iptables -I fail2ban-$chain 1 -s $ip \ -j REJECT --reject-with icmp-port-unreachable 2>/dev/null @@ -73,6 +78,6 @@ chmod 660 $conf #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-firewall-chain b/bin/v-add-firewall-chain index 194602caa..0bac12da7 100755 --- a/bin/v-add-firewall-chain +++ b/bin/v-add-firewall-chain @@ -12,7 +12,7 @@ # Importing system variables source /etc/profile -# Argument defenition +# Argument definition chain=$(echo $1 | tr '[:lower:]' '[:upper:]') port=$2 protocol=${4-TCP} @@ -21,6 +21,12 @@ protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]') # Defining absolute path to iptables iptables="/sbin/iptables" +# Get vesta port by reading nginx.conf +vestaport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||") +if [ -z "$vestaport" ]; then + vestaport=8083 +fi + # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf @@ -31,7 +37,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'CHAIN [PORT] [PROTOCOL]' -validate_format 'chain' +is_format_valid 'chain' is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' @@ -41,13 +47,19 @@ is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' # Checking known chains case $chain in - SSH) port=22; protocol=TCP ;; + SSH) # Get ssh port by reading ssh config file. + sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2) + if [ -z "$sshport" ]; then + sshport=22 + fi + port=$sshport; + protocol=TCP ;; FTP) port=21; protocol=TCP ;; MAIL) port='25,465,587,2525,110,995,143,993'; protocol=TCP ;; DNS) port=53; protocol=UDP ;; WEB) port='80,443'; protocol=TCP ;; DB) port='3306,5432'; protocol=TCP ;; - VESTA) port=8083; protocol=TCP ;; + VESTA) port=$vestaport; protocol=TCP ;; *) check_args '2' "$#" 'CHAIN PORT' ;; esac @@ -81,6 +93,6 @@ chmod 660 $chains #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-firewall-rule b/bin/v-add-firewall-rule index 126f62b49..6fb867d36 100755 --- a/bin/v-add-firewall-rule +++ b/bin/v-add-firewall-rule @@ -12,7 +12,7 @@ # Importing system variables source /etc/profile -# Argument defenition +# Argument definition action=$(echo $1|tr '[:lower:]' '[:upper:]') ip=$2 port_ext=$3 @@ -47,13 +47,13 @@ sort_fw_rules() { #----------------------------------------------------------# check_args '3' "$#" 'ACTION IP PORT [PROTOCOL] [COMMENT] [RULE]' -validate_format 'action' 'protocol' 'port_ext' 'ip' +is_format_valid 'action' 'protocol' 'port_ext' 'ip' is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' get_next_fw_rule -validate_format 'rule' +is_format_valid 'rule' is_object_new '../../data/firewall/rules' 'RULE' "$rule" -if [ ! -z "$comment"]; then - validate_format 'comment' +if [ ! -z "$comment" ]; then + is_format_valid 'comment' fi @@ -61,10 +61,15 @@ fi # Action # #----------------------------------------------------------# +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Concatenating rule str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'" str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'" -str="$str TIME='$TIME' DATE='$DATE'" +str="$str TIME='$time' DATE='$date'" # Adding to config echo "$str" >> $VESTA/data/firewall/rules.conf @@ -84,6 +89,6 @@ $BIN/v-update-firewall #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-fs-archive b/bin/v-add-fs-archive new file mode 100755 index 000000000..20052b0f8 --- /dev/null +++ b/bin/v-add-fs-archive @@ -0,0 +1,76 @@ +#!/bin/bash +# info: archive directory +# options: USER ARCHIVE SOURCE +# +# The function creates tar archive + +user=$1 +archive=$2 +src0=$3 + +# Checking arguments +if [ -z "$src0" ]; then + echo "Usage: USER ARCHIVE FILE [FILE_2] [FILE_3] [FILE ...]" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd |cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking archive +if [ -e "$archive" ]; then + echo "Error: archive already exist $archive" + exit 1 +fi + +# Checking source path +IFS=$'\n' +i=1 +for src in $*; do + if [ "$i" -gt 2 ]; then + rpath=$(readlink -f "$src") + if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid source path $src" + exit 1 + fi + fi + ((i++)) +done + +i=1 +for src in $*; do + if [ "$i" -gt 2 ]; then + # Deleting leading home path + src=$(echo "$src"| sed -e "s|/home/$user/||") + + # Creating tar.gz archive + sudo -u $user tar -rf "${archive/.gz/}" -C /home/$user $src >\ + /dev/null 2>&1 + if [ "$?" -ne 0 ]; then + echo "Error: archive $archive was not created" + exit 3 + fi + fi + ((i++)) +done + +# Checking gzip +if [[ "$archive" =~ \.gz$ ]]; then + sudo -u $user gzip "${archive/.gz/}" >/dev/null 2>&1 + if [ "$?" -ne 0 ]; then + echo "Error: archive $archive was not gziped" + exit 3 + fi +fi + +exit diff --git a/bin/v-add-fs-directory b/bin/v-add-fs-directory new file mode 100755 index 000000000..e507edf5a --- /dev/null +++ b/bin/v-add-fs-directory @@ -0,0 +1,44 @@ +#!/bin/bash +# info: add directory +# options: USER DIRECTORY +# +# The function creates new directory on the file system + +user=$1 +dst_dir=$2 + +# Checking arguments +if [ -z "$dst_dir" ]; then + echo "Usage: USER DIRECTORY" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking destination path +rpath=$(readlink -f "$dst_dir") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid destination path $dst_dir" + exit 2 +fi + +# Adding directory +sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: directory $dst_dir was not created" + exit 3 +fi + +# Extiging +exit diff --git a/bin/v-add-fs-file b/bin/v-add-fs-file new file mode 100755 index 000000000..cc1621ccc --- /dev/null +++ b/bin/v-add-fs-file @@ -0,0 +1,44 @@ +#!/bin/bash +# info: add file +# options: USER FILE +# +# The function creates new files on file system + +user=$1 +dst_file=$2 + +# Checking arguments +if [ -z "$dst_file" ]; then + echo "Usage: USER FILE" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking destination path +rpath=$(readlink -f "$dst_file") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid destination path $dst_dir" + exit 2 +fi + +# Creating file +sudo -u $user touch "$dst_file" >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: file $dst_file was not created" + exit 3 +fi + +# Exiting +exit diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain new file mode 100755 index 000000000..fdd89fed3 --- /dev/null +++ b/bin/v-add-letsencrypt-domain @@ -0,0 +1,399 @@ +#!/bin/bash +# info: check letsencrypt domain +# options: USER DOMAIN [ALIASES] +# +# The function check and validates domain with Let's Encript + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +aliases=$3 + +# LE API +API='https://acme-v02.api.letsencrypt.org' + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + +# Additional argument formatting +format_identifier_idn() { + identifier_idn=$identifier + if [[ "$identifier_idn" = *[![:ascii:]]* ]]; then + identifier_idn=$(idn -t --quiet -a $identifier_idn) + fi +} + +# encode base64 +encode_base64() { + cat |base64 |tr '+/' '-_' |tr -d '\r\n=' +} + +# Let's Encrypt v2 curl function +query_le_v2() { + + protected='{"nonce": "'$3'",' + protected=''$protected' "url": "'$1'",' + protected=''$protected' "alg": "RS256", "kid": "'$KID'"}' + content="Content-Type: application/jose+json" + + payload_=$(echo -n "$2" |encode_base64) + protected_=$(echo -n "$protected" |encode_base64) + signature_=$(printf "%s" "$protected_.$payload_" |\ + openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\ + encode_base64) + + post_data='{"protected":"'"$protected_"'",' + post_data=$post_data'"payload":"'"$payload_"'",' + post_data=$post_data'"signature":"'"$signature_"'"}' + + # Save http response to file passed as "$4" arg or print to stdout if not provided + # http response headers are always sent to stdout + local save_to_file=${4:-"/dev/stdout"} + curl --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file" +} + + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN [ALIASES]' +is_format_valid 'user' 'domain' 'aliases' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" +get_domain_values 'web' + +echo "-----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt.log +echo "[$(date)] : v-add-letsencrypt-domain $domain [$aliases]" >> /usr/local/vesta/log/letsencrypt.log + +# check if alias is the letsencrypt wildcard domain, if not, make the normal checks +if [[ "$aliases" != "*.$domain" ]]; then + for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do + check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)" + if [ -z "$check_alias" ]; then + echo "[$(date)] : EXIT=domain alias $alias doesn't exist" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_NOTEXIST "domain alias $alias doesn't exist" + fi + done +fi; + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Registering LetsEncrypt user account +echo "[$(date)] : v-add-letsencrypt-user $user" >> /usr/local/vesta/log/letsencrypt.log +$BIN/v-add-letsencrypt-user $user +echo "[$(date)] : result: $?" >> /usr/local/vesta/log/letsencrypt.log +if [ "$?" -ne 0 ]; then + touch $VESTA/data/queue/letsencrypt.pipe + sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe + send_notice "LETSENCRYPT" "Account registration failed" + echo "[$(date)] : EXIT=LE account registration" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_CONNECT "LE account registration" >/dev/null +fi + +# Parsing LetsEncrypt account data +source $USER_DATA/ssl/le.conf + +# Checking wildcard alias +if [ "$aliases" = "*.$domain" ]; then + echo "[$(date)] : Checking wildcard alias" >> /usr/local/vesta/log/letsencrypt.log + wildcard='yes' + proto="dns-01" + if [ ! -e "$VESTA/data/users/$user/dns/$domain.conf" ]; then + echo "[$(date)] : EXIT=DNS domain $domain doesn't exist" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_NOTEXIST "DNS domain $domain doesn't exist" + fi +else + proto="http-01" +fi + +# Requesting nonce / STEP 1 +echo "[$(date)] : --- Requesting nonce / STEP 1 ---" >> /usr/local/vesta/log/letsencrypt.log +echo "[$(date)] : curl -s -I \"$API/directory\"" >> /usr/local/vesta/log/letsencrypt.log +answer=$(curl -s -I "$API/directory") +echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log +nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') +echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log +status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') +echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log +if [[ "$status" -ne 200 ]]; then + echo "[$(date)] : EXIT=Let's Encrypt nonce request status $status" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_CONNECT "Let's Encrypt nonce request status $status" +fi + +# Placing new order / STEP 2 +echo "[$(date)] : --- Placing new order / STEP 2 ---" >> /usr/local/vesta/log/letsencrypt.log +url="$API/acme/new-order" +payload='{"identifiers":[' +for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do + format_identifier_idn + payload=$payload'{"type":"dns","value":"'$identifier_idn'"},' +done +payload=$(echo "$payload"|sed "s/,$//") +payload=$payload']}' +echo "[$(date)] : payload=$payload" >> /usr/local/vesta/log/letsencrypt.log +echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log +answer=$(query_le_v2 "$url" "$payload" "$nonce") +echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log +nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') +echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log +authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"') +echo "[$(date)] : authz=$authz" >> /usr/local/vesta/log/letsencrypt.log +finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"') +echo "[$(date)] : finalize=$finalize" >> /usr/local/vesta/log/letsencrypt.log +status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ') +echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log +if [[ "$status" -ne 201 ]]; then + echo "[$(date)] : EXIT=Let's Encrypt new auth status $status" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_CONNECT "Let's Encrypt new auth status $status" +fi + +# Requesting authorization token / STEP 3 +echo "[$(date)] : --- Requesting authorization token / STEP 3 ---" >> /usr/local/vesta/log/letsencrypt.log +for auth in $authz; do + payload='' + echo "[$(date)] : for auth=$auth" >> /usr/local/vesta/log/letsencrypt.log + echo "[$(date)] : query_le_v2 \"$auth\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log + answer=$(query_le_v2 "$auth" "$payload" "$nonce") + echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log + url=$(echo "$answer" |grep -A3 $proto |grep '"url"' |cut -f 4 -d \") + echo "[$(date)] : url=$url" >> /usr/local/vesta/log/letsencrypt.log + token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \") + echo "[$(date)] : token=$token" >> /usr/local/vesta/log/letsencrypt.log + nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') + echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log + status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') + echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log + if [[ "$status" -ne 200 ]]; then + echo "[$(date)] : EXIT=Let's Encrypt acme/authz bad status $status" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status" + fi + + # Configuring challenge / STEP 4 + echo "[$(date)] : --- Configuring challenge / STEP 4 ---" >> /usr/local/vesta/log/letsencrypt.log + echo "[$(date)] : wildcard=$wildcard" >> /usr/local/vesta/log/letsencrypt.log + if [ "$wildcard" = 'yes' ]; then + record=$(printf "%s" "$token.$THUMB" |\ + openssl dgst -sha256 -binary |encode_base64) + old_records=$($BIN/v-list-dns-records $user $domain plain|grep 'TXT') + old_records=$(echo "$old_records" |grep _acme-challenge |cut -f 1) + for old_record in $old_records; do + $BIN/v-delete-dns-record "$user" "$domain" "$old_record" + done + $BIN/v-add-dns-record "$user" "$domain" "_acme-challenge" "TXT" "$record" + exitstatus=$? + echo "[$(date)] : v-add-dns-record \"$user\" \"$domain\" \"_acme-challenge\" \"TXT\" \"$record\"" >> /usr/local/vesta/log/letsencrypt.log + if [ "$exitstatus" -ne 0 ]; then + echo "[$(date)] : EXIT=DNS _acme-challenge record wasn't created" >> /usr/local/vesta/log/letsencrypt.log + fi + check_result $exitstatus "DNS _acme-challenge record wasn't created" + else + if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then + if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then + # if vesta is behind main nginx + well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known" + acme_challenge="$well_known/acme-challenge" + mkdir -p $acme_challenge + echo "$token.$THUMB" > $acme_challenge/$token + echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log + chown -R $user:$user $well_known + else + # default nginx method + conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt" + sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt" + # if [ ! -e "$conf" ]; then + echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \ + > $conf + echo ' default_type text/plain;' >> $conf + echo ' return 200 "$1.'$THUMB'";' >> $conf + echo '}' >> $conf + # fi + echo "[$(date)] : in $conf we put: $THUMB" >> /usr/local/vesta/log/letsencrypt.log + if [ ! -e "$sconf" ]; then + ln -s "$conf" "$sconf" + fi + echo "[$(date)] : v-restart-proxy" >> /usr/local/vesta/log/letsencrypt.log + $BIN/v-restart-proxy + if [ -z "$PROXY_SYSTEM" ]; then + # apache-less variant + echo "[$(date)] : v-restart-web" >> /usr/local/vesta/log/letsencrypt.log + $BIN/v-restart-web + fi + exitstatus=$? + if [ "$exitstatus" -ne 0 ]; then + echo "[$(date)] : EXIT=Proxy restart failed = $exitstatus" >> /usr/local/vesta/log/letsencrypt.log + fi + check_result $exitstatus "Proxy restart failed" >/dev/null + fi + else + well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known" + acme_challenge="$well_known/acme-challenge" + mkdir -p $acme_challenge + echo "$token.$THUMB" > $acme_challenge/$token + chown -R $user:$user $well_known + echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log + # $BIN/v-restart-web + # check_result $? "Web restart failed" >/dev/null + fi + fi + + # Requesting ACME validation / STEP 5 + echo "[$(date)] : --- Requesting ACME validation / STEP 5 ---" >> /usr/local/vesta/log/letsencrypt.log + validation_check=$(echo "$answer" |grep '"valid"') + echo "[$(date)] : validation_check=$validation_check" >> /usr/local/vesta/log/letsencrypt.log + if [[ ! -z "$validation_check" ]]; then + validation='valid' + else + validation='pending' + fi + + # Doing pol check on status + i=1 + while [ "$validation" = 'pending' ]; do + echo "[$(date)] : - Doing pol check on status" >> /usr/local/vesta/log/letsencrypt.log + payload='{}' + echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log + answer=$(query_le_v2 "$url" "$payload" "$nonce") + echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log + validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \") + echo "[$(date)] : validation=$validation" >> /usr/local/vesta/log/letsencrypt.log + nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') + echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log + status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') + echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log + if [[ "$status" -ne 200 ]]; then + echo "[$(date)] : EXIT=Let's Encrypt validation status $status" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_CONNECT "Let's Encrypt validation status $status" + fi + + i=$((i + 1)) + if [ "$i" -gt 10 ]; then + echo "[$(date)] : EXIT=Let's Encrypt domain validation timeout" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_CONNECT "Let's Encrypt domain validation timeout" + fi + sleeping=$((i*2)) + echo "[$(date)] : sleep $sleeping (i=$i)" >> /usr/local/vesta/log/letsencrypt.log + sleep $sleeping + done + if [ "$validation" = 'invalid' ]; then + echo "[$(date)] : EXIT=Let's Encrypt domain verification failed" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_CONNECT "Let's Encrypt domain verification failed" + fi +done + + +# Generating new ssl certificate +ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\ + "San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}') + +# Sending CSR to finalize order / STEP 6 +echo "[$(date)] : --- Sending CSR to finalize order / STEP 6 ---" >> /usr/local/vesta/log/letsencrypt.log + +csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64) +payload='{"csr":"'$csr'"}' +echo "[$(date)] : query_le_v2 \"$finalize\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log +answer=$(query_le_v2 "$finalize" "$payload" "$nonce") +echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log +nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n') +echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log +status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') +echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log +certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"') +echo "[$(date)] : certificate=$certificate" >> /usr/local/vesta/log/letsencrypt.log +if [[ "$status" -ne 200 ]]; then + echo "[$(date)] : EXIT=Let's Encrypt finalize bad status $status" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_CONNECT "Let's Encrypt finalize bad status $status" +fi + +# Downloading signed certificate / STEP 7 +echo "[$(date)] : --- Downloading signed certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log +echo "[$(date)] : query_le_v2 \"$certificate\" \"\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log +answer=$(query_le_v2 "$certificate" "" "$nonce" "$ssl_dir/$domain.pem") +echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log +status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ') +echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log +if [[ "$status" -ne 200 ]]; then + [ -d "$ssl_dir" ] && rm -rf "$ssl_dir" + echo "[$(date)] : EXIT=Let's Encrypt downloading signed cert failed status: $status" >> /usr/local/vesta/log/letsencrypt.log + check_result $E_NOTEXIST "Let's Encrypt downloading signed cert failed status: $status" +fi + +# Splitting up downloaded pem +# echo "[$(date)] : - Splitting up downloaded pem" >> /usr/local/vesta/log/letsencrypt.log +crt_end=$(grep -n 'END CERTIFICATE' $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:) +# echo "[$(date)] : crt_end=$crt_end" >> /usr/local/vesta/log/letsencrypt.log +head -n $crt_end $ssl_dir/$domain.pem > $ssl_dir/$domain.crt + +pem_lines=$(wc -l $ssl_dir/$domain.pem |cut -f 1 -d ' ') +# echo "[$(date)] : pem_lines=$pem_lines" >> /usr/local/vesta/log/letsencrypt.log +ca_end=$(grep -n 'BEGIN CERTIFICATE' $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :) +# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log +ca_end=$(( pem_lines - crt_end + 1 )) +# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log +tail -n $ca_end $ssl_dir/$domain.pem > $ssl_dir/$domain.ca + +# Temporary fix for double "END CERTIFICATE" +if [[ $(head -n 1 $ssl_dir/$domain.ca) = "-----END CERTIFICATE-----" ]]; then + sed -i '1,2d' $ssl_dir/$domain.ca +fi + +# Adding SSL +ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME') +$BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1 +echo "[$(date)] : v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home" >> /usr/local/vesta/log/letsencrypt.log +$BIN/v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home +exitstatus=$? +echo "[$(date)] : v-add-web-domain-ssl status: $exitstatus" >> /usr/local/vesta/log/letsencrypt.log +if [ "$exitstatus" -ne '0' ]; then + touch $VESTA/data/queue/letsencrypt.pipe + sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe + echo "[$(date)] : EXIT=$domain certificate installation failed" >> /usr/local/vesta/log/letsencrypt.log + send_notice 'LETSENCRYPT' "$domain certificate installation failed" + check_result $exitstatus "SSL install" >/dev/null +fi + +# Adding LE autorenew cronjob +if [ -z "$(grep v-update-lets $VESTA/data/users/admin/cron.conf)" ]; then + min=$(generate_password '012345' '2') + hour=$(generate_password '1234567' '1') + cmd="sudo $BIN/v-update-letsencrypt-ssl" + $BIN/v-add-cron-job admin "$min" "$hour" '*' '*' '*' "$cmd" > /dev/null +fi + +# Updating letsencrypt key +if [ -z "$LETSENCRYPT" ]; then + add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'FTP_USER' +fi +update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' + +reset_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT' + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Deleteing task from queue +touch $VESTA/data/queue/letsencrypt.pipe +sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe + +# Notifying user +send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully" +echo "[$(date)] : EXIT=***** $domain SSL has been installed successfully *****" >> /usr/local/vesta/log/letsencrypt.log + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user new file mode 100755 index 000000000..11aec113b --- /dev/null +++ b/bin/v-add-letsencrypt-user @@ -0,0 +1,141 @@ +#!/bin/bash +# info: register letsencrypt user account +# options: USER +# +# The function creates and register LetsEncript account + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 + +# LE API +API='https://acme-v02.api.letsencrypt.org' + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +# encode base64 +encode_base64() { + cat |base64 |tr '+/' '-_' |tr -d '\r\n=' +} + +# Let's Encrypt v2 curl function +query_le_v2() { + protected='{"nonce": "'$3'",' + protected=''$protected' "url": "'$1'",' + protected=''$protected' "alg": "RS256", "jwk": '$jwk'}' + content="Content-Type: application/jose+json" + + payload_=$(echo -n "$2" |encode_base64) + protected_=$(echo -n "$protected" |encode_base64) + signature_=$(printf "%s" "$protected_.$payload_" |\ + openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\ + encode_base64) + + post_data='{"protected":"'"$protected_"'",' + post_data=$post_data'"payload":"'"$payload_"'",' + post_data=$post_data'"signature":"'"$signature_"'"}' + + curl -s -i -d "$post_data" "$1" -H "$content" +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '1' "$#" 'USER' +is_format_valid 'user' +is_object_valid 'user' 'USER' "$user" +if [ -e "$USER_DATA/ssl/le.conf" ]; then + source "$USER_DATA/ssl/le.conf" +fi +if [ ! -z "$KID" ]; then + exit +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + + +# Defining user email +if [[ -z "$EMAIL" ]]; then + EMAIL=$(get_user_value '$CONTACT') +fi + +# Defining user agreement +agreement='' + +# Generating user key +KEY="$USER_DATA/ssl/user.key" +if [ ! -e "$KEY" ]; then + openssl genrsa -out $KEY 4096 >/dev/null 2>&1 + chmod 600 $KEY +fi + +# Defining key exponent +if [ -z "$EXPONENT" ]; then + EXPONENT=$(openssl pkey -inform pem -in "$KEY" -noout -text_pub |\ + grep Exponent: |cut -f 2 -d '(' |cut -f 1 -d ')' |sed -e 's/x//' |\ + xxd -r -p |encode_base64) +fi + +# Defining key modulus +if [ -z "$MODULUS" ]; then + MODULUS=$(openssl rsa -in "$KEY" -modulus -noout |\ + sed -e 's/^Modulus=//' |xxd -r -p |encode_base64) +fi + +# Defining JWK +jwk='{"e":"'$EXPONENT'","kty":"RSA","n":"'"$MODULUS"'"}' + +# Defining key thumbnail +if [ -z "$THUMB" ]; then + THUMB="$(echo -n "$jwk" |openssl dgst -sha256 -binary |encode_base64)" +fi + + +# Requesting ACME nonce +nonce=$(curl -s -I "$API/directory" |grep -i nonce |cut -f2 -d\ |tr -d '\r\n') + +# Creating ACME account +url="$API/acme/new-acct" +payload='{"termsOfServiceAgreed": true}' +answer=$(query_le_v2 "$url" "$payload" "$nonce") +kid=$(echo "$answer" |grep -i location: |cut -f2 -d ' '|tr -d '\r') + +# Checking answer status +status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ') +if [[ "${status:0:2}" -ne "20" ]]; then + check_result $E_CONNECT "Let's Encrypt acc registration failed $status" +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Adding le.conf +if [ ! -e "$USER_DATA/ssl/le.conf" ]; then + echo "EXPONENT='$EXPONENT'" > $USER_DATA/ssl/le.conf + echo "MODULUS='$MODULUS'" >> $USER_DATA/ssl/le.conf + echo "THUMB='$THUMB'" >> $USER_DATA/ssl/le.conf + echo "EMAIL='$EMAIL'" >> $USER_DATA/ssl/le.conf + echo "KID='$kid'" >> $USER_DATA/ssl/le.conf + chmod 660 $USER_DATA/ssl/le.conf +else + sed -i '/^KID=/d' $USER_DATA/ssl/le.conf + echo "KID='$kid'" >> $USER_DATA/ssl/le.conf +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-mail-account b/bin/v-add-mail-account index aebc1eddf..44925680f 100755 --- a/bin/v-add-mail-account +++ b/bin/v-add-mail-account @@ -9,23 +9,22 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") -account=$(echo $3 | tr '[:upper:]' '[:lower:]') -password=$4 -quota=${5-0} +domain=$2 +account=$3 +password=$4; HIDE=4 +quota=${5-unlimited} # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf -# Hiding password -A4='******' -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" +# Additional argument formatting +if [[ "$account" =~ [[:upper:]] ]]; then + account=$(echo "$account" |tr '[:upper:]' '[:lower:]') +fi #----------------------------------------------------------# @@ -33,7 +32,10 @@ EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ACCOUNT PASSWORD [QUOTA]' -validate_format 'user' 'domain' 'account' 'password' 'quota' +is_format_valid 'user' 'domain' 'account' +if [ "$quota" != 'unlimited' ]; then + is_format_valid 'quota' +fi is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -41,19 +43,22 @@ is_object_valid 'mail' 'DOMAIN' "$domain" is_object_unsuspended 'mail' 'DOMAIN' "$domain" is_package_full 'MAIL_ACCOUNTS' is_mail_new "$account" +is_password_valid #----------------------------------------------------------# # Action # #----------------------------------------------------------# -if [ -x '/usr/bin/doveadm' ]; then - md5=$(/usr/bin/doveadm pw -s md5 -p "$password") -else - md5=$(/usr/sbin/dovecotpw -s md5 -p "$password") -fi +# Generating hashed password +salt=$(generate_password "$PW_MATRIX" "8") +md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)" +# Adding account info into password file if [[ "$MAIL_SYSTEM" =~ exim ]]; then + if [ "$quota" = 'unlimited' ]; then + quota='0' + fi str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota" echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd fi @@ -63,9 +68,18 @@ fi # Vesta # #----------------------------------------------------------# -str="ACCOUNT='$account' ALIAS='' QUOTA='$quota' AUTOREPLY='no' FWD=''" -str="$str FWD_ONLY='' MD5='$md5' U_DISK='0' SUSPENDED='no' TIME='$TIME'" -str="$str DATE='$DATE'" +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + +if [[ "$quota" -eq '0' ]]; then + quota='unlimited' +fi + +str="ACCOUNT='$account' ALIAS='' AUTOREPLY='no' FWD='' FWD_ONLY=''" +str="$str MD5='$md5' QUOTA='$quota' U_DISK='0' SUSPENDED='no'" +str="$str TIME='$time' DATE='$date'" echo "$str" >> $USER_DATA/mail/$domain.conf chmod 660 $USER_DATA/mail/$domain.conf @@ -76,6 +90,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$ACCOUNTS' "$accounts" # Logging log_history "added mail account $account@$domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-mail-account-alias b/bin/v-add-mail-account-alias index 9447bfb92..7c28f88d6 100755 --- a/bin/v-add-mail-account-alias +++ b/bin/v-add-mail-account-alias @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 malias=$4 @@ -22,13 +21,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ACCOUNT ALIAS' -validate_format 'user' 'domain' 'account' 'malias' +is_format_valid 'user' 'domain' 'account' 'malias' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -45,7 +49,7 @@ is_mail_new "$malias" # Adding exim alias if [[ "$MAIL_SYSTEM" =~ exim ]]; then - str="$malias@$domain:$account@$domain" + str="$malias@$domain_idn:$account@$domain_idn" echo "$str" >> $HOMEDIR/$user/conf/mail/$domain/aliases fi @@ -65,6 +69,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$ALIAS' "$aliases" # Logging log_history "added alias $malias to $account@$domain " -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-mail-account-autoreply b/bin/v-add-mail-account-autoreply index f04e9ed93..86c8cf110 100755 --- a/bin/v-add-mail-account-autoreply +++ b/bin/v-add-mail-account-autoreply @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 autoreply=$4 @@ -29,13 +28,18 @@ else MAIL_USER=exim fi +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ACCOUNT MESSAGE' -validate_format 'user' 'domain' 'account' 'autoreply' +is_format_valid 'user' 'domain' 'account' 'autoreply' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -70,6 +74,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$AUTOREPLY' 'yes' # Logging log_history "added autoreply message on $account@$domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-mail-account-forward b/bin/v-add-mail-account-forward index ba1f3de10..2e25d158d 100755 --- a/bin/v-add-mail-account-forward +++ b/bin/v-add-mail-account-forward @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 forward=$4 @@ -22,13 +21,17 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ACCOUNT FORWARD' -validate_format 'user' 'domain' 'account' 'forward' +is_format_valid 'user' 'domain' 'account' 'forward' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -39,7 +42,7 @@ is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" fwd=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD') if [ ! -z "$(echo $fwd | grep -w $forward)" ]; then echo "Error: forward $forward exists" - log_event "$E_EXISTS $EVENT" + log_event "$E_EXISTS $ARGUMENTS" exit $E_EXISTS fi @@ -57,8 +60,8 @@ fi # Adding forward to exim if [[ "$MAIL_SYSTEM" =~ exim ]]; then - sed -i "/^$account@$domain:/ d" $HOMEDIR/$user/conf/mail/$domain/aliases - echo "$account@$domain:$fwd" >> $HOMEDIR/$user/conf/mail/$domain/aliases + sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/aliases + echo "$account@$domain_idn:$fwd" >> $HOMEDIR/$user/conf/mail/$domain/aliases fi @@ -71,6 +74,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD' "$fwd" # Logging log_history "added forwarding from $account@$domain to $forward" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-mail-account-fwd-only b/bin/v-add-mail-account-fwd-only index 303ab79f6..9a62805c8 100755 --- a/bin/v-add-mail-account-fwd-only +++ b/bin/v-add-mail-account-fwd-only @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 # Includes @@ -28,13 +27,18 @@ else MAIL_USER=exim fi +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ACCOUNT' -validate_format 'user' 'domain' 'account' +is_format_valid 'user' 'domain' 'account' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -45,7 +49,7 @@ is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" fwd=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD') if [ -z "$fwd" ]; then echo "Error: forward doesn't exist" - log_event "$E_NOTEXIST $EVENT" + log_event "$E_NOTEXIST $ARGUMENTS" exit $E_NOTEXIST fi @@ -56,7 +60,7 @@ fi # Adding account to fwd_only if [[ "$MAIL_SYSTEM" =~ exim ]]; then - echo "$account" > $HOMEDIR/$user/conf/mail/$domain/fwd_only + echo "$account" >> $HOMEDIR/$user/conf/mail/$domain/fwd_only chown -R $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/fwd_only fi @@ -71,6 +75,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD_ONLY' "yes" # Logging log_history "added fwd_only flag for $account@$domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-mail-domain b/bin/v-add-mail-domain index 8c6ce2804..6681035ff 100755 --- a/bin/v-add-mail-domain +++ b/bin/v-add-mail-domain @@ -9,12 +9,9 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | sed -e 's/\.*$//g' -e 's/^\.*//g') -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 antispam=${3-yes} antivirus=${4-yes} dkim=${5-yes} @@ -32,28 +29,38 @@ else MAIL_USER=exim fi +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [ANTISPAM] [ANTIVIRUS] [DKIM] [DKIM_SIZE]' -validate_format 'user' 'domain' 'antispam' 'antivirus' 'dkim' 'dkim_size' +is_format_valid 'user' 'domain' 'antispam' 'antivirus' 'dkim' 'dkim_size' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" -is_domain_new 'mail' +is_domain_new 'mail' "$domain" is_package_full 'MAIL_DOMAINS' +is_dir_symlink $HOMEDIR/$user/mail #----------------------------------------------------------# # Action # #----------------------------------------------------------# +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Adding domain to mail.conf s="DOMAIN='$domain' ANTIVIRUS='$antivirus' ANTISPAM='$antispam' DKIM='$dkim'" -s="$s ACCOUNTS='0' U_DISK='0' CATCHALL='' SUSPENDED='no' TIME='$TIME'" -s="$s DATE='$DATE'" +s="$s CATCHALL='' ACCOUNTS='0' U_DISK='0' SUSPENDED='no' TIME='$time'" +s="$s DATE='$date'" echo $s >> $USER_DATA/mail.conf touch $USER_DATA/mail/$domain.conf @@ -113,10 +120,10 @@ if [ ! -z "$DNS_SYSTEM" ] && [ "$dkim" = 'yes' ]; then p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n') record='_domainkey' policy="\"t=y; o=~;\"" - $BIN/v-add-dns-record $user $domain $record TXT "$policy" + $BIN/v-add-dns-record $user $domain $record TXT "$policy" '' '' 'no' record='mail._domainkey' - selector="\"k=rsa\; p=$p\"" + selector="\"v=DKIM1\; k=rsa\; p=$p\"" $BIN/v-add-dns-record $user $domain $record TXT "$selector" fi fi @@ -134,6 +141,6 @@ fi # Logging log_history "added mail domain $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-mail-domain-antispam b/bin/v-add-mail-domain-antispam index 6af5f79f0..eb31404fa 100755 --- a/bin/v-add-mail-domain-antispam +++ b/bin/v-add-mail-domain-antispam @@ -2,31 +2,35 @@ # info: add mail domain antispam support # options: USER DOMAIN # -# The function enables spamassasin for incomming emails. +# The function enables spamassasin for incoming emails. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -54,6 +58,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$ANTISPAM' 'yes' # Logging log_history "enabled antispam on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-mail-domain-antivirus b/bin/v-add-mail-domain-antivirus index 714f89d71..849107566 100755 --- a/bin/v-add-mail-domain-antivirus +++ b/bin/v-add-mail-domain-antivirus @@ -2,31 +2,35 @@ # info: add mail domain antivirus support # options: USER DOMAIN # -# The function enables clamav scan for incomming emails. +# The function enables clamav scan for incoming emails. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -54,6 +58,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$ANTIVIRUS' 'yes' # Logging log_history "enabled antivirus on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-mail-domain-catchall b/bin/v-add-mail-domain-catchall index e6f2f1ae5..a08976413 100755 --- a/bin/v-add-mail-domain-catchall +++ b/bin/v-add-mail-domain-catchall @@ -2,18 +2,17 @@ # info: add mail domain catchall account # options: USER DOMAIN EMAIL # -# The function enables catchall account for incomming emails. +# The function enables catchall account for incoming emails. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 email="$3" # Includes @@ -21,13 +20,17 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN EMAIL' -validate_format 'user' 'domain' 'email' +is_format_valid 'user' 'domain' 'email' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -42,8 +45,8 @@ is_object_value_empty 'mail' 'DOMAIN' "$domain" '$CATCHALL' # Adding catchall alias if [[ "$MAIL_SYSTEM" =~ exim ]]; then - sed -i "/*@$domain:/d" $HOMEDIR/$user/conf/mail/$domain/aliases - echo "*@$domain:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases + sed -i "/*@$domain_idn:/d" $HOMEDIR/$user/conf/mail/$domain/aliases + echo "*@$domain_idn:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases fi @@ -56,6 +59,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$CATCHALL' "$email" # Logging log_history "added $email as catchall email for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-mail-domain-dkim b/bin/v-add-mail-domain-dkim index 7d391816f..9c643b6e9 100755 --- a/bin/v-add-mail-domain-dkim +++ b/bin/v-add-mail-domain-dkim @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 dkim_size=${3-1024} # Includes @@ -28,13 +27,18 @@ else MAIL_USER=exim fi +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [DKIM_SIZE]' -validate_format 'user' 'domain' 'dkim_size' +is_format_valid 'user' 'domain' 'dkim_size' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -63,12 +67,12 @@ fi # Adding dns records if [ ! -z "$DNS_SYSTEM" ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then p=$(cat $USER_DATA/mail/$domain.pub |grep -v ' KEY---' |tr -d '\n') - record='_domainkey' + record="_domainkey" policy="\"t=y; o=~;\"" - $BIN/v-add-dns-record $user $domain $record TXT "$policy" + $BIN/v-add-dns-record $user $domain $record TXT "$policy" '' '' 'no' - record='mail._domainkey' - selector="\"k=rsa\; p=$p\"" + record="mail._domainkey" + selector="\"v=DKIM1\; k=rsa\; p=$p\"" $BIN/v-add-dns-record $user $domain $record TXT "$selector" fi @@ -79,10 +83,10 @@ fi # Adding dkim in config update_object_value 'mail' 'DOMAIN' "$domain" '$DKIM' 'yes' -increase_user_value "$user" '$U_MAIL_DKMI' +increase_user_value "$user" '$U_MAIL_DKIM' # Logging log_history "enabled DKIM support for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-remote-dns-domain b/bin/v-add-remote-dns-domain index 1b5609b40..2240bafde 100755 --- a/bin/v-add-remote-dns-domain +++ b/bin/v-add-remote-dns-domain @@ -9,11 +9,12 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 flush=$3 + # Includes source $VESTA/func/main.sh source $VESTA/func/remote.sh @@ -25,103 +26,61 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FLUSH]' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' - -if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then - echo "Error: dns-cluster.conf doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST -fi - -number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l) -if [ "$number_of_proc" -gt 2 ]; then - echo "Error: another sync process already exists" - log_event "$E_EXISTS $EVENT" - exit $E_EXISTS -fi +is_procces_running +remote_dns_health_check #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Check domain existance -check_local_domain=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf 2>/dev/null) -if [ -z "$check_local_domain" ]; then +# Parsing domain record +str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf 2>/dev/null) +if [ -z "$str" ]; then pipe="$VESTA/data/queue/dns-cluster.pipe" - str=$(grep -n "$SCRIPT $1 $2$" $pipe | cut -f1 -d: | head -n1) - if [ ! -z "$str" ]; then - sed -i "$str d" $pipe + queue_str=$(grep -n "$SCRIPT $1 $2 " $pipe |cut -f1 -d: |head -n1) + if [ ! -z "$queue_str" ]; then + sed -i "$queue_str d" $pipe fi exit fi -old_ifs="$IFS" IFS=$'\n' +for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do -# Check remote dns nodes -remote_dns_health_check + # Parsing remote dns host parameters + eval $cluster -search_str=$(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf) -for cluster_str in $search_str; do - - # Get host values - eval $cluster_str - - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' - fi - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check dns exceptions - if [ -z "$DNS_CLUSTER_IGNORE" ]; then - DNS_CLUSTER_IGNORE='dns-cluster' - fi - - # Check flush parameters - - # Sync domain - str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) + # Parsing domain parameters eval $str - $send_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME "$flush" 'no' - if [ $? -eq 0 ]; then - # Sync records - if [ "$TYPE" = 'ssh' ]; then - tmp=$(mktemp -u) - scp_cmd $USER_DATA/dns/$DOMAIN.conf $tmp - $send_cmd v-insert-dns-records $DNS_USER $DOMAIN $tmp 'no' - else - for str in $(cat $USER_DATA/dns/$DOMAIN.conf); do - str=$(echo "$str" | sed 's/"/\\"/g') - $send_cmd v-insert-dns-record $DNS_USER $DOMAIN "$str" - done - fi + # Syncing domain data + cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME $flush 'no' + check_result $? "$HOST connection failed" $E_CONNECT - # Rebuild dns zone - $send_cmd v-rebuild-dns-domain $DNS_USER $domain 'scheduled' - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - fi + # Syncing domain records + tmp_file="/tmp/vst-sync.$DOMAIN" + cluster_file $USER_DATA/dns/$DOMAIN.conf $tmp_file + check_result $? "$HOST connection failed" $E_CONNECT + # Inserting synced records + cluster_cmd v-insert-dns-records $DNS_USER $DOMAIN $tmp_file 'no' + check_result $? "$HOST connection failed" $E_CONNECT + + # Rebuilding dns zone + cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no' + check_result $? "$HOST connection failed" $E_CONNECT done -# Update pipe + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Updating pipe rm -f $tmpfile pipe="$VESTA/data/queue/dns-cluster.pipe" str=$(grep -n "$SCRIPT $1 $2 " $pipe | cut -f1 -d: | head -n1) @@ -129,8 +88,4 @@ if [ ! -z "$str" ]; then sed -i "$str d" $pipe fi -#----------------------------------------------------------# -# Vesta # -#----------------------------------------------------------# - exit diff --git a/bin/v-add-remote-dns-host b/bin/v-add-remote-dns-host index 835f97f36..0c52f79b9 100755 --- a/bin/v-add-remote-dns-host +++ b/bin/v-add-remote-dns-host @@ -9,12 +9,17 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition host=$1 +HOST=$host port=$2 +PORT=$port user=$3 -password=$4 +USER=$user +password=$4; HIDE=4 +PASSWORD=$password type=${5-api} +TYPE="$type" dns_user=${6-dns-cluster} DNS_USER=$dns_user @@ -23,9 +28,6 @@ source $VESTA/func/main.sh source $VESTA/func/remote.sh source $VESTA/conf/vesta.conf -# Hiding passwords -A4='******' - #----------------------------------------------------------# # Verifications # @@ -33,8 +35,9 @@ A4='******' args_usage='HOST PORT USER PASSWORD [TYPE] [DNS_USER]' check_args '4' "$#" "$args_usage" -validate_format 'host' 'port' 'user' 'password' 'type' 'dns_user' +is_format_valid 'host' 'port' 'user' 'type' 'dns_user' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' +is_password_valid is_dnshost_new is_dnshost_alive @@ -43,10 +46,15 @@ is_dnshost_alive # Action # #----------------------------------------------------------# +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Concatentating dns host string str="HOST='$host' PORT='$port' USER='$user' PASSWORD='$password'" str="$str DNS_USER='$dns_user' TYPE='$type' SUSPENDED='no'" -str="$str TIME='$TIME' DATE='$DATE'" +str="$str TIME='$time' DATE='$date'" # Adding host to dns-cluster.conf echo "$str" >> $VESTA/conf/dns-cluster.conf @@ -59,37 +67,27 @@ else sed -i "s/DNS_CLUSTER=.*/DNS_CLUSTER='yes'/g" $VESTA/conf/vesta.conf fi -# Enabling restart queue -HOST=$host -PORT=$port -USER=$user -PASSWORD=$password -case $type in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; -esac -$send_cmd v-add-cron-restart-job +# Enabling remote dns-cluster queue +cluster_cmd v-add-cron-restart-job +check_result $? "$HOST connection failed" $E_CONNECT -# Sync current zones +# Syncing all domains $BIN/v-sync-dns-cluster $host -return_code=$? -if [ "$return_code" -ne 0 ]; then - exit $return_code -fi - -# Add dns-cluster cron job -cmd="sudo /usr/local/vesta/bin/v-update-sys-queue dns-cluster" -check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null) -if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then - $BIN/v-add-cron-job admin '*/5' '*' '*' '*' '*' "$cmd" -fi +check_result $? "$HOST sync failed" $E_CONNECT #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Adding local dns-cluster cron job +cmd="sudo /usr/local/vesta/bin/v-update-sys-queue dns-cluster" +check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null) +if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then + $BIN/v-add-cron-job admin '*/5' '*' '*' '*' '*' "$cmd" +fi + # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-remote-dns-record b/bin/v-add-remote-dns-record index ca9aaa0e9..91f4b727f 100755 --- a/bin/v-add-remote-dns-record +++ b/bin/v-add-remote-dns-record @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 id=$3 @@ -25,87 +25,61 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ID' -validate_format 'user' 'domain' 'id' +is_format_valid 'user' 'domain' 'id' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" -is_object_valid "dns/$domain" 'ID' "$id" - -if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then - echo "Error: dns-cluster.conf doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST -fi - -number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l) -if [ "$number_of_proc" -gt 2 ]; then - echo "Error: another sync process already exists" - log_event "$E_EXISTS $EVENT" - exit $E_EXISTS -fi +is_procces_running +remote_dns_health_check #----------------------------------------------------------# # Action # #----------------------------------------------------------# -old_ifs="$IFS" +# Parsing record +str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf) +if [ -z "$str" ]; then + pipe="$VESTA/data/queue/dns-cluster.pipe" + queue_str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) + if [ ! -z "$queue_str" ]; then + sed -i "$queue_str d" $pipe + fi + exit +fi + IFS=$'\n' +for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do -# Check remote dns nodes -remote_dns_health_check + # Parsing remote host parameters + eval $cluster -for cluster_str in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do - # Get host values - eval $cluster_str + # Syncing serial + str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) + cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no' + check_result $? "$HOST connection failed (soa sync)" $E_CONNECT - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' - fi + # Syncing record + str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf | sed 's/"/\\"/g') + cluster_cmd v-insert-dns-record $DNS_USER $domain "$str" 'no' + check_result $? "$HOST connection failed (record sync)" $E_CONNECT - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - - # Check dns exceptions - if [ -z "$DNS_CLUSTER_IGNORE" ]; then - DNS_CLUSTER_IGNORE='dns-cluster' - fi - - # Sync record - str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf) - str=$(echo "$str" | sed 's/"/\\"/g') - $send_cmd v-insert-dns-record $DNS_USER $domain "$str" 'no' - if [ $? -eq 0 ]; then - # Rebuild dns zone - $send_cmd v-rebuild-dns-domain $DNS_USER $domain 'scheduled' - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed (rebuild)" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - fi + # Rebuilding dns zone + cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no' + check_result $? "$HOST connection failed (rebuild)" $E_CONNECT done -# Update pipe -pipe="$VESTA/data/queue/dns-cluster.pipe" -str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) -if [ ! -z "$str" ]; then - sed -i "$str d" $pipe -fi - #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Updating pipe +pipe="$VESTA/data/queue/dns-cluster.pipe" +str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) +if [ ! -z "$str" ]; then + sed -i "$str d" $pipe +fi + exit diff --git a/bin/v-list-web-domains-proxy b/bin/v-add-sys-firewall similarity index 53% rename from bin/v-list-web-domains-proxy rename to bin/v-add-sys-firewall index d2fef4133..b154c7f09 100755 --- a/bin/v-list-web-domains-proxy +++ b/bin/v-add-sys-firewall @@ -1,54 +1,57 @@ #!/bin/bash -# info: list web domains and proxy key -# options: USER [FORMAT] +# info: add system firewall +# options: NONE # -# The function for obtaining the list of domains with proxy parameter -# displayed. This call was arranged for filling in the lack of information by -# applying v-list-web-domains call in the shell format. +# The script enables firewall #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition -user=$1 -format=${2-shell} - # Includes source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' -is_object_valid 'user' 'USER' "$user" +if [ "$FIREWALL_SYSTEM" = 'iptables' ]; then + exit +fi #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Defining config -conf=$USER_DATA/web.conf +# Adding firewall directory +mkdir -p $VESTA/data/firewall/ -# Defining fileds to select -fields="\$DOMAIN \$PROXY \$PROXY_EXT" +# Adding default ruleset +if [ ! -e "$VESTA/data/firewall/rules.conf" ]; then + cp $VESTA/install/rhel/7/* $VESTA/data/firewall/ +fi -# Listing domains -case $format in - json) json_list ;; - plain) nohead=1; shell_list ;; - shell) shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' -esac +# Updating FIREWAL_SYSTEM value +if [ -z "$(grep FIREWALL_SYSTEM $VESTA/conf/vesta.conf)" ]; then + echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf +else + sed -i "s/FIREWALL_SYSTEM.*/FIREWALL_SYSTEM='iptables'/g" \ + $VESTA/conf/vesta.conf +fi + +# Updating firewall rules +$BIN/v-update-firewall #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Logging +log_event "$OK" "$ARGUMENTS" + exit diff --git a/bin/v-add-sys-ip b/bin/v-add-sys-ip index 810adce6a..54245bcc2 100755 --- a/bin/v-add-sys-ip +++ b/bin/v-add-sys-ip @@ -1,11 +1,11 @@ #!/bin/bash # info: add system ip address -# options: IP MASK [INTERFACE] [USER] [IP_STATUS] [IP_NAME] [NAT_IP] +# options: IP NETMASK [INTERFACE] [USER] [IP_STATUS] [IP_NAME] [NAT_IP] # # The function adds ip address into a system. It also creates rc scripts. You # can specify ip name which will be used as root domain for temporary aliases. # For example, if you set a1.myhosting.com as name, each new domain created on -# this ip will automaticaly receive alias $domain.a1.myhosting.com. Of course +# this ip will automatically receive alias $domain.a1.myhosting.com. Of course # you must have wildcard record *.a1.myhosting.com pointed to ip. This feature # is very handy when customer wants to test domain before dns migration. @@ -14,9 +14,9 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition ip=${1// /} -mask=$2 +netmask=$2 interface="${3-eth0}" user="${4-admin}" ip_status="${5-shared}" @@ -34,36 +34,40 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# -check_args '2' "$#" 'IP MASK [INTERFACE] [USER] [IP_STATUS] [IP_NAME] [NAT_IP]' -validate_format 'ip' 'mask' 'interface' 'user' 'ip_status' +check_args '2' "$#" 'IP NETMASK [INTERFACE] [USER] [STATUS] [NAME] [NATED_IP]' +is_format_valid 'ip' 'netmask' 'interface' 'user' 'ip_status' is_ip_free is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" if [ ! -z "$ip_name" ] ; then - validate_format 'ip_name' + is_format_valid 'ip_name' fi if [ ! -z "$nat_ip" ] ; then - validate_format 'nat_ip' + is_format_valid 'nat_ip' fi #----------------------------------------------------------# # Action # #----------------------------------------------------------# -get_ip_iface -sys_ip_check=$(/sbin/ifconfig | grep "addr:$ip ") +iface=$(get_ip_iface) +cidr=$(convert_netmask $netmask) +broadcast=$(get_broadcast $ip $netmask) + +sys_ip_check=$(/sbin/ip addr | grep "$ip") if [ -z "$sys_ip_check" ]; then # Adding sys ip - /sbin/ifconfig "$iface" "$ip" netmask "$mask" + /sbin/ip addr add $ip/$cidr dev $interface \ + broadcast $broadcast label $iface - # Adding RHEL/CentOS/Fedora startup script - if [ -e "/etc/redhat-release" ]; then + # Adding RHEL/CentOS/Fedora/Amazon startup script + if [ -d "/etc/sysconfig" ]; then sys_ip="# Added by vesta" sys_ip="$sys_ip\nDEVICE=$iface" sys_ip="$sys_ip\nBOOTPROTO=static" sys_ip="$sys_ip\nONBOOT=yes" sys_ip="$sys_ip\nIPADDR=$ip" - sys_ip="$sys_ip\nNETMASK=$mask" + sys_ip="$sys_ip\nNETMASK=$netmask" echo -e $sys_ip > /etc/sysconfig/network-scripts/ifcfg-$iface fi @@ -73,11 +77,16 @@ if [ -z "$sys_ip_check" ]; then sys_ip="$sys_ip\nauto $iface" sys_ip="$sys_ip\niface $iface inet static" sys_ip="$sys_ip\naddress $ip" - sys_ip="$sys_ip\nnetmask $mask" + sys_ip="$sys_ip\nnetmask $netmask" echo -e $sys_ip >> /etc/network/interfaces fi fi +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Adding vesta ip echo "OWNER='$user' STATUS='$ip_status' @@ -85,23 +94,28 @@ NAME='$ip_name' U_SYS_USERS='' U_WEB_DOMAINS='0' INTERFACE='$interface' -NETMASK='$mask' +NETMASK='$netmask' NAT='$nat_ip' -TIME='$TIME' -DATE='$DATE'" > $VESTA/data/ips/$ip +TIME='$time' +DATE='$date'" > $VESTA/data/ips/$ip chmod 660 $VESTA/data/ips/$ip # WEB support if [ ! -z "$WEB_SYSTEM" ]; then web_conf="/etc/$WEB_SYSTEM/conf.d/$ip.conf" + rm -f $web_conf if [ "$WEB_SYSTEM" = 'httpd' ] || [ "$WEB_SYSTEM" = 'apache2' ]; then - echo "NameVirtualHost $ip:$WEB_PORT" > $web_conf + if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then + echo "NameVirtualHost $ip:$WEB_PORT" > $web_conf + fi echo "Listen $ip:$WEB_PORT" >> $web_conf fi if [ "$WEB_SSL" = 'mod_ssl' ]; then - echo "NameVirtualHost $ip:$WEB_SSL_PORT" >> $web_conf + if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then + echo "NameVirtualHost $ip:$WEB_SSL_PORT" >> $web_conf + fi echo "Listen $ip:$WEB_SSL_PORT" >> $web_conf fi fi @@ -128,6 +142,14 @@ if [ ! -z "$PROXY_SYSTEM" ]; then rpaf_str="$rpaf_str $ip" sed -i "s/.*RPAFproxy_ips.*/$rpaf_str/" $rpaf_conf fi + + #mod_remoteip + remoteip_conf="/etc/$WEB_SYSTEM/mods-enabled/remoteip.conf" + if [ -e "$remoteip_conf" ]; then + if [ $( grep -ic "$ip" $remoteip_conf ) -eq 0 ]; then + sed -i "s/<\/IfModule>/RemoteIPInternalProxy $ip\n<\/IfModule>/g" $remoteip_conf + fi + fi fi @@ -150,18 +172,23 @@ else increase_user_value 'admin' '$IP_AVAIL' fi -# Restart web server +# Restarting web server $BIN/v-restart-web -if [ $? -ne 0 ]; then - exit $E_RESTART +check_result $? "Web restart failed" >/dev/null + +# Restarting proxy server +if [ ! -z "$PROXY_SYSTEM" ]; then + $BIN/v-restart-proxy + check_result $? "Proxy restart failed" >/dev/null fi -$BIN/v-restart-proxy -if [ $? -ne 0 ]; then - exit $E_RESTART + +# Restarting firewall +if [ ! -z "$FIREWALL_SYSTEM" ]; then + $BIN/v-update-firewall fi # Logging log_history "added system ip address $ip" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-sys-mail-ssl b/bin/v-add-sys-mail-ssl new file mode 100755 index 000000000..1ebffdc35 --- /dev/null +++ b/bin/v-add-sys-mail-ssl @@ -0,0 +1,106 @@ +#!/bin/bash +# info: copy mail ssl certificate +# options: USER DOMAIN [RESTART] +# +# The function copies user domain SSL to mail SSL directory + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +restart=$3 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL' + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining certificate location +dom_crt="/home/$user/conf/web/ssl.$domain.pem" +dom_key="/home/$user/conf/web/ssl.$domain.key" +vst_crt="$VESTA/ssl/mail.crt" +vst_key="$VESTA/ssl/mail.key" + +# Checking certificate +if [ ! -e "$dom_crt" ] || [ ! -e "$dom_key" ]; then + check_result $E_NOTEXIST "$domain certificate doesn't exist" +fi + +# Checking difference +diff $dom_crt $vst_crt >/dev/null 2>&1 +if [ $? -ne 0 ]; then + rm -f $vst_crt.old $vst_key.old + mv $vst_crt $vst_crt.old >/dev/null 2>&1 + mv $vst_key $vst_key.old >/dev/null 2>&1 + cp $dom_crt $vst_crt 2>/dev/null + cp $dom_key $vst_key 2>/dev/null + chown root:mail $vst_crt $vst_key +else + restart=no +fi + +# Updating mail certificate +case $MAIL_SYSTEM in + exim) conf='/etc/exim/exim.conf';; + exim4) conf='/etc/exim4/exim4.conf.template';; +esac +if [ -e "$conf" ]; then + sed -e "s|^tls_certificate.*|tls_certificate = $vst_crt|" \ + -e "s|^tls_privatekey.*|tls_privatekey = $vst_key|" -i $conf +fi + +# Updating imap certificate +conf="/etc/dovecot/conf.d/10-ssl.conf" +if [ ! -z "$IMAP_SYSTEM" ] && [ -e "$conf" ]; then + sed -e "s|ssl_cert.*|ssl_cert = <$vst_crt|" \ + -e "s|ssl_key.*|ssl_key = <$vst_key|" -i $conf +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting services +if [ "$restart" != 'no' ]; then + if [ ! -z "$MAIL_SYSTEM" ]; then + $BIN/v-restart-service $MAIL_SYSTEM + fi + if [ ! -z "$IMAP_SYSTEM" ]; then + $BIN/v-restart-service $IMAP_SYSTEM + fi +fi + +# Updating vesta.conf +if [ -z "$(grep MAIL_CERTIFICATE $VESTA/conf/vesta.conf)" ]; then + echo "MAIL_CERTIFICATE='$user:$domain'" >> $VESTA/conf/vesta.conf +else + sed -i "s/MAIL_CERTIFICATE.*/MAIL_CERTIFICATE='$user:$domain'/g" \ + $VESTA/conf/vesta.conf +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-sys-quota b/bin/v-add-sys-quota index 9b35c59d9..93687e9c6 100755 --- a/bin/v-add-sys-quota +++ b/bin/v-add-sys-quota @@ -1,12 +1,12 @@ #!/bin/bash # info: add system quota -# opions: NONE +# options: NONE # -# The script enables filesystem quota on /home patition +# The script enables filesystem quota on /home partition #----------------------------------------------------------# -# Variable&Function # +# Variable & Function # #----------------------------------------------------------# # Includes @@ -19,21 +19,15 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# # Checking quota package -if [ ! -e "/usr/sbin/setquota" ]; then - if [ -e "/etc/redhat-release" ]; then +quota=$(which --skip-alias --skip-functions quota 2>/dev/null) +if [ $? -ne 0 ]; then + if [ -d "/etc/sysconfig" ]; then yum -y install quota >/dev/null 2>&1 - result=$? + check_result $? "quota package installation failed" $E_UPDATE else export DEBIAN_FRONTEND=noninteractive apt-get -y install quota >/dev/null 2>&1 - result=$? - fi - - # Checking installation status - if [ "$result" -ne 0 ]; then - echo "Error: quota package wasn't successfully installed" - log_event "$E_UPDATE" "$EVENT" - exit $E_UPDATE + check_result $? "quota package installation failed" $E_UPDATE fi fi @@ -42,38 +36,38 @@ fi # Action # #----------------------------------------------------------# -# Adding usrquota option on /home partition -mnt=$(df -P /home |awk '{print $6}' |tail -n1) -lnr=$(cat -n /etc/fstab |awk '{print $1,$3}' |grep "$mnt$" |cut -f 1 -d ' ') -options=$(sed -n ${lnr}p /etc/fstab |awk '{print $4}') -if [ -z "$(echo $options |grep usrquota)" ]; then - sed -i "$lnr s/$options/$options,usrquota/" /etc/fstab +# Adding group and user quota on /home partition +mnt=$(df -P /home | awk '{print $6}' | tail -n1) +lnr=$(cat -n /etc/fstab | grep -v "#" | awk '{print $1,$3}' | grep "$mnt$" | cut -f 1 -d ' ') +opt=$(sed -n ${lnr}p /etc/fstab | awk '{print $4}') +fnd='usrquota\|grpquota\|usrjquota=aquota.user\|grpjquota=aquota.group\|jqfmt=vfsv0' +if [ $(echo $opt | tr ',' '\n' | grep -x $fnd | wc -l) -ne 5 ]; then + old=$(echo $(echo $opt | tr ',' '\n' | grep -v 'usrquota\|grpquota\|usrjquota=\|grpjquota=\|jqfmt=') | tr ' ' ',') + new='usrquota,grpquota,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0' + sed -i "$lnr s/$opt/$old,$new/" /etc/fstab mount -o remount $mnt fi -# Adding aquota.user file -if [ ! -e "$mnt/aquota.user" ]; then - quotacheck -cu $mnt >/dev/null 2>&1 +# Adding v2 group and user quota index +if [ ! -e "$mnt/aquota.user" ] || [ ! -e "$mnt/aquota.group" ]; then + quotacheck -avcugm >/dev/null 2>&1 fi -# Building fs quota index -quotacheck -um $mnt +# Adding quotacheck on reboot +touch /forcequotacheck -# Adding weekly cron job -echo "quotacheck -um $mnt" > /etc/cron.daily/quotacheck +# Adding cron job +echo '#!/bin/bash' > /etc/cron.daily/quotacheck +echo 'touch /forcequotacheck' >> /etc/cron.daily/quotacheck chmod a+x /etc/cron.daily/quotacheck -# Enabling fs quota -if [ ! -z "$(quotaon -pa|grep " $mnt "|grep user|grep 'off')" ]; then - quotaon $mnt - if [ $? -ne 0 ]; then - echo "Error: quota can't be enabled on $mnt partition" - log_event "$E_DISK" "$EVENT" - exit $E_DISK - fi +# Enabling group and user quota +if [ ! -z "$(quotaon -pa | grep " $mnt " | grep 'user\|group' | grep 'is off')" ]; then + quotaon -v $mnt + check_result $? "quota can't be enabled in $mnt" $E_DISK fi -# Updating DISK_QUOTA value +# Updating vesta.conf value if [ -z "$(grep DISK_QUOTA $VESTA/conf/vesta.conf)" ]; then echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf else @@ -91,6 +85,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-sys-sftp-jail b/bin/v-add-sys-sftp-jail new file mode 100755 index 000000000..7d5c40352 --- /dev/null +++ b/bin/v-add-sys-sftp-jail @@ -0,0 +1,106 @@ +#!/bin/bash +# info: add system sftp jail +# options: NONE +# +# The script enables sftp jailed environment + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Importing system environment as we run this script +# mostly by cron which do not read it by itself +source /etc/profile + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +if [ -z "$SFTPJAIL_KEY" ]; then + exit +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking sshd directives +config='/etc/ssh/sshd_config' +sftp_n=$(grep -n "Subsystem.*sftp" $config |grep -v internal |grep -v ":#") +sftp_i=$(grep -n "Subsystem.*sftp" $config |grep internal |grep -v ":#") + +# Disabling normal sftp +if [ ! -z "$sftp_n" ]; then + fline=$(echo $sftp_n |cut -f 1 -d :) + sed -i "${fline}s/Subsystem.*sftp/#Subsystem sftp/" $config + restart='yes' +fi + +# Enabling jailed sftp +if [ -z "$sftp_i" ]; then + echo " " >> $config + echo "Subsystem sftp internal-sftp" >> $config + echo "Match Group sftp-only" >> $config + echo "ChrootDirectory /chroot/%u" >> $config + echo " AllowTCPForwarding no" >> $config + echo " X11Forwarding no" >> $config + echo " ForceCommand internal-sftp" >> $config + restart='yes' +fi + +# Validating opensshd config +if [ "$restart" = 'yes' ]; then + subj="OpenSSH restart failed" + email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f 2 -d \') + /usr/sbin/sshd -t >/dev/null 2>&1 + if [ "$?" -ne 0 ]; then + mail_text="OpenSSH can not be restarted. Please check config: + \n\n$(/usr/sbin/sshd -t)" + echo -e "$mail_text" |$SENDMAIL -s "$subj" $email + else + service ssh restart >/dev/null 2>&1 + service sshd restart >/dev/null 2>&1 + fi +fi + +# Adding sftp group +groupadd sftp-only 2>/dev/null + +# Checking users +shells="rssh|nologin" +for user in $(grep "$HOMEDIR" /etc/passwd |egrep "$shells" |cut -f 1 -d:); do + $BIN/v-add-user-sftp-jail $user +done + +# Adding v-add-sys-sftp-jail to startup +if [ -e "/etc/rc.local" ]; then + check_sftp=$(grep $0 /etc/rc.local) + check_exit=$(grep ^exit /etc/rc.local) + if [ -z "$check_sftp" ]; then + if [ -z "$check_exit" ]; then + echo "$BIN/v-add-sys-sftp-jail" >> /etc/rc.local + else + sed -i "s|^exit|$BIN/v-add-sys-sftp-jail\nexit|" /etc/rc.local + fi + fi + chmod +x /etc/rc.local +else + echo "$BIN/v-add-sys-sftp-jail" > /etc/rc.local + chmod +x /etc/rc.local +fi + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-sys-vesta-ssl b/bin/v-add-sys-vesta-ssl new file mode 100755 index 000000000..32cd6c141 --- /dev/null +++ b/bin/v-add-sys-vesta-ssl @@ -0,0 +1,97 @@ +#!/bin/bash +# info: add vesta ssl certificate +# options: USER DOMAIN [RESTART] +# +# The function copies user domain SSL to vesta SSL directory + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +restart=$3 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL' + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining certificate location +dom_crt="/home/$user/conf/web/ssl.$domain.pem" +dom_key="/home/$user/conf/web/ssl.$domain.key" +vst_crt="$VESTA/ssl/certificate.crt" +vst_key="$VESTA/ssl/certificate.key" + +# Checking certificate +if [ ! -e "$dom_crt" ] || [ ! -e "$dom_key" ]; then + check_result $E_NOTEXIST "$domain certificate doesn't exist" +fi + +# Checking difference +diff $dom_crt $vst_crt >/dev/null 2>&1 +if [ $? -ne 0 ]; then + rm -f $vst_crt.old $vst_key.old + mv $vst_crt $vst_crt.old + mv $vst_key $vst_key.old + cp $dom_crt $vst_crt 2>/dev/null + cp $dom_key $vst_key 2>/dev/null + chown root:mail $vst_crt $vst_key +else + restart=no +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting services +if [ "$restart" != 'no' ]; then + if [ ! -z "$MAIL_SYSTEM" ] && [ -z "$MAIL_CERTIFICATE" ]; then + $BIN/v-restart-service $MAIL_SYSTEM + fi + if [ ! -z "$IMAP_SYSTEM" ] && [ -z "$MAIL_CERTIFICATE" ]; then + $BIN/v-restart-service $IMAP_SYSTEM + fi + if [ ! -z "$FTP_SYSTEM" ]; then + $BIN/v-restart-service "$FTP_SYSTEM" + fi + if [ -e "/var/run/vesta-nginx.pid" ]; then + kill -HUP $(cat /var/run/vesta-nginx.pid) + else + service vesta restart + fi +fi + +# Updating vesta.conf +if [ -z "$(grep VESTA_CERTIFICATE $VESTA/conf/vesta.conf)" ]; then + echo "VESTA_CERTIFICATE='$user:$domain'" >> $VESTA/conf/vesta.conf +else + sed -i "s/VESTA_CERTIFICATE.*/VESTA_CERTIFICATE='$user:$domain'/g" \ + $VESTA/conf/vesta.conf +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-user b/bin/v-add-user index 99de6ea7d..025c7e3ee 100755 --- a/bin/v-add-user +++ b/bin/v-add-user @@ -9,9 +9,9 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -password=$2 +password=$2; HIDE=2 email=$3 package=${4-default} fname=$5 @@ -21,16 +21,10 @@ lname=$6 source $VESTA/func/main.sh source $VESTA/conf/vesta.conf -# Hiding password -A2='******' -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" - is_user_free() { - check_sysuser=$(cut -f 1 -d : /etc/passwd | grep -w "$user" ) + check_sysuser=$(cut -f 1 -d : /etc/passwd | grep "^$user$" ) if [ ! -z "$check_sysuser" ] || [ -e "$USER_DATA" ]; then - echo "Error: user $user exists" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + check_result $E_EXISTS "user $user exists" fi } @@ -40,12 +34,12 @@ is_user_free() { #----------------------------------------------------------# check_args '3' "$#" 'USER PASSWORD EMAIL [PACKAGE] [FNAME] [LNAME]' -validate_format 'user' 'password' 'email' 'package' +is_format_valid 'user' 'email' 'package' if [ ! -z "$fname" ]; then - validate_format 'fname' 'lname' + is_format_valid 'fname' 'lname' fi - is_user_free "$user" +is_password_valid is_package_valid @@ -54,7 +48,7 @@ is_package_valid #----------------------------------------------------------# # Parsing package data -pkg_data=$(cat $VESTA/data/packages/$package.pkg |grep -v TIME |grep -v DATE) +pkg_data=$(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE") # Checking shell shell_conf=$(echo "$pkg_data" | grep 'SHELL' | cut -f 2 -d \') @@ -62,11 +56,7 @@ shell=$(grep -w "$shell_conf" /etc/shells |head -n1) # Adding user /usr/sbin/useradd "$user" -s "$shell" -c "$email" -m -d "$HOMEDIR/$user" -if [ $? -ne 0 ]; then - echo "Error: user creation failed" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID -fi +check_result $? "user creation failed" $E_INVALID # Adding password echo "$user:$password" | /usr/sbin/chpasswd @@ -75,21 +65,16 @@ echo "$user:$password" | /usr/sbin/chpasswd mkdir $HOMEDIR/$user/conf if [ ! -z "$WEB_SYSTEM" ]; then - mkdir $HOMEDIR/$user/conf/web - mkdir $HOMEDIR/$user/web - mkdir $HOMEDIR/$user/tmp - chmod 751 $HOMEDIR/$user/conf/web - chmod 751 $HOMEDIR/$user/web - chmod 771 $HOMEDIR/$user/tmp - chown $user:$user $HOMEDIR/$user/web - chown $user:$user $HOMEDIR/$user/tmp + mkdir $HOMEDIR/$user/conf/web $HOMEDIR/$user/web $HOMEDIR/$user/tmp + chmod 751 $HOMEDIR/$user/conf/web + chmod 700 $HOMEDIR/$user/tmp + chown $user:$user $HOMEDIR/$user/web $HOMEDIR/$user/tmp fi if [ ! -z "$MAIL_SYSTEM" ]; then - mkdir $HOMEDIR/$user/conf/mail - mkdir $HOMEDIR/$user/mail - chmod 751 $HOMEDIR/$user/mail - chmod 751 $HOMEDIR/$user/conf/mail + mkdir $HOMEDIR/$user/conf/mail $HOMEDIR/$user/mail + chmod 751 $HOMEDIR/$user/mail + chmod 755 $HOMEDIR/$user/conf/mail fi if [ ! -z "$DNS_SYSTEM" ]; then @@ -107,54 +92,51 @@ chattr +i $HOMEDIR/$user/conf #----------------------------------------------------------# # Adding user dir -mkdir $USER_DATA -chmod 770 $USER_DATA +mkdir -p $USER_DATA/ssl $USER_DATA/dns $USER_DATA/mail # Creating configuration files and pipes -touch $USER_DATA/backup.conf -chmod 660 $USER_DATA/backup.conf -touch $USER_DATA/history.log -chmod 660 $USER_DATA/history.log -touch $USER_DATA/stats.log -chmod 660 $USER_DATA/stats.log +touch $USER_DATA/backup.conf \ + $USER_DATA/history.log \ + $USER_DATA/stats.log \ + $USER_DATA/web.conf \ + $USER_DATA/dns.conf \ + $USER_DATA/mail.conf \ + $USER_DATA/db.conf \ + $USER_DATA/cron.conf +chmod 770 $USER_DATA \ + $USER_DATA/ssl \ + $USER_DATA/dns \ + $USER_DATA/mail + +chmod 660 $USER_DATA/backup.conf \ + $USER_DATA/history.log \ + $USER_DATA/stats.log \ + $USER_DATA/web.conf \ + $USER_DATA/dns.conf \ + $USER_DATA/mail.conf \ + $USER_DATA/db.conf \ + $USER_DATA/cron.conf + +# Updating queue pipes echo "$BIN/v-update-user-disk $user" >> $VESTA/data/queue/disk.pipe - if [ ! -z "$WEB_SYSTEM" ]; then - mkdir $USER_DATA/ssl - chmod 770 $USER_DATA/ssl - touch $USER_DATA/web.conf - chmod 660 $USER_DATA/web.conf echo "$BIN/v-update-web-domains-traff $user" \ >> $VESTA/data/queue/traffic.pipe echo "$BIN/v-update-web-domains-disk $user" >> $VESTA/data/queue/disk.pipe fi - -if [ ! -z "$DNS_SYSTEM" ]; then - mkdir $USER_DATA/dns - chmod 770 $USER_DATA/dns - touch $USER_DATA/dns.conf - chmod 660 $USER_DATA/dns.conf -fi - if [ ! -z "$MAIL_SYSTEM" ]; then - mkdir $USER_DATA/mail - chmod 770 $USER_DATA/mail - touch $USER_DATA/mail.conf - chmod 660 $USER_DATA/mail.conf echo "$BIN/v-update-mail-domains-disk $user" >> $VESTA/data/queue/disk.pipe fi if [ ! -z "$DB_SYSTEM" ]; then - touch $USER_DATA/db.conf - chmod 660 $USER_DATA/db.conf echo "$BIN/v-update-databases-disk $user" >> $VESTA/data/queue/disk.pipe fi -if [ ! -z "$CRON_SYSTEM" ]; then - touch $USER_DATA/cron.conf - chmod 660 $USER_DATA/cron.conf -fi +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) # Filling user config if [ "$user" != 'admin' ]; then @@ -172,7 +154,7 @@ $pkg_data CONTACT='$email' CRON_REPORTS='yes' MD5='$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow)' -RKEY='$(gen_password)' +RKEY='$(generate_password)' SUSPENDED='no' SUSPENDED_USERS='0' SUSPENDED_WEB='0' @@ -201,8 +183,9 @@ U_DATABASES='0' U_CRON_JOBS='0' U_BACKUPS='0' LANGUAGE='' -TIME='$TIME' -DATE='$DATE'" > $USER_DATA/user.conf +NOTIFICATIONS='no' +TIME='$time' +DATE='$date'" > $USER_DATA/user.conf chmod 660 $USER_DATA/user.conf # Updating quota @@ -220,8 +203,13 @@ if [ -x "$VESTA/data/packages/$package.sh" ]; then $VESTA/data/packages/$package.sh "$user" "$email" "$fname" "$lname" fi +# Adding jailed sftp env +if [ ! -z "$SFTPJAIL_KEY" ]; then + $BIN/v-add-user-sftp-jail $user +fi + # Logging log_history "added system user $user" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-user-favourites b/bin/v-add-user-favourites new file mode 100755 index 000000000..188638290 --- /dev/null +++ b/bin/v-add-user-favourites @@ -0,0 +1,125 @@ +#!/bin/bash +# info: adding user favourites +# options: USER SYSTEM OBJECT +# +# The function adds object to users favourites + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +system=$(echo "$2" |tr '[:lower:]' '[:upper:]') +object=$3 +email=$3 +id=$3 + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '3' "$#" 'USER SYSTEM OBJECT' +is_format_valid 'user' 'system' +case $system in + MAIL_ACC) is_format_valid 'email' ;; + CRON) is_format_valid 'id' ;; + DNS_REC) is_format_valid 'id' ;; + *) is_format_valid 'object' +esac +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" + +# Checking system +case $system in + USER) check='ok' ;; + WEB) check='ok' ;; + DNS) check='ok' ;; + DNS_REC) check='ok' ;; + MAIL) check='ok' ;; + MAIL_ACC) check='ok' ;; + DB) check='ok' ;; + CRON) check='ok' ;; + BACKUP) check='ok' ;; + IP) check='ok' ;; + PACKAGE) check='ok' ;; + FIREWALL) check='ok' ;; + *) check_args '2' '0' 'USER SYSTEM OBJECT' +esac + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Flushing vars +USER='' +WEB='' +DNS='' +DNS_REC='' +MAIL='' +MAIL_ACC='' +DB='' +CRON='' +BACKUP='' +IP='' +PACKAGE='' +FIREWALL='' + +# Creating config just in case +touch $USER_DATA/favourites.conf + +# Reading current values +source $USER_DATA/favourites.conf + +# Assigning current system value +eval value=\$$system + +# Checking if object is new +check_fav=$(echo "$value" |tr ',' '\n'| grep "^$object$") +if [ ! -z "$check_fav" ]; then + exit 0 +fi + +# Adding object to favorites +if [ -z "$value" ]; then + value="$object" +else + value="$value,$object" +fi + +# Updating sytem +eval $system=$value + +# Updating user favorites +echo "USER='$USER' +WEB='$WEB' +DNS='$DNS' +DNS_REC='$DNS_REC' +MAIL='$MAIL' +MAIL_ACC='$MAIL_ACC' +DB='$DB' +CRON='$CRON' +BACKUP='$BACKUP' +IP='$IP' +PACKAGE='$PACKAGE' +FIREWALL='$FIREWALL'" > $USER_DATA/favourites.conf + +# Changing file permission +chmod 640 $USER_DATA/favourites.conf + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_history "added starred $object in $system listing" +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-user-notification b/bin/v-add-user-notification new file mode 100755 index 000000000..5945b1923 --- /dev/null +++ b/bin/v-add-user-notification @@ -0,0 +1,76 @@ +#!/bin/bash +# info: add user notification +# options: USER TOPIC NOTICE [TYPE] +# +# The function adds user notification. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +topic=$(echo $2 |sed "s/'/%quote%/g") +notice=$(echo $3 |sed "s/'/%quote%/g") +type=$4 + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER TOPIC NOTICE [TYPE]' +is_format_valid 'user' 'topic' 'notice' +is_object_valid 'user' 'USER' "$user" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining notification id +if [ -e "$USER_DATA/notifications.conf" ]; then + nid=$(grep "NID=" $USER_DATA/notifications.conf |cut -f 2 -d \') + nid=$(echo "$nid" |sort -n |tail -n1) + if [ ! -z "$nid" ]; then + nid="$((nid +1))" + else + nid=1 + fi +else + nid=1 +fi + +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + +# Concatenating string +str="NID='$nid' TOPIC='$topic' NOTICE='$notice' TYPE='$type'" +str="$str ACK='no' TIME='$time' DATE='$date'" + +# Adding to config +echo "$str" >> $USER_DATA/notifications.conf + +# Changing permissions +chmod 660 $USER_DATA/notifications.conf + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Updating notification counter +if [ -z "$(grep NOTIFICATIONS $USER_DATA/user.conf)" ]; then + sed -i "s/^TIME/NOTIFICATIONS='yes'\nTIME/g" $USER_DATA/user.conf +else + update_user_value "$user" '$NOTIFICATIONS' "yes" +fi + +exit diff --git a/bin/v-add-user-package b/bin/v-add-user-package index e4f7883ba..0cab1a3dc 100755 --- a/bin/v-add-user-package +++ b/bin/v-add-user-package @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition pkg_dir=$1 package=$2 rewrite=$3 @@ -22,24 +22,47 @@ source $VESTA/conf/vesta.conf is_package_new() { if [ -e "$VESTA/data/packages/$package.pkg" ]; then echo "Error: package $package already exists." - log_event "$E_EXISTS" "$EVENT" + log_event "$E_EXISTS" "$ARGUMENTS" exit $E_EXISTS fi } is_package_consistent() { source $pkg_dir/$package.pkg - validate_format_int $WEB_DOMAINS 'WEB_DOMAINS' - validate_format_int $WEB_ALIASES 'WEB_ALIASES' - validate_format_int $DNS_DOMAINS 'DNS_DOMAINS' - validate_format_int $DNS_RECORDS 'DNS_RECORDS' - validate_format_int $MAIL_DOMAINS 'MAIL_DOMAINS' - validate_format_int $MAIL_ACCOUNTS 'MAIL_ACCOUNTS' - validate_format_int $DATABASES 'DATABASES' - validate_format_int $CRON_JOBS 'CRON_JOBS' - validate_format_int $DISK_QUOTA 'DISK_QUOTA' - validate_format_int $BACKUPS 'BACKUPS' - validate_format_shell $SHELL + if [ "$WEB_DOMAINS" != 'unlimited' ]; then + is_int_format_valid $WEB_DOMAINS 'WEB_DOMAINS' + fi + if [ "$WEB_ALIASES" != 'unlimited' ]; then + is_int_format_valid $WEB_ALIASES 'WEB_ALIASES' + fi + if [ "$DNS_DOMAINS" != 'unlimited' ]; then + is_int_format_valid $DNS_DOMAINS 'DNS_DOMAINS' + fi + if [ "$DNS_RECORDS" != 'unlimited' ]; then + is_int_format_valid $DNS_RECORDS 'DNS_RECORDS' + fi + if [ "$MAIL_DOMAINS" != 'unlimited' ]; then + is_int_format_valid $MAIL_DOMAINS 'MAIL_DOMAINS' + fi + if [ "$MAIL_ACCOUNTS" != 'unlimited' ]; then + is_int_format_valid $MAIL_ACCOUNTS 'MAIL_ACCOUNTS' + fi + if [ "$DATABASES" != 'unlimited' ]; then + is_int_format_valid $DATABASES 'DATABASES' + fi + if [ "$CRON_JOBS" != 'unlimited' ]; then + is_int_format_valid $CRON_JOBS 'CRON_JOBS' + fi + if [ "$DISK_QUOTA" != 'unlimited' ]; then + is_int_format_valid $DISK_QUOTA 'DISK_QUOTA' + fi + if [ "$BANDWIDTH" != 'unlimited' ]; then + is_int_format_valid $BANDWIDTH 'BANDWIDTH' + fi + if [ "$BACKUPS" != 'unlimited' ]; then + is_int_format_valid $BACKUPS 'BACKUPS' + fi + is_format_valid_shell $SHELL } @@ -48,7 +71,7 @@ is_package_consistent() { #----------------------------------------------------------# check_args '2' "$#" 'PKG_DIR PACKAGE' 'rewrite' -validate_format 'pkg_dir' 'package' +is_format_valid 'pkg_dir' 'package' if [ "$rewrite" != 'yes' ]; then is_package_new fi @@ -74,6 +97,6 @@ if [ "$rewrite" != 'yes' ]; then else log_history "updated user package $package" '' 'admin' fi -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-user-sftp-jail b/bin/v-add-user-sftp-jail new file mode 100755 index 000000000..ed96509d9 --- /dev/null +++ b/bin/v-add-user-sftp-jail @@ -0,0 +1,66 @@ +#!/bin/bash +# info: add user sftp jail +# options: USER +# +# The script enables sftp jailed environment + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '1' "$#" 'USER' +is_format_valid 'user' +if [ -z "$SFTPJAIL_KEY" ]; then + exit +fi +user_str=$(grep "^$user:" /etc/passwd |egrep "rssh|nologin") +if [ -z "$user_str" ]; then + exit +fi + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining user homedir +home="$(echo $user_str |cut -f 6 -d :)" + +# Adding chroot directory +if [ ! -d "/chroot/$user/$home" ]; then + mkdir -p /chroot/$user/$home + chmod 750 /chroot/$user + chmod 775 /chroot/$user/$home + chown root:sftp-only /chroot/$user + chown $user:sftp-only /chroot/$user/$home +fi + +# Adding user to sftp group +usermod -a -G sftp-only $user + +# Mouting home directory +if [ -z "$(mount |grep /chroot/$user/$home)" ]; then + mount -o bind $home /chroot/$user/$home/ +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-vesta-softaculous b/bin/v-add-vesta-softaculous new file mode 100755 index 000000000..b0cca53a5 --- /dev/null +++ b/bin/v-add-vesta-softaculous @@ -0,0 +1,133 @@ +#!/bin/bash +# info: add vesta softaculous +# options: [TYPE] +# +# The script enables softaculous plugin + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +TYPE=$1 + +# Includes +source /etc/profile +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +if [ "$TYPE" = 'WEB' ]; then + if [ ! -e "$VESTA/softaculous" ] && [ ! -e "$VESTA/ioncube" ]; then + $BIN/v-schedule-vesta-softaculous + exit + fi +else + cmd="v-add-vesta-softaculous" + check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null) + if [ ! -z "$check_cron" ]; then + eval $check_cron + $BIN/v-delete-cron-job admin $JOB + fi +fi + +if [ "$SOFTACULOUS" = 'yes' ]; then + exit +fi + + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Cleaning yum cache +if [ -d "/etc/sysconfig" ]; then + yum -q clean all + yum="yum -q -y --noplugins --disablerepo=* --enablerepo=vesta" +else + export DEBIAN_FRONTEND=noninteractive + apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" \ + -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -qq +fi + +# Updating php pacakge +if [ -z "$($VESTA/php/bin/php -v|grep 'PHP 5.6')" ]; then + if [ -d "/etc/sysconfig" ]; then + $yum -y update vesta-php + check_result $? "vesta-php package upgrade failed" $E_UPDATE + else + apt-get -y install vesta-php + check_result $? "vesta-php package upgrade failed" $E_UPDATE + fi +fi + +# Adding vesta-ioncube package +if [ -d "/etc/sysconfig" ]; then + rpm -q vesta-ioncube >/dev/null 2>&1 + if [ $? -ne 0 ]; then + $yum -y install vesta-ioncube >/dev/null 2>&1 + check_result $? "vesta-ioncube package installation failed" $E_UPDATE + fi +else + dpkg -l vesta-ioncube |grep ^ii >/dev/null 2>&1 + if [ $? -ne 0 ]; then + apt-get -y install vesta-ioncube >/dev/null 2>&1 + check_result $? "vesta-ioncube package installation failed" $E_UPDATE + fi +fi + +# Adding vesta-softaculous package +if [ -d "/etc/sysconfig" ]; then + rpm -q vesta-softaculous >/dev/null 2>&1 + if [ $? -ne 0 ]; then + $yum -y install vesta-softaculous >/dev/null 2>&1 + check_result $? "vesta-softaculous package installation failed" $E_UPDATE + fi +else + dpkg -l vesta-softaculous |grep ^ii >/dev/null 2>&1 + if [ $? -ne 0 ]; then + apt-get -y install vesta-softaculous >/dev/null 2>&1 + check_result $? "vesta-softaculous package installation failed" $E_UPDATE + fi +fi + +# Installing softaculous +if [ ! -e "$VESTA/softaculous/vst_installed" ]; then + mkdir -p /var/softaculous + chown -R admin:admin /var/softaculous + cd $VESTA/softaculous + wget -q http://c.vestacp.com/3rdparty/softaculous_install.inc + $VESTA/php/bin/php softaculous_install.inc + check_result $? "vesta-softaculous package installation failed" $E_UPDATE + touch $VESTA/softaculous/vst_installed +fi + +# Enabling symlink +if [ -e "$VESTA/disabled_plugins/softaculous" ]; then + if [ ! -e "$VESTA/web/softaculous" ]; then + mv $VESTA/disabled_plugins/softaculous $VESTA/web/softaculous + fi +fi + +# Updating SOFTACULOUS value +if [ -z "$(grep SOFTACULOUS $VESTA/conf/vesta.conf)" ]; then + echo "SOFTACULOUS='yes'" >> $VESTA/conf/vesta.conf +else + sed -i "s/SOFTACULOUS.*/SOFTACULOUS='yes'/g" \ + $VESTA/conf/vesta.conf +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain index 628c37572..12de353a5 100755 --- a/bin/v-add-web-domain +++ b/bin/v-add-web-domain @@ -1,27 +1,28 @@ #!/bin/bash # info: add web domain -# options: USER DOMAIN IP [RESTART] +# options: USER DOMAIN [IP] [ALIASES] [PROXY_EXTENSIONS] [RESTART] # -# The function adds virtual host to a server. In cases when a template is -# undefined in the script, the template "default" will be used. The alias of -# www.domain.tld type will be automatically assigned to the domain. If ip have -# assocated dns name, this domain will also get the alias domain-tpl.$ipname. -# An alias with the ip name is useful during the site testing while dns isn't -# moved to a server yet. +# The function adds virtual host to a server. In cases when ip is +# undefined in the script, "default" template will be used. The alias of +# www.domain.tld type will be automatically assigned to the domain unless +# "none" is transmited as argument. If ip have associated dns name, this +# domain will also get the alias domain-tpl.$ipname. An alias with the ip +# name is useful during the site testing while dns isn't moved to server yet. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition + +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | sed -e 's/\.*$//g' -e 's/^\.*//g') -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ip=$3 -restart=$4 +restart=$4 # will be moved to the end soon +aliases=$5 +proxy_ext=$6 # Includes source $VESTA/func/main.sh @@ -29,62 +30,42 @@ source $VESTA/func/domain.sh source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +format_aliases + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '3' "$#" 'USER DOMAIN IP [RESTART]' -validate_format 'user' 'domain' 'ip' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +check_args '2' "$#" 'USER DOMAIN [IP] [RESTART] [ALIASES] [PROXY_EXTENSIONS]' +is_format_valid 'user' 'domain' 'aliases' 'ip' 'proxy_ext' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" -is_domain_new 'web' -is_ip_valid -is_ip_avalable -is_package_full 'WEB_DOMAINS' - -template=$(get_user_value '$WEB_TEMPLATE') -is_web_template_valid +is_package_full 'WEB_DOMAINS' 'WEB_ALIASES' +is_domain_new 'web' "$domain,$aliases" +is_dir_symlink $HOMEDIR/$user/web +if_dir_exists $HOMEDIR/$user/web/$domain +is_dir_symlink $HOMEDIR/$user/web/$domain +if [ ! -z "$ip" ]; then + is_ip_valid "$ip" "$user" +else + get_user_ip +fi #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Define real ip in case of NAT -IP=$ip -ip=$(get_real_ip $ip) +# Reading user values +source $USER_DATA/user.conf -# Defining domain aliases -ip_name=$(get_ip_name) -ip_name_idn=$(idn -t --quiet -a "$ip_name") -domain_alias="www.$domain" -domain_alias_idn="www.$domain_idn" -if [ ! -z "$ip_name" ]; then - domain_alias_dash="${domain//./-}.$ip_name" - domain_alias_dash_idn="${domain_idn//./-}.$ip_name_idn" - aliases="$domain_alias,$domain_alias_dash" - aliases_idn="$domain_alias_idn,$domain_alias_dash_idn" - alias_string="ServerAlias $domain_alias_idn $domain_alias_dash_idn" -else - aliases="$domain_alias" - aliases_idn="$domain_alias_idn" - alias_string="ServerAlias $domain_alias_idn" -fi - -# Defining vars for add_config function -group="$user" -email="info@$domain" -docroot="$HOMEDIR/$user/web/$domain/public_html" -tpl_file="$WEBTPL/$WEB_SYSTEM/$template.tpl" -conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" - -# Adding web config -add_web_config - -# Building directory tree -mkdir -p $HOMEDIR/$user/web/$domain \ +# Creating domain directories +sudo -u $user mkdir -p $HOMEDIR/$user/web/$domain \ $HOMEDIR/$user/web/$domain/public_html \ $HOMEDIR/$user/web/$domain/public_shtml \ $HOMEDIR/$user/web/$domain/document_errors \ @@ -93,63 +74,74 @@ mkdir -p $HOMEDIR/$user/web/$domain \ $HOMEDIR/$user/web/$domain/stats \ $HOMEDIR/$user/web/$domain/logs -# Adding domain logs +# Creating domain logs touch /var/log/$WEB_SYSTEM/domains/$domain.bytes \ /var/log/$WEB_SYSTEM/domains/$domain.log \ /var/log/$WEB_SYSTEM/domains/$domain.error.log - -# Adding symlink for logs ln -f -s /var/log/$WEB_SYSTEM/domains/$domain.*log \ $HOMEDIR/$user/web/$domain/logs/ # Adding domain skeleton -if [ -e "$WEBTPL/skel/public_html/" ]; then - cp -r $WEBTPL/skel/public_html/ $HOMEDIR/$user/web/$domain/ -fi -if [ -e "$WEBTPL/skel/public_shtml/" ]; then - cp -r $WEBTPL/skel/public_shtml/ $HOMEDIR/$user/web/$domain/ -fi -if [ -e "$WEBTPL/skel/document_errors/" ]; then - cp -r $WEBTPL/skel/document_errors/ $HOMEDIR/$user/web/$domain/ -fi -if [ -e "$WEBTPL/skel/cgi-bin/" ]; then - cp -r $WEBTPL/skel/cgi-bin/ $HOMEDIR/$user/web/$domain/ -fi - -# Changing tpl values +sudo -u $user cp -r $WEBTPL/skel/* $HOMEDIR/$user/web/$domain/ >/dev/null 2>&1 for file in $(find "$HOMEDIR/$user/web/$domain/" -type f); do sed -i "s/%domain%/$domain/g" $file done -# Changing file owner +# Changing file owner & permission chown -R $user:$user $HOMEDIR/$user/web/$domain -chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* -chown root:$user $conf - -# Changing file permissions -chmod 640 $conf -chmod 551 $HOMEDIR/$user/web/$domain -chmod 751 $HOMEDIR/$user/web/$domain/private -chmod 751 $HOMEDIR/$user/web/$domain/cgi-bin -chmod 751 $HOMEDIR/$user/web/$domain/public_html -chmod 751 $HOMEDIR/$user/web/$domain/public_shtml -chmod 751 $HOMEDIR/$user/web/$domain/document_errors -chmod -f -R 665 $HOMEDIR/$user/web/$domain/cgi-bin/* -chmod -f -R 665 $HOMEDIR/$user/web/$domain/public_html/* -chmod -f -R 665 $HOMEDIR/$user/web/$domain/document_errors/* -chmod 551 $HOMEDIR/$user/web/$domain/stats -chmod 551 $HOMEDIR/$user/web/$domain/logs +chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* $conf chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.* +sudo -u $user chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/* +sudo -u $user chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs +sudo -u $user chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.* -# Running template trigger -if [ -x $WEBTPL/$WEB_SYSTEM/$template.sh ]; then - $WEBTPL/$WEB_SYSTEM/$template.sh $user $domain $ip $HOMEDIR $docroot +# Addding PHP-FPM backend +if [ ! -z "$WEB_BACKEND" ]; then + if [ -z "$BACKEND_TEMPLATE" ]; then + BACKEND_TEMPLATE='default' + if [ -z "$(grep BACKEND_TEMPLATE $USER_DATA/user.conf)" ]; then + sed -i "s/^DNS_TEMPL/BACKEND_TEMPLATE='default'\nDNS_TEMPL/g" \ + $USER_DATA/user.conf + else + update_user_value "$user" '$BACKEND_TEMPLATE' "default" + fi + fi + $BIN/v-add-web-domain-backend "$user" "$domain" $BACKEND_TEMPLATE + check_result $? "Backend error" >/dev/null fi -# Checking web config -web_conf="/etc/$WEB_SYSTEM/conf.d/vesta.conf" -if [ -z "$(grep $conf $web_conf)" ]; then - echo "Include $conf" >> $web_conf +# Preparing domain aliases +if [ "$aliases" = 'none' ]; then + ALIAS='' +else + ALIAS="www.$domain" + if [ -z "$aliases" ]; then + ALIAS="www.$domain" + else + ALIAS="$aliases" + fi + + ip_alias=$(get_ip_alias $domain) + if [ ! -z "$ip_alias" ]; then + ALIAS="$ALIAS,$ip_alias" + fi +fi + +# Preparing domain variables +prepare_web_domain_values + +# Adding web server config +add_web_config "$WEB_SYSTEM" "$WEB_TEMPLATE.tpl" + +# Adding proxy config +if [ ! -z "$PROXY_SYSTEM" ]; then + PROXY_EXT="$proxy_ext" + if [ -z "$proxy_ext" ]; then + PROXY_EXT="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls" + PROXY_EXT="$PROXY_EXT,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp" + PROXY_EXT="$PROXY_EXT,rtf,js,mp3,avi,mpeg,flv,html,htm" + fi + add_web_config "$PROXY_SYSTEM" "$PROXY_TEMPLATE.tpl" fi @@ -158,31 +150,32 @@ fi #----------------------------------------------------------# # Increasing counters -increase_ip_value "$ip" +increase_ip_value "$local_ip" increase_user_value "$user" '$U_WEB_DOMAINS' -increase_user_value "$user" '$U_WEB_ALIASES' +increase_user_value "$user" '$U_WEB_ALIASES' "$alias_number" -# Defining domain variables -str="DOMAIN='$domain' IP='$IP' IP6='' ALIAS='$aliases' TPL='$template'" -str="$str SSL='no' SSL_HOME='same' FTP_USER='' FTP_MD5=''" -str="$str PROXY='' PROXY_EXT='' STATS='' STATS_USER=''" -str="$str STATS_CRYPT='' U_DISK='0' U_BANDWIDTH='0' SUSPENDED='no'" -str="$str TIME='$TIME' DATE='$DATE'" +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) -# Registering domain -echo "$str" >> $USER_DATA/web.conf -chmod 660 $USER_DATA/web.conf +# Adding domain in web.conf +echo "DOMAIN='$domain' IP='$ip' IP6='' ALIAS='$ALIAS' TPL='$WEB_TEMPLATE'\ + SSL='no' SSL_HOME='same' LETSENCRYPT='no' FTP_USER='' FTP_MD5=''\ + BACKEND='$BACKEND_TEMPLATE' PROXY='$PROXY_TEMPLATE' PROXY_EXT='$PROXY_EXT'\ + STATS='' STATS_USER='' STATS_CRYPT='' U_DISK='0' U_BANDWIDTH='0'\ + SUSPENDED='no' TIME='$time' DATE='$date'" >> $USER_DATA/web.conf -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null + +# Restarting proxy server +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging log_history "added web domain $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-web-domain-alias b/bin/v-add-web-domain-alias index 4c935f790..e5676af4e 100755 --- a/bin/v-add-web-domain-alias +++ b/bin/v-add-web-domain-alias @@ -1,6 +1,6 @@ #!/bin/bash # info: add web domain alias -# options: USER DOMAIN ALIAS [RESTART] +# options: USER DOMAIN ALIASES [RESTART] # # The call is intended for adding aliases to a domain (it is also called # "domain parking"). The function supports wildcards *.domain.tpl. @@ -10,15 +10,11 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") -dom_alias=$(idn -t --quiet -u "$3" ) -dom_alias=$(echo $dom_alias | sed -e 's/\.*$//g' -e 's/^\.*//g') -dom_alias=$(echo $dom_alias | tr '[:upper:]' '[:lower:]') -dom_alias_idn=$(idn -t --quiet -a "$dom_alias" ) +domain=$2 +domain_idn=$2 +aliases=$3 restart="$4" # Includes @@ -27,19 +23,25 @@ source $VESTA/func/domain.sh source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? +format_aliases + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '3' "$#" 'USER DOMAIN DOM_ALIAS [RESTART]' -validate_format 'user' 'domain' 'dom_alias' +check_args '3' "$#" 'USER DOMAIN ALIASES [RESTART]' +is_format_valid 'user' 'domain' 'dom_alias' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" -is_domain_new 'web' "$dom_alias" +is_domain_new 'web' "$aliases" is_package_full 'WEB_ALIASES' @@ -49,43 +51,31 @@ is_package_full 'WEB_ALIASES' # Parsing domain values get_domain_values 'web' -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl" -conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" -ip=$(get_real_ip $IP) - -# Parsing domain aliases -if [ -z "$ALIAS" ]; then - ALIAS="$dom_alias" -else - ALIAS="$ALIAS,$dom_alias" -fi # Preparing domain values for the template substitution -upd_web_domain_values - -# Recreating vhost -del_web_config -add_web_config +local_ip=$(get_real_ip $IP) +if [ -z "$ALIAS" ]; then + ALIAS="$aliases" +else + ALIAS="$ALIAS,$aliases" +fi +prepare_web_domain_values +# Rebuilding vhost +del_web_config "$WEB_SYSTEM" "$TPL.tpl" +add_web_config "$WEB_SYSTEM" "$TPL.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - del_web_config - add_web_config + del_web_config "$WEB_SYSTEM" "$TPL.stpl" + add_web_config "$WEB_SYSTEM" "$TPL.stpl" fi -# Checking proxy -if [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - del_web_config - add_web_config - +# Rebuilding proxy configuration +if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - del_web_config - add_web_config + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.stpl" fi fi @@ -96,24 +86,18 @@ fi # Adding new alias update_object_value 'web' 'DOMAIN' "$domain" '$ALIAS' "$ALIAS" - -# Update counters increase_user_value "$user" '$U_WEB_ALIASES' -# Adding task to the vesta pipe -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting proxy server +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null -log_history "added $dom_alias as alias for $domain" -log_event "$OK" "$EVENT" + +log_history "added $aliases for $domain" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-web-domain-backend b/bin/v-add-web-domain-backend new file mode 100755 index 000000000..8cafa987f --- /dev/null +++ b/bin/v-add-web-domain-backend @@ -0,0 +1,77 @@ +#!/bin/bash +# info: add web domain backend +# options: USER DOMAIN [TEMPLATE] [RESTART] +# +# The call is used for adding web backend configuration. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +template=${3-default} +restart=$4 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN [TEMPLATE] [RESTART]' +is_system_enabled "$WEB_BACKEND" 'WEB_BACKEND' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_backend_template_valid "$template" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining pool directory +prepare_web_backend + +# Checking backend configuration +if [ -e "$pool/$backend_type.conf" ]; then + exit +fi + +# Allocating backend port +backend_port=9000 +ports=$(grep listen $pool/* 2>/dev/null |grep -o :[0-9].*) +ports=$(echo "$ports" |sed "s/://" |sort -n) +for port in $ports; do + if [ "$backend_port" -eq "$port" ]; then + backend_port=$((backend_port + 1)) + fi +done + +# Adding backend config +cat $WEBTPL/$WEB_BACKEND/$template.tpl |\ + sed -e "s|%backend_port%|$backend_port|" \ + -e "s|%user%|$user|g"\ + -e "s|%domain%|$domain|g"\ + -e "s|%backend%|$backend_type|g" > $pool/$backend_type.conf + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restart backend server +$BIN/v-restart-web-backend $restart +check_result $? "Web backend restart failed" >/dev/null + +# Logging +log_history "added $WEB_BACKEND backend configuration for $domain" +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-web-domain-ftp b/bin/v-add-web-domain-ftp index be10e90b8..089991243 100755 --- a/bin/v-add-web-domain-ftp +++ b/bin/v-add-web-domain-ftp @@ -9,12 +9,12 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ftp_user=${1}_${3} -ftp_password=$4 +password=$4; HIDE=4 ftp_path=$5 # Includes @@ -22,9 +22,10 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf -# Hiding password -A4='******' -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? #----------------------------------------------------------# @@ -32,7 +33,7 @@ EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN FTP_USER FTP_PASSWORD [FTP_PATH]' -validate_format 'user' 'domain' 'ftp_user' 'ftp_password' +is_format_valid 'user' 'domain' 'ftp_user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -41,9 +42,10 @@ is_object_unsuspended 'web' 'DOMAIN' "$domain" check_ftp_user=$(grep "^$ftp_user:" /etc/passwd) if [ ! -z "$check_ftp_user" ] && [ "$FTP_USER" != "$ftp_user" ]; then echo "Error: ftp user $ftp_user already exists" - log_event "$E_EXISTS" "$EVENT" + log_event "$E_EXISTS" "$ARGUMENTS" exit $E_EXISTS fi +is_password_valid #----------------------------------------------------------# @@ -54,12 +56,8 @@ fi get_domain_values 'web' # Defining ftp user shell -if [ -z "$FTP_SHELL" ]; then - shell='/sbin/nologin' - if [ -e "/usr/bin/rssh" ]; then - shell='/usr/bin/rssh' - fi -else +shell=$(which nologin) +if [ ! -z "$FTP_SHELL" ]; then shell=$FTP_SHELL fi @@ -71,7 +69,7 @@ else ftp_path_a=$(readlink -f "$HOMEDIR/$user/web/$domain/$ftp_path") if [ -z "$(echo $ftp_path_a |grep $HOMEDIR/$user/web/$domain)" ]; then echo "Error: absolute path $ftp_path_a is invalid" - log_event "$E_INVALID" "$EVENT" + log_event "$E_INVALID" "$ARGUMENTS" exit $E_INVALID fi # Creating ftp user home directory @@ -86,13 +84,18 @@ fi /usr/sbin/useradd $ftp_user \ -s $shell \ -o -u $(id -u $user) \ - -g $(id -u $user) \ + -g $(id -g $user) \ -M -d "$ftp_path_a" > /dev/null 2>&1 # Set ftp user password -echo "$ftp_user:$ftp_password" | /usr/sbin/chpasswd +echo "$ftp_user:$password" | /usr/sbin/chpasswd ftp_md5=$(awk -v user=$ftp_user -F : 'user == $1 {print $2}' /etc/shadow) +# Adding jailed sftp env +if [ ! -z "$SFTPJAIL_KEY" ]; then + $BIN/v-add-user-sftp-jail $ftp_user +fi + #----------------------------------------------------------# # Vesta # @@ -118,6 +121,6 @@ update_object_value 'web' 'DOMAIN' "$domain" '$FTP_PATH' "$ftp_path" # Logging log_history "added ftp account ${1}_${3}@$domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-web-domain-httpauth b/bin/v-add-web-domain-httpauth new file mode 100755 index 000000000..e99384c10 --- /dev/null +++ b/bin/v-add-web-domain-httpauth @@ -0,0 +1,115 @@ +#!/bin/bash +# info: add password protection for web domain +# options: USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART] +# +# The call is used for securing web domain with http auth + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +auth_user=$3 +password=$4; HIDE=4 +restart=${5-yes} + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + +# Defining htpasswd file +htaccess="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.conf_htaccess" +htpasswd="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.htpasswd" +shtaccess="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.$domain.conf_htaccess" +shtpasswd="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.$domain.htpasswd" +docroot="$HOMEDIR/$user/web/$domain/public_html" + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '4' "$#" 'USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" +is_password_valid +get_domain_values 'web' +if [ ! -z "$(echo "$AUTH_USER" |tr : '\n' |grep ^$auth_user$)" ]; then + echo "Error: auth user $auth_user already exists" + log_event "$E_EXISTS" "$ARGUMENTS" + exit $E_EXISTS +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Adding htaccess password protection +if [ ! -e "$htaccess" ]; then + if [ "$WEB_SYSTEM" != 'nginx' ]; then + echo "" > $htaccess + echo " AuthUserFile $htpasswd" >> $htaccess + echo " AuthName \"$domain access\"" >> $htaccess + echo " AuthType Basic" >> $htaccess + echo " Require valid-user" >> $htaccess + echo "" >> $htaccess + else + echo "auth_basic \"$domain password access\";" > $htaccess + echo "auth_basic_user_file $htpasswd;" >> $htaccess + fi + restart_required='yes' +fi + +# Adding httpasswd user +auth_hash=$($BIN/v-generate-password-hash htpasswd htpasswd $password) +touch $htpasswd +chmod 640 $htpasswd $htaccess +chgrp $user $htpasswd $htaccess +sed -i "/^$auth_user:/d" $htpasswd +echo "$auth_user:$auth_hash" >> $htpasswd + +# Symbolic link for secure web templates +if [ ! -L $shtpasswd ]; then + ln -s $htpasswd $shtpasswd +fi +if [ ! -L $shtaccess ]; then + ln -s $htaccess $shtaccess +fi + +# Restarting web server +if [ "$restart" != 'no' ] && [ "$restart_required" = 'yes' ]; then + $BIN/v-restart-web +fi + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Preparing web.conf keys +if [ ! -z "$AUTH_USER" ]; then + auth_user="$AUTH_USER:$auth_user" + auth_hash="$AUTH_HASH:$auth_hash" +else + # Adding new key into web.conf + add_object_key "web" 'DOMAIN' "$domain" 'AUTH_USER' 'U_DISK' + add_object_key "web" 'DOMAIN' "$domain" 'AUTH_HASH' 'U_DISK' +fi + +# Updating config +update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_USER' "$auth_user" +update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_HASH' "$auth_hash" + +# Logging +log_history "added http auth user $httpauth_user on $domain" +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-add-web-domain-proxy b/bin/v-add-web-domain-proxy index df6d79ebc..9bd42746d 100755 --- a/bin/v-add-web-domain-proxy +++ b/bin/v-add-web-domain-proxy @@ -10,10 +10,9 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 template=$3 default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,\ exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm" @@ -32,7 +31,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [TEMPLATE] [EXTENTIONS] [RESTART]' -validate_format 'user' 'domain' 'extentions' +is_format_valid 'user' 'domain' 'extentions' is_system_enabled "$PROXY_SYSTEM" 'PROXY_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -42,7 +41,7 @@ is_object_value_empty 'web' 'DOMAIN' "$domain" '$PROXY' if [ -z $template ]; then template=$(get_user_value '$PROXY_TEMPLATE') fi -is_proxy_template_valid +is_proxy_template_valid $template #----------------------------------------------------------# @@ -51,44 +50,16 @@ is_proxy_template_valid # Defining domain parameters get_domain_values 'web' -PROXY="$template" -PROXY_EXT="$extentions" -tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" -conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" -ip=$(get_real_ip $IP) +prepare_web_domain_values +local_ip=$(get_real_ip $IP) # Preparing domain values for the template substitution -upd_web_domain_values -add_web_config +PROXY_EXT="$extentions" +add_web_config "$PROXY_SYSTEM" "$template.tpl" -# Set permission and ownership -chown root:$user $conf -chmod 640 $conf - -# Checking proxy config -proxy_conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf" -if [ -z "$(grep "$conf" $proxy_conf)" ]; then - echo "include $conf;" >> $proxy_conf -fi - -# Checking ssl +# Adding proxy for ssl if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - add_web_config - - chown root:$user $conf - chmod 640 $conf - - proxy_conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf" - if [ -z "$(grep "$conf" $proxy_conf)" ]; then - echo "include $conf;" >> $proxy_conf - fi -fi - -# Running template trigger -if [ -x $WEBTPL/$PROXY_SYSTEM/$template.sh ]; then - $WEBTPL/$PROXY_SYSTEM/$template.sh $user $domain $ip $HOMEDIR $docroot + add_web_config "$PROXY_SYSTEM" "$template.stpl" fi @@ -97,18 +68,14 @@ fi #----------------------------------------------------------# # Update config -update_object_value 'web' 'DOMAIN' "$domain" '$PROXY' "$PROXY" +update_object_value 'web' 'DOMAIN' "$domain" '$PROXY' "$template" update_object_value 'web' 'DOMAIN' "$domain" '$PROXY_EXT' "$extentions" -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting web server +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null log_history "enabled proxy support for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl index 8a956456b..2c0f78aef 100755 --- a/bin/v-add-web-domain-ssl +++ b/bin/v-add-web-domain-ssl @@ -14,27 +14,44 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 ssl_dir=$3 ssl_home=${4-same} restart="$5" +# Additional argument formatting +if [[ "$domain" =~ [[:upper:]] ]]; then + domain=$(echo "$domain" |tr '[:upper:]' '[:lower:]') +fi +if [[ "$domain" =~ ^www\..* ]]; then + domain=$(echo "$domain" |sed -e "s/^www.//") +fi +if [[ "$domain" =~ .*\.$ ]]; then + domain=$(echo "$domain" |sed -e "s/\.$//") +fi + +domain=$(idn -t --quiet -u "$domain" ) +domain_idn=$(idn -t --quiet -a "$domain") + # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN SSL_DIR [SSL_HOME] [RESTART]' -validate_format 'user' 'domain' 'ssl_dir' +is_format_valid 'user' 'domain' 'ssl_dir' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_system_enabled "$WEB_SSL" 'SSL_SUPPORT' is_object_valid 'user' 'USER' "$user" @@ -60,22 +77,6 @@ if [ -e "$ssl_dir/$domain.ca" ]; then fi chmod 660 $USER_DATA/ssl/$domain.* -# Parsing domain values -get_domain_values 'web' -conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" -SSL_HOME="$ssl_home" -ip=$(get_real_ip $IP) - -# Preparing domain values for the template substitution -upd_web_domain_values - -# Adding domain to the web config -add_web_config - -chown root:$user $conf -chmod 640 $conf - # Adding certificate to user dir cp -f $USER_DATA/ssl/$domain.crt $HOMEDIR/$user/conf/web/ssl.$domain.crt cp -f $USER_DATA/ssl/$domain.key $HOMEDIR/$user/conf/web/ssl.$domain.key @@ -84,31 +85,20 @@ if [ -e "$USER_DATA/ssl/$domain.ca" ]; then cp -f $USER_DATA/ssl/$domain.ca $HOMEDIR/$user/conf/web/ssl.$domain.ca fi -# Running template trigger -if [ -x $WEBTPL/$WEB_SYSTEM/$template.sh ]; then - $WEBTPL/$WEB_SYSTEM/$template.sh $user $domain $ip $HOMEDIR $sdocroot -fi +# Parsing domain values +get_domain_values 'web' +local_ip=$(get_real_ip $IP) -# Checking web config -web_conf="/etc/$WEB_SYSTEM/conf.d/vesta.conf" -if [ -z "$(grep "$conf" $web_conf)" ]; then - echo "Include $conf" >> $web_conf -fi +# Preparing domain values for the template substitution +SSL_HOME="$ssl_home" +prepare_web_domain_values -# Checking proxy -if [ ! -z "$PROXY" ]; then - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - add_web_config +# Adding domain to the web config +add_web_config "$WEB_SYSTEM" "$TPL.stpl" - chown root:$user $conf - chmod 640 $conf - - # Checking proxy config - proxy_conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf" - if [ -z "$(grep "$conf" $proxy_conf )" ]; then - echo "include $conf;" >> $proxy_conf - fi +# Checking proxy config +if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + add_web_config "$PROXY_SYSTEM" "$PROXY.stpl" fi @@ -123,21 +113,44 @@ increase_user_value "$user" '$U_WEB_SSL' update_object_value 'web' 'DOMAIN' "$domain" '$SSL_HOME' "$SSL_HOME" update_object_value 'web' 'DOMAIN' "$domain" '$SSL' "yes" -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null + +# Updating system ssl dependencies +if [ ! -z "$VESTA_CERTIFICATE" ]; then + crt_user=$(echo "$VESTA_CERTIFICATE" |cut -f 1 -d :) + crt_domain=$(echo "$VESTA_CERTIFICATE" |cut -f 2 -d :) + if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then + $BIN/v-add-sys-vesta-ssl $user $domain >/dev/null 2>&1 fi fi +if [ ! -z "$MAIL_CERTIFICATE" ]; then + crt_user=$(echo "$MAIL_CERTIFICATE" |cut -f 1 -d :) + crt_domain=$(echo "$MAIL_CERTIFICATE" |cut -f 2 -d :) + if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then + $BIN/v-add-sys-mail-ssl $user $domain >/dev/null 2>&1 + fi +fi + +if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then + hostname=$(hostname) + if [ "$hostname" = "$domain" ]; then + $BIN/v-update-host-certificate $user $domain + fi +fi + +UPDATE_SSL_SCRIPT='' +source $VESTA/conf/vesta.conf +if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then + eval "$UPDATE_SSL_SCRIPT $user $domain" +fi # Logging log_history "enabled ssl support for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-add-web-domain-stats b/bin/v-add-web-domain-stats index 8ee057618..8da1451f8 100755 --- a/bin/v-add-web-domain-stats +++ b/bin/v-add-web-domain-stats @@ -13,10 +13,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 type=$3 # Includes @@ -24,13 +24,17 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN TYPE' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_type_valid "$STATS_SYSTEM" "$type" is_object_valid 'user' 'USER' "$user" "$user" @@ -47,10 +51,8 @@ is_object_value_empty 'web' 'DOMAIN' "$domain" '$STATS' # Parse aliases get_domain_values 'web' -# Preparing domain values for the template substitution -upd_web_domain_values - # Adding statistic config +prepare_web_domain_values cat $WEBTPL/$type/$type.tpl |\ sed -e "s|%ip%|$ip|g" \ -e "s|%web_port%|$WEB_PORT|g" \ @@ -90,7 +92,7 @@ update_object_value 'web' 'DOMAIN' "$domain" '$STATS' "$type" # Logging log_history "enabled web log analyzer for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" # Build stats exec $BIN/v-update-web-domain-stat $user $domain diff --git a/bin/v-add-web-domain-stats-user b/bin/v-add-web-domain-stats-user index 423ff7133..1de3ba590 100755 --- a/bin/v-add-web-domain-stats-user +++ b/bin/v-add-web-domain-stats-user @@ -1,6 +1,6 @@ #!/bin/bash # info: add password protection to web domain statistics -# options: USER DOMAIN STATS_USER STATS_PASSWORD +# options: USER DOMAIN STATS_USER STATS_PASSWORD [RESTART] # # The call is used for securing the web statistics page. @@ -9,52 +9,57 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) +domain=$2 stats_user=$3 -stats_pass=$4 +password=$4; HIDE=4 +restart=$5 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf -# Hiding password -A4='******' -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" - #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '4' "$#" 'USER DOMAIN STATS_USER STATS_PASS' -validate_format 'user' 'domain' 'stats_user' 'stats_pass' +check_args '4' "$#" 'USER DOMAIN STATS_USER STATS_PASS [RESTART]' +is_format_valid 'user' 'domain' 'stats_user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" +is_password_valid #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Definining statistic dir +# Defining statistic dir stats_dir="$HOMEDIR/$user/web/$domain/stats" +conf_dir="$HOMEDIR/$user/conf/web" # Adding htaccess file -echo "AuthUserFile $stats_dir/.htpasswd -AuthName \"Web Statistics\" -AuthType Basic -Require valid-user" > $stats_dir/.htaccess +if [ "$WEB_SYSTEM" = 'nginx' ]; then + echo "auth_basic \"Web Statistics\";" > $conf_dir/$domain.auth + echo "auth_basic_user_file $stats_dir/.htpasswd;" >> $conf_dir/$domain.auth +else + echo "AuthUserFile $stats_dir/.htpasswd" > $stats_dir/.htaccess + echo "AuthName \"Web Statistics\"" >> $stats_dir/.htaccess + echo "AuthType Basic" >> $stats_dir/.htaccess + echo "Require valid-user" >> $stats_dir/.htaccess +fi # Generating htaccess user and password -rm -f $stats_dir/.htpasswd -htpasswd -bc $stats_dir/.htpasswd "$stats_user" "$stats_pass" &>/dev/null -stats_crypt=$(grep $stats_user: $stats_dir/.htpasswd |cut -f 2 -d :) +salt=$(generate_password "$PW_MATRIX" "8") +stats_pass=$($BIN/v-generate-password-hash md5 $salt $password) +echo "$stats_user:$stats_pass" > $stats_dir/.htpasswd + #----------------------------------------------------------# # Vesta # @@ -62,10 +67,16 @@ stats_crypt=$(grep $stats_user: $stats_dir/.htpasswd |cut -f 2 -d :) # Adding stats user in config update_object_value 'web' 'DOMAIN' "$domain" '$STATS_USER' "$stats_user" -update_object_value 'web' 'DOMAIN' "$domain" '$STATS_CRYPT' "$stats_crypt" +update_object_value 'web' 'DOMAIN' "$domain" '$STATS_CRYPT' "$stats_pass" + +# Restarting web server +if [ "$WEB_SYSTEM" = 'nginx' ]; then + $BIN/v-restart-web $restart + check_result $? "Web restart failed" >/dev/null +fi # Logging log_history "added password protection for web stats on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-backup-user b/bin/v-backup-user index e25bd1665..4bb857eaf 100755 --- a/bin/v-backup-user +++ b/bin/v-backup-user @@ -12,7 +12,7 @@ # Importing system variables source /etc/profile -# Argument defenition +# Argument definition user=$1 notify=${2-no} @@ -28,7 +28,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [NOTIFY]' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$BACKUP_SYSTEM" 'BACKUP_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -41,7 +41,7 @@ is_backup_enabled # Set backup directory if undefined if [ -z "$BACKUP" ]; then - BACKUP=/home/backup + BACKUP=/backup fi mkdir -p $BACKUP @@ -49,79 +49,67 @@ mkdir -p $BACKUP start_time=$(date '+%s') # Set notification email and subject -if [ "$notify" != 'no' ]; then - subj="$user → backup failed" - email=$(get_user_value '$CONTACT') -else - subj="$user → backup failed" - email=$(grep CONTACT $VESTA/data/users/admin/user.conf | cut -f 2 -d \') -fi -send_mail="$VESTA/web/inc/mail-wrapper.php" +subj="$user → backup failed" +email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f 2 -d \') -# Check load average -la=$(cat /proc/loadavg | cut -f 1 -d ' ' | cut -f 1 -d '.') +# Checking load average +la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.') i=0 while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do - echo "$(date "+%F %T") LoadAverage $la is above threshold. Sleeping..." - sleep 120 - if [ "$i" -ge "5" ]; then - mail_top=$(top -b| head -n 30) - mail_text="LoadAverage $i is above threshold\n\n$mail_top\n" - echo -e "$mail_text" | $send_mail -s "$subj" $email - echo "Error: LA is too high" + echo -e "$(date "+%F %T") Load Average $la" + sleep 60 + if [ "$i" -ge "15" ]; then + la_error="LoadAverage $la is above threshold" + echo "$la_error" |$SENDMAIL -s "$subj" $email $notify sed -i "/ $user /d" $VESTA/data/queue/backup.pipe - log_event "$E_LA" "$EVENT" - exit $E_LA + check_result $E_LA "$la_error" fi - la=$(cat /proc/loadavg | cut -f 1 -d ' ' | cut -f 1 -d '.') + la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.') (( ++i)) done +if [ -z "$BACKUP_TEMP" ]; then + BACKUP_TEMP=$BACKUP +fi + # Creating temporary directory -tmpdir=$(mktemp -p $BACKUP -d) +tmpdir=$(mktemp -p $BACKUP_TEMP -d) + if [ "$?" -ne 0 ]; then - echo "Can't create tmp dir $tmpdir" | $send_mail -s "$subj" $email - echo "Error: can't create tmp dir" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + echo "Can't create tmp dir $tmpdir" |$SENDMAIL -s "$subj" $email $notify + check_result $E_NOTEXIST "can't create tmp dir" fi # Backup sys configs -echo -e "-- SYSTEM --" -msg="-- SYSTEM --" +echo "-- SYSTEM --" |tee $BACKUP/$user.log mkdir $tmpdir/vesta -echo -e "$(date "+%F %T") $user.conf" -msg="$msg\n$(date "+%F %T") $user.conf" +echo -e "$(date "+%F %T") $user.conf" |tee -a $BACKUP/$user.log cp -r $USER_DATA/user.conf $tmpdir/vesta/ +cp -r $USER_DATA/ssl $tmpdir/vesta/ if [ -e "$USER_DATA/stats.log" ]; then - echo -e "$(date "+%F %T") stats.log" - msg="$msg\n$(date "+%F %T") stats.log" + echo -e "$(date "+%F %T") stats.log" |tee -a $BACKUP/$user.log cp -r $USER_DATA/stats.log $tmpdir/vesta/ fi if [ -e "$USER_DATA/history.log" ]; then - echo -e "$(date "+%F %T") history.log" - msg="$msg\n$(date "+%F %T") history.log" + echo -e "$(date "+%F %T") history.log" |tee -a $BACKUP/$user.log cp -r $USER_DATA/history.log $tmpdir/vesta/ fi if [ -e "$USER_DATA/backup-excludes.conf" ]; then - echo -e "$(date "+%F %T") backup-excludes.conf" - msg="$msg\n$(date "+%F %T") backup-excludes.conf" + echo -e "$(date "+%F %T") backup-excludes.conf" |tee -a $BACKUP/$user.log cp -r $USER_DATA/backup-excludes.conf $tmpdir/vesta/ fi # Backup PAM mkdir $tmpdir/pam -echo -e "$(date "+%F %T") pam" -msg="$msg\n$(date "+%F %T") pam" +echo -e "$(date "+%F %T") pam" |tee -a $BACKUP/$user.log grep "^$user:" /etc/passwd > $tmpdir/pam/passwd grep "^$user:" /etc/shadow > $tmpdir/pam/shadow grep "^$user:" /etc/group > $tmpdir/pam/group echo -msg="$msg\n" # Parsing excludes if [ -e "$USER_DATA/backup-excludes.conf" ]; then @@ -130,34 +118,32 @@ fi # WEB domains if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then - echo "-- WEB --" - msg="$msg\n-- WEB --" + echo -e "\n-- WEB --" |tee -a $BACKUP/$user.log mkdir $tmpdir/web/ # Parsing domain exclusions conf="$USER_DATA/web.conf" for domain in $(search_objects 'web' 'SUSPENDED' "*" 'DOMAIN'); do - check_exl=$(echo -e "${WEB//,/\n}" |grep "^$domain$") - if [ -z "$check_exl" ]; then + exclusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain$") + if [ -z "$exclusion" ]; then web_list="$web_list $domain" else - echo "$(date "+%F %T") excluding $domain" - msg="$msg\n$(date "+%F %T") excluding $domain" + echo "$(date "+%F %T") excluding $domain"|tee -a $BACKUP/$user.log fi done - web_list=$(echo "$web_list" | sed -e "s/ */\ /g" -e "s/^ //") + web_list=$(echo "$web_list" |sed -e "s/ */\ /g" -e "s/^ //") i=0 for domain in $web_list; do ((i ++)) - echo -e "$(date "+%F %T") $domain" - msg="$msg\n$(date "+%F %T") $domain" + echo -e "$(date "+%F %T") $domain" |tee -a $BACKUP/$user.log mkdir -p $tmpdir/web/$domain/conf mkdir -p $tmpdir/web/$domain/vesta # Get domain variables - domain_idn=$(idn -t --quiet -a "$domain") + domain_idn=$domain + format_domain_idn get_domain_values 'web' # Backup web.conf @@ -166,36 +152,60 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then grep "DOMAIN='$domain'" $conf > vesta/web.conf # Backup vhost config - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl" - conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" - get_web_config_brds - sed -n "$top_line,$bottom_line p" $conf > conf/$WEB_SYSTEM.conf + conf=$HOMEDIR/$user/conf/web/$domain.$WEB_SYSTEM.conf + if [ -e "$conf" ]; then + cp $conf conf/$WEB_SYSTEM.conf + else + # old style configs + tpl_file="$WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/$TPL.tpl" + conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" + get_web_config_lines $tpl_file $conf + sed -n "$top_line,$bottom_line p" $conf > conf/$WEB_SYSTEM.conf + fi # Backup ssl vhost if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - get_web_config_brds - sed -n "$top_line,$bottom_line p" $conf > conf/s$WEB_SYSTEM.conf + conf=$HOMEDIR/$user/conf/web/$domain.$WEB_SYSTEM.ssl.conf + if [ -e "$conf" ]; then + cp $conf conf/$WEB_SYSTEM.ssl.conf + else + tpl_file="$WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/$TPL.stpl" + conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" + get_web_config_lines $tpl_file $conf + sed -n "$top_line,$bottom_line p" $conf > \ + conf/s$WEB_SYSTEM.conf + fi fi # Backup proxy config - if [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - get_web_config_brds - sed -n "$top_line,$bottom_line p" $conf > conf/$PROXY_SYSTEM.conf + if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + conf=$HOMEDIR/$user/conf/web/$domain.$PROXY_SYSTEM.conf + if [ -e "$conf" ]; then + cp $conf conf/$PROXY_SYSTEM.conf + else + tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" + conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" + get_web_config_lines $tpl_file $conf + sed -n "$top_line,$bottom_line p" $conf > \ + conf/$PROXY_SYSTEM.conf + fi fi # Backup ssl proxy config - if [ ! -z "$PROXY" ] && [ "$SSL" = 'yes' ] ; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - get_web_config_brds - sed -n "$top_line,$bottom_line p" $conf > conf/s$PROXY_SYSTEM.conf + if [ ! -z "$PROXY_SYSTEM" ] && [ "$SSL" = 'yes' ]; then + conf=$HOMEDIR/$user/conf/web/$domain.$PROXY_SYSTEM.ssl.conf + if [ -e "$conf" ]; then + cp $conf conf/$PROXY_SYSTEM.ssl.conf + else + tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" + conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" + get_web_config_lines $tpl_file $conf + sed -n "$top_line,$bottom_line p" $conf >\ + conf/s$PROXY_SYSTEM.conf + fi fi - # Backup custom config + # Backup custom config / backup LE config for sconfig in $(ls $HOMEDIR/$user/conf/web/|grep ".$domain.conf"); do cp $HOMEDIR/$user/conf/web/$sconfig conf/ done @@ -206,74 +216,63 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then cp $USER_DATA/ssl/$domain.* vesta/ fi + # Changin dir to documentroot + cd $HOMEDIR/$user/web/$domain + # Define exclude arguments + exlusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain:") set -f fargs=() - fargs+=(-not) - fargs+=(-path) - fargs+=("./logs*") - check_exlusion=$(echo -e "${WEB//,/\n}" | grep "^$domain:") - if [ ! -z "$check_exlusion" ]; then - xdirs="$(echo -e "${check_exlusion//:/\n}" |grep -v $domain)" + fargs+=(--exclude='./logs/*') + if [ ! -z "$exlusion" ]; then + xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)" for xpath in $xdirs; do - xpath="$(echo $xpath | sed -e 's/\/*$//' -e 's/^\/*//')" - fargs+=(-not) - fargs+=(-path) - fargs+=("./$xpath/*") - echo "$(date "+%F %T") excluding directory $xpath" - msg="$msg\n$(date "+%F %T") excluding directory $xpath" + if [ -d "$xpath" ]; then + fargs+=(--exclude=$xpath/*) + echo "$(date "+%F %T") excluding directory $xpath" + msg="$msg\n$(date "+%F %T") excluding directory $xpath" + else + echo "$(date "+%F %T") excluding file $xpath" + msg="$msg\n$(date "+%F %T") excluding file $xpath" + fargs+=(--exclude=$xpath) + fi done fi + set +f # Backup files - cd $HOMEDIR/$user/web/$domain - find . ${fargs[@]} -type f -print0 |\ - tar -cpf $tmpdir/web/$domain/domain_data.tar --null -T - - - # Backup empty folders - find . ${fargs[@]} -type d -empty -print0 |\ - tar -rpf $tmpdir/web/$domain/domain_data.tar --null -T - - - # Compress archive - gzip -$BACKUP_GZIP $tmpdir/web/$domain/domain_data.tar - set +f + tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz done # Print total if [ "$i" -eq 1 ]; then - echo -e "$(date "+%F %T") *** $i domain ***" - msg="$msg\n$(date "+%F %T") *** $i domain ***" + echo -e "$(date "+%F %T") *** $i domain ***" |tee -a $BACKUP/$user.log else - echo -e "$(date "+%F %T") *** $i domains ***" - msg="$msg\n$(date "+%F %T") *** $i domains ***" + echo -e "$(date "+%F %T") *** $i domains ***"|tee -a $BACKUP/$user.log fi - echo - msg="$msg\n" fi # DNS domains if [ ! -z "$DNS_SYSTEM" ] && [ "$DNS" != '*' ]; then - echo "-- DNS --" - msg="$msg\n-- DNS --" + echo -e "\n-- DNS --" |tee -a $BACKUP/$user.log mkdir $tmpdir/dns/ # Parsing domain exclusions for domain in $(search_objects 'dns' 'SUSPENDED' "*" 'DOMAIN'); do - check_exl=$(echo -e "${DNS//,/\n}" |grep "^$domain$") - if [ -z "$check_exl" ]; then + exclusion=$(echo "$DNS" |tr ',' '\n' |grep "^$domain$") + if [ -z "$exclusion" ]; then dns_list="$dns_list $domain" else echo "$(date "+%F %T") excluding $domain" msg="$msg\n$(date "+%F %T") excluding $domain" fi done - dns_list=$(echo "$dns_list" | sed -e "s/ */\ /g" -e "s/^ //") + dns_list=$(echo "$dns_list" |sed -e "s/ */\ /g" -e "s/^ //") i=0 for domain in $dns_list; do ((i ++)) - echo -e "$(date "+%F %T") $domain" - msg="$msg\n$(date "+%F %T") $domain" + echo -e "$(date "+%F %T") $domain" |tee -a $BACKUP/$user.log # Building directory tree mkdir -p $tmpdir/dns/$domain/conf @@ -293,43 +292,37 @@ if [ ! -z "$DNS_SYSTEM" ] && [ "$DNS" != '*' ]; then # Print total if [ "$i" -eq 1 ]; then - echo -e "$(date "+%F %T") *** $i domain ***" - msg="$msg\n$(date "+%F %T") *** $i domain ***" + echo -e "$(date "+%F %T") *** $i domain ***" |tee -a $BACKUP/$user.log else - echo -e "$(date "+%F %T") *** $i domains ***" - msg="$msg\n$(date "+%F %T") *** $i domains ***" + echo -e "$(date "+%F %T") *** $i domains ***"|tee -a $BACKUP/$user.log fi - echo - msg="$msg\n" fi # Mail domains if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL" != '*' ]; then - echo "-- MAIL --" - msg="$msg\n-- MAIL --" + echo -e "\n-- MAIL --" |tee -a $BACKUP/$user.log mkdir $tmpdir/mail/ # Parsing domain exclusions conf="$USER_DATA/mail.conf" for domain in $(search_objects 'mail' 'SUSPENDED' "*" 'DOMAIN'); do - check_exl=$(echo -e "${MAIL//,/\n}" |grep "^$domain$") + check_exl=$(echo "$MAIL" |tr ',' '\n' |grep "^$domain$") if [ -z "$check_exl" ]; then mail_list="$mail_list $domain" else - echo "$(date "+%F %T") excluding $domain" - msg="$msg\n$(date "+%F %T") excluding $domain" + echo "$(date "+%F %T") excluding $domain"|tee -a $BACKUP/$user.log fi done - mail_list=$(echo "$mail_list" | sed -e "s/ */\ /g" -e "s/^ //") + mail_list=$(echo "$mail_list" |sed -e "s/ */\ /g" -e "s/^ //") i=0 for domain in $mail_list; do ((i ++)) - echo -e "$(date "+%F %T") $domain" - msg="$msg\n$(date "+%F %T") $domain" + echo -e "$(date "+%F %T") $domain" |tee -a $BACKUP/$user.log mkdir -p $tmpdir/mail/$domain/conf mkdir -p $tmpdir/mail/$domain/vesta - domain_idn=$(idn -t --quiet -a "$domain") + domain_idn=$domain + format_domain_idn # Backup exim config if [[ "$MAIL_SYSTEM" =~ exim ]]; then @@ -347,68 +340,59 @@ if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL" != '*' ]; then # Backup emails cd $HOMEDIR/$user/mail/$domain_idn + accounts=() for account in $(ls); do - exclusion=$(echo -e "${MAIL//,/\n}" |grep "$domain:") - exclusion=$(echo -e "${exclusion//:/\n}" |grep "^$account$") + exclusion=$(echo "$MAIL" |tr ',' '\n' |grep "$domain:") + exclusion=$(echo "$exclusion" |tr ':' '\n' |grep "^$account$") # Checking exlusions if [ -z "$exclusion" ] && [[ "$MAIL_SYSTEM" =~ exim ]]; then - echo "$(date "+%F %T") + $account@$domain" - msg="$msg\n$(date "+%F %T") + $account@$domain" - touch $tmpdir/mail/$domain/accounts.tar - tar -rpf $tmpdir/mail/$domain/accounts.tar $account + accounts+=($account) else - echo "$(date "+%F %T") excluding account $account" - msg="$msg\n$(date "+%F %T") excluding account $account" + echo "$(date "+%F %T") excluding mail account $account" |\ + tee -a $BACKUP/$user.log fi done # Compress archive - if [ -e "$tmpdir/mail/$domain/accounts.tar" ]; then - gzip -$BACKUP_GZIP $tmpdir/mail/$domain/accounts.tar + if [ ${#accounts[@]} -gt 0 ]; then + tar -cpf- ${accounts[@]} |gzip -$BACKUP_GZIP - > $tmpdir/mail/$domain/accounts.tar.gz fi done # Print total if [ "$i" -eq 1 ]; then - echo -e "$(date "+%F %T") *** $i domain ***" - msg="$msg\n$(date "+%F %T") *** $i domain ***" + echo -e "$(date "+%F %T") *** $i domain ***" |tee -a $BACKUP/$user.log else - echo -e "$(date "+%F %T") *** $i domains ***" - msg="$msg\n$(date "+%F %T") *** $i domains ***" + echo -e "$(date "+%F %T") *** $i domains ***"|tee -a $BACKUP/$user.log fi - echo - msg="$msg\n" fi # Databases if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then - echo "-- DB --" - msg="$msg\n-- DB --" + echo -e "\n-- DB --" |tee -a $BACKUP/$user.log mkdir $tmpdir/db/ # Parsing database exclusions for database in $(search_objects 'db' 'SUSPENDED' "*" 'DB'); do - check_exl=$(echo -e "${DB//,/\n}" |grep "^$database$") - if [ -z "$check_exl" ]; then + exclusion=$(echo "$DB" |tr ',' '\n' |grep "^$database$") + if [ -z "$exclusion" ]; then db_list="$db_list $database" else - echo "$(date "+%F %T") excluding $database" - msg="$msg\n$(date "+%F %T") excluding $database" + echo "$(date "+%F %T") excluding $database" |\ + tee -a $BACKUP/$user.log fi done i=0 conf="$USER_DATA/db.conf" - db_list=$(echo "$db_list" | sed -e "s/ */\ /g" -e "s/^ //") + db_list=$(echo "$db_list" |sed -e "s/ */\ /g" -e "s/^ //") for database in $db_list; do ((i ++)) get_database_values - echo -e "$(date "+%F %T") $database ($TYPE)" - msg="$msg\n$(date "+%F %T") $database ($TYPE)" - + echo -e "$(date "+%F %T") $database ($TYPE)" |tee -a $BACKUP/$user.log mkdir -p $tmpdir/db/$database/conf mkdir -p $tmpdir/db/$database/vesta @@ -416,32 +400,32 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then grep "DB='$database'" $conf > vesta/db.conf dump="$tmpdir/db/$database/$database.$TYPE.sql" + dumpgz="$tmpdir/db/$database/$database.$TYPE.sql.gz" grants="$tmpdir/db/$database/conf/$database.$TYPE.$DBUSER" - case $TYPE in - mysql) dump_mysql_database ;; - pgsql) dump_pgsql_database ;; - esac + if [ ! -f "$dumpgz" ]; then + case $TYPE in + mysql) dump_mysql_database ;; + pgsql) dump_pgsql_database ;; + esac - # Compress dump - gzip -$BACKUP_GZIP $dump + # Compress dump + gzip -$BACKUP_GZIP $dump + fi done # Print total if [ "$i" -eq 1 ]; then - echo -e "$(date "+%F %T") *** $i database ***" - msg="$msg\n$(date "+%F %T") *** $i database ***" + echo -e "$(date "+%F %T") *** $i database ***" |\ + tee -a $BACKUP/$user.log else - echo -e "$(date "+%F %T") *** $i databases ***" - msg="$msg\n$(date "+%F %T") *** $i databases ***" + echo -e "$(date "+%F %T") *** $i databases ***"|\ + tee -a $BACKUP/$user.log fi - echo - msg="$msg\n" fi # Cron jobs if [ ! -z "$CRON_SYSTEM" ] && [ "$CRON" != '*' ]; then - echo "-- CRON --" - msg="$msg\n-- CRON --" + echo -e "\n-- CRON --" |tee -a $BACKUP/$user.log mkdir $tmpdir/cron/ # Backup cron.conf @@ -455,20 +439,17 @@ if [ ! -z "$CRON_SYSTEM" ] && [ "$CRON" != '*' ]; then # Print total if [ "$cron_record" -eq 1 ]; then - echo -e "$(date "+%F %T") *** $cron_record job ***" - msg="$msg\n$(date "+%F %T") *** $cron_record job ***" + echo -e "$(date "+%F %T") *** $cron_record job ***" |\ + tee -a $BACKUP/$user.log else - echo -e "$(date "+%F %T") *** $cron_record jobs ***" - msg="$msg\n$(date "+%F %T") *** $cron_record jobs ***" + echo -e "$(date "+%F %T") *** $cron_record jobs ***" |\ + tee -a $BACKUP/$user.log fi - echo - msg="$msg\n" fi # User Directories if [ "$USER" != '*' ]; then - echo "-- User Dir --" - msg="$msg\n-- User Dir --" + echo -e "\n-- User Dir --" |tee -a $BACKUP/$user.log mkdir $tmpdir/user_dir cd $HOMEDIR/$user @@ -477,116 +458,102 @@ if [ "$USER" != '*' ]; then if [ -e "$USER_DATA/backup-excludes.conf" ]; then source $USER_DATA/backup-excludes.conf fi - exlusion_list=$(echo -e "${USER//,/\n}") fargs=() - for xpath in $exlusion_list; do - fargs+=(-not) - fargs+=(-path) - fargs+=("./$xpath*") - echo "$(date "+%F %T") excluding directory $xpath" - msg="$msg\n$(date "+%F %T") excluding directory $xpath" + for xpath in $(echo "$USER" |tr ',' '\n'); do + if [ -d "$xpath" ]; then + fargs+=(--exclude=$xpath/*) + echo "$(date "+%F %T") excluding directory $xpath" |\ + tee -a $BACKUP/$user.log + else + echo "$(date "+%F %T") excluding file $xpath" |\ + tee -a $BACKUP/$user.log + fargs+=(--exclude=$xpath) + fi done + IFS=$'\n' set -f i=0 - for udir in $(ls |egrep -v "conf|web|dns|mail"); do - check_exl=$(echo -e "${USER//,/\n}" |grep "^$udir$") - if [ -z "$check_exl" ]; then + + for udir in $(ls -a |egrep -v "^conf$|^web$|^dns$|^mail$|^\.\.$|^\.$"); do + exclusion=$(echo "$USER" |tr ',' '\n' |grep "^$udir$") + if [ -z "$exclusion" ]; then ((i ++)) - udir_list="$udir_list $udir" - echo -e "$(date "+%F %T") adding directory $udir" - msg="$msg\n$(date "+%F %T") adding directory $udir" + udir_str=$(echo "$udir" |sed -e "s|'|\\\'|g") + udir_list="$udir_list $udir_str" + echo -e "$(date "+%F %T") adding $udir" |tee -a $BACKUP/$user.log - # Backup files - find ./$udir ${fargs[@]} -type f -print0 |\ - tar -cpf $tmpdir/user_dir/$udir.tar --null -T - - - # Backup empty folders - find ./$udir ${fargs[@]} -type d -empty -print0 |\ - tar -rpf $tmpdir/user_dir/$udir.tar --null -T - - - # Compress arhive - gzip -$BACKUP_GZIP $tmpdir/user_dir/$udir.tar + # Backup files and dirs + tar --anchored -cpf- ${fargs[@]} $udir |gzip -$BACKUP_GZIP - > $tmpdir/user_dir/$udir.tar.gz fi done set +f - udir_list=$(echo "$udir_list" | sed -e "s/ */\ /g" -e "s/^ //") + udir_list=$(echo "$udir_list" |sed -e "s/ */\ /g" -e "s/^ //") # Print total if [ "$i" -eq 1 ]; then - echo -e "$(date "+%F %T") *** $i user directory ***" - msg="$msg\n$(date "+%F %T") *** $i directory ***" + echo -e "$(date "+%F %T") *** $i user directory ***" |\ + tee -a $BACKUP/$user.log else - echo -e "$(date "+%F %T") *** $i directories ***" - msg="$msg\n$(date "+%F %T") *** $i directories ***" + echo -e "$(date "+%F %T") *** $i directories ***" |\ + tee -a $BACKUP/$user.log fi - echo - msg="$msg\n" fi # Get backup size -size="$(du -shm $tmpdir | cut -f 1)" +size="$(du -shm $tmpdir |cut -f 1)" # Get current time end_time=$(date '+%s') -DATE=$(date +%F) -TIME=$(date +%T) - +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) +backup_new_date=$(date +"%Y-%m-%d_%H-%M-%S") # Defining local storage function local_backup(){ - # Removing dublicate for this day - if [ -e "$BACKUP/$user.$DATE.tar" ]; then - deprecated="$DATE" - rm -f $BACKUP/$user.$DATE.tar - fi + + rm -f $BACKUP/$user.$backup_new_date.tar # Checking retention - backup_list=$(ls -lrt $BACKUP/ | awk '{print $9}' |grep "^$user\.") - backups_count=$(echo "$backup_list" | wc -l) + backup_list=$(ls -lrt $BACKUP/ |awk '{print $9}' |grep "^$user\." | grep ".tar") + backups_count=$(echo "$backup_list" |wc -l) if [ "$BACKUPS" -le "$backups_count" ]; then - backups_rm_number=$((backups_count - BACKUPS)) - (( ++backups_rm_number)) + backups_rm_number=$((backups_count - BACKUPS + 1)) - for backup in $(echo "$backup_list" | head -n $backups_rm_number); do - # Removing old backup - backup_date=$(echo $backup | sed -e "s/$user.//" -e "s/.tar$//") - deprecated="$deprecated $backup_date" - echo -e "$(date "+%F %T") Roated: $backup_date" - msg="$msg\n$(date "+%F %T") Rotated: $backup_date" + # Removing old backup + for backup in $(echo "$backup_list" |head -n $backups_rm_number); do + backup_date=$(echo $backup |sed -e "s/$user.//" -e "s/.tar$//") + echo -e "$(date "+%F %T") Rotated: $backup_date" |\ + tee -a $BACKUP/$user.log rm -f $BACKUP/$backup done fi # Checking disk space disk_usage=$(df $BACKUP |tail -n1 |tr ' ' '\n' |grep % |cut -f 1 -d %) - if [ "$disk_usage" -ge "$BACKUP_DISK_LIMIT" ]; then rm -rf $tmpdir - echo "Not enough disk space to run backup" |\ - $send_mail -s "$subj" $email - echo "Error: Not enough disk space" + rm -f $BACKUP/$user.log sed -i "/ $user /d" $VESTA/data/queue/backup.pipe - log_event "$E_DISK" "$EVENT" - exit $E_DISK + echo "Not enough disk space" |$SENDMAIL -s "$subj" $email $notify + check_result "$E_DISK" "Not enough dsk space" fi # Creating final tarball cd $tmpdir - tar -cf $BACKUP/$user.$DATE.tar . - chmod 640 $BACKUP/$user.$DATE.tar - chown admin:$user $BACKUP/$user.$DATE.tar + tar -cf $BACKUP/$user.$backup_new_date.tar . + chmod 640 $BACKUP/$user.$backup_new_date.tar + chown admin:$user $BACKUP/$user.$backup_new_date.tar localbackup='yes' - echo -e "$(date "+%F %T") Local: $BACKUP/$user.$DATE.tar" - msg="$msg\n$(date "+%F %T") Local: $BACKUP/$user.$DATE.tar" - U_BACKUPS=$(ls $BACKUP/ | grep "^$user." | wc -l) - update_user_value "$user" '$U_BACKUPS' "$U_BACKUPS" + echo -e "$(date "+%F %T") Local: $BACKUP/$user.$backup_new_date.tar" |\ + tee -a $BACKUP/$user.log } # Defining ftp command function ftpc() { - /usr/bin/ftp -n $HOST $PORT < /dev/null 2>&1 - ftmpdir="$BPATH/vst.bK76A9SUkt" + if [ -z $BPATH ]; then + ftmpdir="vst.bK76A9SUkt" + else + ftpc "mkdir $BPATH" > /dev/null 2>&1 + ftmpdir="$BPATH/vst.bK76A9SUkt" + fi ftpc "mkdir $ftmpdir" "rm $ftmpdir" ftp_result=$(ftpc "mkdir $ftmpdir" "rm $ftmpdir" |grep -v Trying) if [ ! -z "$ftp_result" ] ; then + error="Can't create ftp backup folder ftp://$HOST$BPATH" rm -rf $tmpdir - echo "Can't create ftp backup folder" |\ - $send_mail -s "$subj" $email - echo "Error: cant's create ftp folder" + rm -f $BACKUP/$user.log + echo "$error" |$SENDMAIL -s "$subj" $email $notify sed -i "/ $user /d" $VESTA/data/queue/backup.pipe - log_event "$E_FTP" "$EVENT" - exit $E_FTP + check_result "$E_FTP" "$error" fi # Checking retention - backup_list=$(ftpc "cd $BPATH" "ls" |awk '{print $9}' |grep "^$user\.") - backups_count=$(echo "$backup_list" | wc -l) + if [ -z $BPATH ]; then + backup_list=$(ftpc "ls" |awk '{print $9}' |grep "^$user\.") + else + backup_list=$(ftpc "cd $BPATH" "ls" |awk '{print $9}' |grep "^$user\.") + fi + backups_count=$(echo "$backup_list" |wc -l) if [ "$backups_count" -ge "$BACKUPS" ]; then backups_rm_number=$((backups_count - BACKUPS + 1)) - for backup in $(echo "$backup_list" | head -n $backups_rm_number); do - backup_date=$(echo $backup | sed -e "s/$user.//" -e "s/.tar$//") - deprecated="$deprecated $backup" - echo -e "$(date "+%F %T") Roated ftp backup: $backup_date" - msg="$msg\n$(date "+%F %T") Roated ftp backup: $backup_date" - ftpc "cd $BPATH" "delete $backup" + for backup in $(echo "$backup_list" |head -n $backups_rm_number); do + backup_date=$(echo $backup |sed -e "s/$user.//" -e "s/.tar$//") + echo -e "$(date "+%F %T") Rotated ftp backup: $backup_date" |\ + tee -a $BACKUP/$user.log + if [ -z $BPATH ]; then + ftpc "delete $backup" + else + ftpc "cd $BPATH" "delete $backup" + fi done fi # Uploading backup archive if [ "$localbackup" = 'yes' ]; then cd $BACKUP - ftpc "cd $BPATH" "put $user.$DATE.tar" + if [ -z $BPATH ]; then + ftpc "put $user.$backup_new_date.tar" + else + ftpc "cd $BPATH" "put $user.$backup_new_date.tar" + fi else cd $tmpdir - tar -cf $BACKUP/$user.$DATE.tar . + tar -cf $BACKUP/$user.$backup_new_date.tar . cd $BACKUP/ - ftpc "cd $BPATH" "put $user.$DATE.tar" - rm -f $user.$DATE.tar + if [ -z $BPATH ]; then + ftpc "put $user.$backup_new_date.tar" + else + ftpc "cd $BPATH" "put $user.$backup_new_date.tar" + fi + rm -f $user.$backup_new_date.tar fi } -echo "-- SUMMARY --" -msg="$msg\n-- SUMMARY --" +# sftp command function +sftpc() { + expect -f "-" <" { + if {\$count < \$argc} { + set arg [lindex \$argv \$count] + send "\$arg\r" + incr count + } else { + send "exit\r" + set output "Disconnected." + if {[info exists rc] != 1} { + set rc $OK + } + } + exp_continue + } + + timeout { + set output "Connection timeout." + set rc $E_CONNECT + } + } + + if {[info exists output] == 1} { + puts "\$output" + } + + exit \$rc +EOF +} + +sftp_backup() { + + # Checking config + if [ ! -e "$VESTA/conf/sftp.backup.conf" ]; then + error="Can't open sftp.backup.conf" + rm -rf $tmpdir + rm -f $BACKUP/$user.log + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_NOTEXIST" "$error" + fi + + # Parse config + source $VESTA/conf/sftp.backup.conf + + # Set default port + if [ -z "$(grep 'PORT=' $VESTA/conf/sftp.backup.conf)" ]; then + PORT='22' + fi + + # Checking variables + if [ -z "$HOST" ] || [ -z "$USERNAME" ] || [ -z "$PASSWORD" ]; then + error="Can't parse sftp backup configuration" + rm -rf $tmpdir + rm -f $BACKUP/$user.log + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" + fi + + # Debug info + echo -e "$(date "+%F %T") Remote: sftp://$HOST/$BPATH/$user.$backup_new_date.tar" |\ + tee -a $BACKUP/$user.log + + # Checking network connection and write permissions + if [ -z $BPATH ]; then + sftmpdir="vst.bK76A9SUkt" + else + sftmpdir="$BPATH/vst.bK76A9SUkt" + fi + sftpc "mkdir $BPATH" > /dev/null 2>&1 + sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1 + rc=$? + if [[ "$rc" != 0 ]]; then + case $rc in + $E_CONNECT) error="Can't login to sftp host $HOST" ;; + $E_FTP) error="Can't create temp folder on sftp $HOST" ;; + esac + rm -rf $tmpdir + rm -f $BACKUP/$user.log + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$rc" "$error" + fi + + # Checking retention + if [ -z $BPATH ]; then + backup_list=$(sftpc "ls -l" |awk '{print $9}'|grep "^$user\.") + else + backup_list=$(sftpc "cd $BPATH" "ls -l" |awk '{print $9}'|grep "^$user\.") + fi + backups_count=$(echo "$backup_list" |wc -l) + if [ "$backups_count" -ge "$BACKUPS" ]; then + backups_rm_number=$((backups_count - BACKUPS + 1)) + for backup in $(echo "$backup_list" |head -n $backups_rm_number); do + backup_date=$(echo $backup |sed -e "s/$user.//" -e "s/.tar.*$//") + echo -e "$(date "+%F %T") Rotated sftp backup: $backup_date" |\ + tee -a $BACKUP/$user.log + if [ -z $BPATH ]; then + sftpc "rm $backup" > /dev/null 2>&1 + else + sftpc "cd $BPATH" "rm $backup" > /dev/null 2>&1 + fi + done + fi + + # Uploading backup archive + echo "$(date "+%F %T") Uploading $user.$backup_new_date.tar"|tee -a $BACKUP/$user.log + if [ "$localbackup" = 'yes' ]; then + cd $BACKUP + if [ -z $BPATH ]; then + sftpc "put $user.$backup_new_date.tar" "chmod 0600 $user.$backup_new_date.tar" > /dev/null 2>&1 + else + sftpc "cd $BPATH" "put $user.$backup_new_date.tar" "chmod 0600 $user.$backup_new_date.tar" > /dev/null 2>&1 + fi + else + cd $tmpdir + tar -cf $BACKUP/$user.$backup_new_date.tar . + cd $BACKUP/ + if [ -z $BPATH ]; then + sftpc "put $user.$backup_new_date.tar" "chmod 0600 $user.$backup_new_date.tar" > /dev/null 2>&1 + else + sftpc "cd $BPATH" "put $user.$backup_new_date.tar" "chmod 0600 $user.$backup_new_date.tar" > /dev/null 2>&1 + fi + rm -f $user.$backup_new_date.tar + fi +} + +google_backup() { + + # Defining google settings + source $VESTA/conf/google.backup.conf + gsutil="$VESTA/3rdparty/gsutil/gsutil" + export BOTO_CONFIG="$VESTA/conf/.google.backup.boto" + + # Debug info + echo -e "$(date "+%F %T") Remote: gs://$BUCKET/$BPATH/$user.$backup_new_date.tar" + + # Checking retention + backup_list=$(${gsutil} ls gs://$BUCKET/$BPATH/$user.* 2>/dev/null) + backups_count=$(echo "$backup_list" |wc -l) + if [ "$backups_count" -ge "$BACKUPS" ]; then + backups_rm_number=$((backups_count - BACKUPS)) + for backup in $(echo "$backup_list" |head -n $backups_rm_number); do + echo -e "$(date "+%F %T") Rotated gcp backup: $backup" + $gsutil rm $backup > /dev/null 2>&1 + done + fi + + # Uploading backup archive + echo -e "$(date "+%F %T") Uploading $user.$backup_new_date.tar ..." + if [ "$localbackup" = 'yes' ]; then + cd $BACKUP + ${gsutil} cp $user.$backup_new_date.tar gs://$BUCKET/$BPATH/ > /dev/null 2>&1 + else + cd $tmpdir + tar -cf $BACKUP/$user.$backup_new_date.tar . + cd $BACKUP/ + ${gsutil} cp $user.$backup_new_date.tar gs://$BUCKET/$BPATH/ > /dev/null 2>&1 + rc=$? + rm -f $user.$backup_new_date.tar + if [ "$rc" -ne 0 ]; then + check_result "$E_CONNECT" "gsutil failed to upload $user.$backup_new_date.tar" + fi + fi +} + + +echo -e "\n-- SUMMARY --" |tee -a $BACKUP/$user.log # Switching on backup system types -for backup_type in $(echo -e "${BACKUP_SYSTEM//,/\n}"); do +for backup_type in $(echo -e "${BACKUP_SYSTEM//,/\\n}"); do case $backup_type in local) local_backup ;; ftp) ftp_backup ;; + sftp) sftp_backup ;; + google) google_backup ;; esac done # Removing tmpdir -cd / rm -rf $tmpdir # Calculation run time @@ -713,30 +887,25 @@ current_time=$(date "+%T") if [ "$run_time" -lt 1 ]; then run_time=1 fi -min=miutes +min=minutes if [ "$run_time" -eq 1 ]; then min=minute fi -echo "$(date "+%F %T") Size: $size Mb" -msg="$msg\n$(date "+%F %T") Size: $size Mb" -echo "$(date "+%F %T") Runtime: $run_time $min" -msg="$msg\n$(date "+%F %T") Runtime: $run_time $min" +echo "$(date "+%F %T") Size: $size MB" |tee -a $BACKUP/$user.log +echo "$(date "+%F %T") Runtime: $run_time $min" |tee -a $BACKUP/$user.log #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# -# Deleting old backup records -for backup_record in $deprecated; do - if [ -e "$USER_DATA/backup.conf" ]; then - sed -i "/DATE='$backup_record/d" $USER_DATA/backup.conf - fi -done +# Removing duplicate +touch $USER_DATA/backup.conf +sed -i "/$user.$backup_new_date.tar/d" $USER_DATA/backup.conf -# Concatenating string -backup_str="BACKUP='$user.$DATE.tar'" +# Registering new backup +backup_str="BACKUP='$user.$backup_new_date.tar'" backup_str="$backup_str TYPE='$BACKUP_SYSTEM' SIZE='$size'" backup_str="$backup_str WEB='${web_list// /,}'" backup_str="$backup_str DNS='${dns_list// /,}'" @@ -744,21 +913,30 @@ backup_str="$backup_str MAIL='${mail_list// /,}'" backup_str="$backup_str DB='${db_list// /,}'" backup_str="$backup_str CRON='$cron_list'" backup_str="$backup_str UDIR='${udir_list// /,}'" -backup_str="$backup_str RUNTIME='$run_time' TIME='$TIME' DATE='$DATE'" +backup_str="$backup_str RUNTIME='$run_time' TIME='$time' DATE='$date'" echo "$backup_str" >> $USER_DATA/backup.conf + +# Removing old backups +tail -n $BACKUPS $USER_DATA/backup.conf > $USER_DATA/backup.conf_ +mv -f $USER_DATA/backup.conf_ $USER_DATA/backup.conf chmod 660 $USER_DATA/backup.conf -# Clean backup queue +# Deleting task from queue sed -i "/v-backup-user $user /d" $VESTA/data/queue/backup.pipe +U_BACKUPS=$(grep BACKUP $USER_DATA/backup.conf |wc -l) +update_user_value "$user" '$U_BACKUPS' "$U_BACKUPS" + # Send notification -if [ "$notify" != 'no' ]; then +if [ -e "$BACKUP/$user.log" ]; then + cd $BACKUP subj="$user → backup has been completed" email=$(get_user_value '$CONTACT') - echo -e "$msg" | $send_mail -s "$subj" $email + cat $BACKUP/$user.log |$SENDMAIL -s "$subj" $email $notify + rm $BACKUP/$user.log fi # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-backup-users b/bin/v-backup-users index f368259b5..bbabf3dbc 100755 --- a/bin/v-backup-users +++ b/bin/v-backup-users @@ -9,8 +9,8 @@ # Variable&Function # #----------------------------------------------------------# -# Importing system enviroment as we run this script -# mostly by cron wich not read it by itself +# Importing system environment as we run this script +# mostly by cron which not read it by itself source /etc/profile # Includes @@ -22,7 +22,15 @@ source $VESTA/conf/vesta.conf # Action # #----------------------------------------------------------# -for user in $(ls $VESTA/data/users); do +$BIN/v-check-vesta-license >/dev/null + +if [ -z "$BACKUP_SYSTEM" ]; then + exit +fi +for user in $(grep '@' /etc/passwd |cut -f1 -d:); do + if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then + continue; + fi check_suspend=$(grep "SUSPENDED='no'" $VESTA/data/users/$user/user.conf) log=$VESTA/log/backup.log if [ ! -z "$check_suspend" ]; then @@ -39,6 +47,6 @@ done #----------------------------------------------------------# # No Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-cron-job b/bin/v-change-cron-job index 5f2f48534..7a30a2585 100755 --- a/bin/v-change-cron-job +++ b/bin/v-change-cron-job @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 job=$2 min=$3 @@ -30,21 +30,27 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '7' "$#" 'USER JOB MIN HOUR DAY MONTH WDAY COMMAND' -validate_format 'user' 'job' 'min' 'hour' 'day' 'month' 'wday' 'command' +is_format_valid 'user' 'job' 'min' 'hour' 'day' 'month' 'wday' 'command' is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'cron' 'JOB' "$job" +is_object_unsuspended 'cron' 'JOB' "$job" #----------------------------------------------------------# # Action # #----------------------------------------------------------# +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Concatenating cron string command=$(echo $command | sed -e "s/'/%quote%/g") str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'" -str="$str CMD='$command' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" +str="$str CMD='$command' SUSPENDED='no' TIME='$time' DATE='$date'" # Deleting old job sed -i "/JOB='$job' /d" $USER_DATA/cron.conf @@ -63,14 +69,12 @@ sync_cron_jobs # Vesta # #----------------------------------------------------------# -# Restart crond +# Restarting crond $BIN/v-restart-cron -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +check_result $? "Cron restart failed" >/dev/null # Logging log_history "changed cron job $job" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-database-host-password b/bin/v-change-database-host-password new file mode 100755 index 000000000..a55a86bcd --- /dev/null +++ b/bin/v-change-database-host-password @@ -0,0 +1,68 @@ +#!/bin/bash +# info: change database server password +# options: TYPE HOST USER PASSWORD +# +# The function changes database server password. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +type=$1 +host=$2 +dbuser=$3 +password=$4; HIDE=4 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/db.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +args_usage='TYPE HOST DBUSER DBPASS' +check_args '4' "$#" "$args_usage" +is_format_valid 'host' 'dbuser' +is_object_valid "../../conf/$type" 'HOST' "$host" +dbpass="$password" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Define email +email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f2 -d \') +subj="v-change-database-host-password $*" + +case $type in + mysql) mysql_connect $host; + query="USE mysql; UPDATE user SET" + query="$query password=PASSWORD('$dbpass')" + query="$query WHERE User='$dbuser';" + query="$query FLUSH PRIVILEGES;" + mysql_query "$query" ; + if [ "$dbuser" == "root" ]; then + echo -e "[client]\npassword='$dbpass'\n" > /root/.my.cnf + chmod 600 /root/.my.cnf + fi;; + pgsql) echo "TBD" >/dev/null;; +esac + +update_object_value "../../conf/$type" 'HOST' "$host" '$USER' "$dbuser" +update_object_value "../../conf/$type" 'HOST' "$host" '$PASSWORD' "$dbpass" + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-change-database-owner b/bin/v-change-database-owner index 660edf3d0..d84d8eb2d 100755 --- a/bin/v-change-database-owner +++ b/bin/v-change-database-owner @@ -1,5 +1,5 @@ #!/bin/bash -# info: change database password +# info: change database owner # options: DATABASE USER # # The function for changing database owner. @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition database=$1 user=$2 @@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'DATABASE USER' -validate_format 'database' 'user' +is_format_valid 'database' 'user' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -34,7 +34,7 @@ is_object_unsuspended 'user' 'USER' "$user" owner=$(echo $database | cut -f 1 -d '_') if [ ! -e "$VESTA/data/users/$owner" ]; then echo "Error: database owner doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" + log_event "$E_NOTEXIST" "$ARGUMENTS" exit $E_NOTEXIST fi @@ -47,7 +47,7 @@ fi db_data=$(grep "DB='$database'" $VESTA/data/users/$owner/db.conf) if [ -z "$db_data" ]; then echo "Error: database $database doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" + log_event "$E_NOTEXIST" "$ARGUMENTS" exit $E_NOTEXIST fi @@ -56,7 +56,7 @@ new_db=$(echo $database | sed "s/^${owner}_/${user}_/") check_db=$(grep "DB='$new_db'" $VESTA/data/users/$user/db.conf) if [ ! -z "$check_db" ]; then echo "Error: $new_db database exists" - log_event "$E_EXISTS" "$EVENT" + log_event "$E_EXISTS" "$ARGUMENTS" exit $E_EXISTS fi @@ -69,7 +69,7 @@ fi tmpdir=$(mktemp -p $BACKUP -d) if [ "$?" -ne 0 ]; then echo "Error: can't create $tmpdir" - log_event "$E_NOTEXIST" "$EVENT" + log_event "$E_NOTEXIST" "$ARGUMENTS" exit $E_NOTEXIST fi @@ -80,7 +80,6 @@ $BIN/v-suspend-database $owner $database > /dev/null 2>&1 eval $db_data dump="$tmpdir/$database.$TYPE.sql" grants="$tmpdir/$database.$TYPE.$DBUSER" -send_mail='/bin/true' case $TYPE in mysql) dump_mysql_database ;; pgsql) dump_pgsql_database ;; @@ -120,6 +119,6 @@ $BIN/v-update-user-counters $user #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-database-password b/bin/v-change-database-password index 2272d8f69..b911747c9 100755 --- a/bin/v-change-database-password +++ b/bin/v-change-database-password @@ -10,33 +10,30 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 database=$2 -dbpass=$3 +password=$3; HIDE=3 # Includes source $VESTA/func/main.sh source $VESTA/func/db.sh source $VESTA/conf/vesta.conf -# Hiding password -A3='******' -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" - #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DATABASE DBPASS' -validate_format 'user' 'database' 'dbpass' +is_format_valid 'user' 'database' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'db' 'DB' "$database" is_object_unsuspended 'db' 'DB' "$database" - +is_password_valid +dbpass="$password" #----------------------------------------------------------# # Action # @@ -59,6 +56,6 @@ update_object_value 'db' 'DB' "$database" '$MD5' "$md5" # Logging log_history "changed $database database password" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-database-user b/bin/v-change-database-user index 8b859d23b..752a79327 100755 --- a/bin/v-change-database-user +++ b/bin/v-change-database-user @@ -9,11 +9,11 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 database=$2 dbuser="$user"_"$3" -dbpass=$4 +password=$4; HIDE=4 # Includes source $VESTA/func/main.sh @@ -21,25 +21,25 @@ source $VESTA/func/db.sh source $VESTA/func/rebuild.sh source $VESTA/conf/vesta.conf -# Hiding password -A4='******' -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" - #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DATABASE DBUSER [DBPASS]' -validate_format 'user' 'database' 'dbuser' -if [ ! -z "$dbpass" ]; then - validate_format 'dbpass' -fi +is_format_valid 'user' 'database' 'dbuser' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'db' 'DB' "$database" is_object_unsuspended 'db' 'DB' "$database" +is_password_valid +dbpass="$password" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# # Compare old and new user old_dbuser=$(get_object_value 'db' 'DB' "$database" '$DBUSER') @@ -47,11 +47,6 @@ if [ "$old_dbuser" = "$dbuser" ]; then exit fi - -#----------------------------------------------------------# -# Action # -#----------------------------------------------------------# - # Set new dbuser update_object_value 'db' 'DB' "$database" '$DBUSER' "$dbuser" @@ -91,6 +86,6 @@ fi # Logging log_history "changed $database database user to $dbuser" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-dns-domain-exp b/bin/v-change-dns-domain-exp index 4d5bc5824..23abb6f4d 100755 --- a/bin/v-change-dns-domain-exp +++ b/bin/v-change-dns-domain-exp @@ -1,5 +1,5 @@ #!/bin/bash -# info: change dns domain expiriation date +# info: change dns domain expiration date # options: USER DOMAIN EXP # # The function of changing the term of expiration domain's registration. The @@ -10,23 +10,28 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 exp=$3 # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN EXP' -validate_format 'user' 'domain' 'exp' +is_format_valid 'user' 'domain' 'exp' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -57,7 +62,7 @@ fi #----------------------------------------------------------# # Logging -log_history "changed whois expiriation date for $domain" -log_event "$OK" "$EVENT" +log_history "changed whois expiration date for $domain" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-dns-domain-ip b/bin/v-change-dns-domain-ip index f587a4746..175268e37 100755 --- a/bin/v-change-dns-domain-ip +++ b/bin/v-change-dns-domain-ip @@ -9,10 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ip=$3 restart=$4 @@ -21,13 +21,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN IP' -validate_format 'user' 'domain' 'ip' +is_format_valid 'user' 'domain' 'ip' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -51,6 +56,7 @@ sed -i "s/$old/$ip/g" $USER_DATA/dns/$domain.conf # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -59,7 +65,7 @@ if [ ! -z "$DNS_CLUSTER" ]; then # Check for first sync dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe) if [ -z "$dlock" ]; then - cmd="$BIN/v-add-remote-dns-domain $user $domain domain" + cmd="$BIN/v-add-remote-dns-domain $user $domain domain yes" echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe fi fi @@ -69,16 +75,12 @@ fi # Vesta # #----------------------------------------------------------# -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "DNS restart failed" >/dev/null # Logging log_history "changed dns ip for $domain to $ip" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-dns-domain-soa b/bin/v-change-dns-domain-soa index 0e454e681..8bb213708 100755 --- a/bin/v-change-dns-domain-soa +++ b/bin/v-change-dns-domain-soa @@ -10,10 +10,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 soa=$(echo $3 | sed -e 's/\.*$//g' -e 's/^\.*//g') restart=$4 @@ -22,13 +22,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN SOA' -validate_format 'user' 'domain' 'soa' +is_format_valid 'user' 'domain' 'soa' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -45,6 +50,7 @@ update_object_value 'dns' 'DOMAIN' "$domain" '$SOA' "$soa" # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -63,16 +69,12 @@ fi # Vesta # #----------------------------------------------------------# -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "DNS restart failed" >/dev/null # Logging log_history "changed soa record for $domain to $soa" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-dns-domain-tpl b/bin/v-change-dns-domain-tpl index 255c0a365..7f4d17b1f 100755 --- a/bin/v-change-dns-domain-tpl +++ b/bin/v-change-dns-domain-tpl @@ -11,10 +11,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 template=$3 restart=$4 @@ -23,19 +23,23 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN TEMPLATE [RESTART]' -validate_format 'user' 'domain' 'template' +is_format_valid 'user' 'domain' 'template' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" is_object_unsuspended 'dns' 'DOMAIN' "$domain" -is_dns_template_valid +is_dns_template_valid "$template" #----------------------------------------------------------# @@ -43,8 +47,7 @@ is_dns_template_valid #----------------------------------------------------------# # Defining variables -ip=$(get_object_value 'dns' 'DOMAIN' "$domain" '$IP') - +get_domain_values 'dns' i=1 ns=$(get_user_value '$NS') for nameserver in ${ns//,/ };do @@ -52,21 +55,49 @@ for nameserver in ${ns//,/ };do (( ++i)) done +# Reading template +template_data=$(cat $DNSTPL/$template.tpl) + +# Deleting unused nameservers +if [ -z "$ns3" ]; then + template_data=$(echo "$template_data" |grep -v %ns3%) +fi +if [ -z "$ns4" ]; then + template_data=$(echo "$template_data" |grep -v %ns4%) +fi +if [ -z "$ns5" ]; then + template_data=$(echo "$template_data" |grep -v %ns5%) +fi +if [ -z "$ns6" ]; then + template_data=$(echo "$template_data" |grep -v %ns6%) +fi +if [ -z "$ns7" ]; then + template_data=$(echo "$template_data" |grep -v %ns7%) +fi +if [ -z "$ns8" ]; then + template_data=$(echo "$template_data" |grep -v %ns8%) +fi + # Changing tpl -cat $DNSTPL/$template.tpl |\ - sed -e "s/%ip%/$ip/g" \ +echo "$template_data" |\ + sed -e "s/%ip%/$IP/g" \ -e "s/%domain_idn%/$domain_idn/g" \ -e "s/%domain%/$domain/g" \ -e "s/%ns1%/$ns1/g" \ -e "s/%ns2%/$ns2/g" \ -e "s/%ns3%/$ns3/g" \ -e "s/%ns4%/$ns4/g" \ + -e "s/%ns5%/$ns5/g" \ + -e "s/%ns6%/$ns6/g" \ + -e "s/%ns7%/$ns7/g" \ + -e "s/%ns8%/$ns8/g" \ -e "s/%time%/$TIME/g" \ -e "s/%date%/$DATE/g" > $USER_DATA/dns/$domain.conf records="$(wc -l $USER_DATA/dns/$domain.conf |cut -f 1 -d ' ')" # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -89,16 +120,12 @@ fi update_object_value 'dns' 'DOMAIN' "$domain" '$TPL' "$template" update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records" -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "DNS restart failed" >/dev/null # Logging log_history "changed dns template for $domain to $template" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-dns-domain-ttl b/bin/v-change-dns-domain-ttl index 3f1bf5ff2..c2e29553c 100755 --- a/bin/v-change-dns-domain-ttl +++ b/bin/v-change-dns-domain-ttl @@ -2,17 +2,17 @@ # info: change dns domain ttl # options: USER DOMAIN TTL # -# The function for chaning the time to live TTL parameter for all records. +# The function for changing the time to live TTL parameter for all records. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ttl=$3 restart=$4 @@ -21,13 +21,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN TTL' -validate_format 'user' 'domain' 'ttl' +is_format_valid 'user' 'domain' 'ttl' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -44,6 +49,7 @@ update_object_value 'dns' 'DOMAIN' "$domain" '$TTL' "$ttl" # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -62,16 +68,12 @@ fi # Vesta # #----------------------------------------------------------# -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "DNS restart failed" >/dev/null # Logging log_history "changed TTL for $domain to $ttl" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-dns-record b/bin/v-change-dns-record index 5fe16a07b..12f2454bd 100755 --- a/bin/v-change-dns-record +++ b/bin/v-change-dns-record @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 id=$3 dvalue=$(idn -t --quiet -u "$4" ) priority=$5 @@ -24,13 +23,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ID VALUE [PRIORITY] [RESTART]' -validate_format 'user' 'domain' 'id' 'dvalue' +is_format_valid 'user' 'domain' 'id' 'dvalue' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -67,9 +71,14 @@ is_dns_nameserver_valid "$domain" "$TYPE" "$dvalue" # Deleting old record sed -i "/^ID='$id'/d" $USER_DATA/dns/$domain.conf +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Adding record dns_rec="ID='$id' RECORD='$RECORD' TYPE='$TYPE' PRIORITY='$priority'" -dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" +dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$time' DATE='$date'" echo "$dns_rec" >> $USER_DATA/dns/$domain.conf # Sorting records @@ -77,6 +86,7 @@ sort_dns_records # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -95,16 +105,12 @@ fi # Vesta # #----------------------------------------------------------# -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "DNS restart failed" >/dev/null # Logging log_history "changed dns record on $domain to $dvalue" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-dns-record-id b/bin/v-change-dns-record-id index c9e128bd8..90ca28aee 100755 --- a/bin/v-change-dns-record-id +++ b/bin/v-change-dns-record-id @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 id=$3 newid=$4 restart=$5 @@ -23,13 +22,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ID NEWID [RESTART]' -validate_format 'user' 'domain' 'id' 'newid' +is_format_valid 'user' 'domain' 'id' 'newid' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -51,6 +55,7 @@ sort_dns_records # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -69,16 +74,12 @@ fi # Vesta # #----------------------------------------------------------# -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "DNS restart failed" >/dev/null # Logging log_history "changed dns record id on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-domain-owner b/bin/v-change-domain-owner index ef0464861..8f2673073 100755 --- a/bin/v-change-domain-owner +++ b/bin/v-change-domain-owner @@ -1,6 +1,6 @@ #!/bin/bash -# info: change ip owner -# options: DOMAIN USER [IP] +# info: change domain owner +# options: DOMAIN USER # # The function of changing domain ownership. @@ -9,10 +9,9 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition domain=$1 user=$2 -ip=$3 # Includes source $VESTA/func/ip.sh @@ -24,20 +23,13 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# -check_args '2' "$#" 'DOMAIN USER [IP]' -validate_format 'domain' 'user' +check_args '2' "$#" 'DOMAIN USER' +is_format_valid 'domain' 'user' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" -if [ ! -z "$ip" ]; then - is_ip_valid - is_ip_avalable -fi - -owner=$(v-search-domain-owner $domain) +owner=$($BIN/v-search-domain-owner $domain) if [ -z "$owner" ]; then - echo "Error: domain $domain doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + check_result $E_NOTEXIST "domain $domain doesn't exist" fi if [ "$owner" = "$user" ]; then exit @@ -156,6 +148,18 @@ if [ ! -z "$mail_data" ]; then $BIN/v-unsuspend-mail-domain $user $domain no >> /dev/null 2>&1 $BIN/v-rebuild-mail-domains $owner no $BIN/v-rebuild-mail-domains $user + + # Checking exim username for later chowning + exim_user="exim"; + check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd) + if [ "$check_exim_username" -eq 1 ]; then + exim_user="Debian-exim" + fi + # Chowning mail conf files to exim user + if [ -d "$HOMEDIR/$user/conf/mail/$domain" ]; then + find $HOMEDIR/$user/conf/mail/$domain -user root \ + -exec chown $exim_user {} \; + fi fi # Update counters @@ -168,6 +172,6 @@ $BIN/v-update-user-counters $user #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-firewall-rule b/bin/v-change-firewall-rule index e7fa16380..d2502bce7 100755 --- a/bin/v-change-firewall-rule +++ b/bin/v-change-firewall-rule @@ -13,7 +13,7 @@ # Importing system variables source /etc/profile -# Argument defenition +# Argument definition rule=$1 action=$(echo $2|tr '[:lower:]' '[:upper:]') ip=$3 @@ -40,9 +40,9 @@ sort_fw_rules() { #----------------------------------------------------------# check_args '5' "$#" 'RULE ACTION IP PORT [PROTOCOL] [COMMENT]' -validate_format 'rule' 'action' 'protocol' 'port_ext' 'ip' +is_format_valid 'rule' 'action' 'protocol' 'port_ext' 'ip' if [ ! -z "$comment" ]; then - validate_format 'comment' + is_format_valid 'comment' fi is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' is_object_valid '../../data/firewall/rules' 'RULE' "$rule" @@ -52,10 +52,15 @@ is_object_valid '../../data/firewall/rules' 'RULE' "$rule" # Action # #----------------------------------------------------------# +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Concatenating firewall rule str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'" str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'" -str="$str TIME='$TIME' DATE='$DATE'" +str="$str TIME='$time' DATE='$date'" # Deleting old rule sed -i "/RULE='$rule' /d" $VESTA/data/firewall/rules.conf @@ -75,6 +80,6 @@ $BIN/v-update-firewall #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-fs-file-permission b/bin/v-change-fs-file-permission new file mode 100755 index 000000000..3e6ae6b54 --- /dev/null +++ b/bin/v-change-fs-file-permission @@ -0,0 +1,51 @@ +#!/bin/bash +# info: change file permission +# options: USER FILE PERMISSIONS +# +# The function changes file access permissions on the file system + +user=$1 +src_file=$2 +permissions=$3 + +# Checking arguments +if [ -z "$permissions" ]; then + echo "Usage: USER FILE PERMISSIONS" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking source file +if [ ! -fe "$src_file" ]; then + echo "Error: source file doesn't exist $src_file" + exit 3 +fi + +# Checking source path +rpath=$(readlink -f "$src_file") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid source path $src_file" + exit 2 +fi + +# Changing file permissions +sudo -u $user chmod -R $permissions "$src_file" >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: access permission on $src_file was not changed" + exit 3 +fi + +# Exiting +exit \ No newline at end of file diff --git a/bin/v-change-mail-account-password b/bin/v-change-mail-account-password index 896e5539f..5c01ffbd8 100755 --- a/bin/v-change-mail-account-password +++ b/bin/v-change-mail-account-password @@ -9,22 +9,22 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 -password=$4 +password=$4; HIDE=4 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf -# Hiding password -A4='******' -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? #----------------------------------------------------------# @@ -32,7 +32,7 @@ EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ACCOUNT PASSWORD' -validate_format 'user' 'domain' 'account' 'password' +is_format_valid 'user' 'domain' 'account' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -40,21 +40,23 @@ is_object_valid 'mail' 'DOMAIN' "$domain" is_object_unsuspended 'mail' 'DOMAIN' "$domain" is_object_valid "mail/$domain" 'ACCOUNT' "$account" is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" +is_password_valid #----------------------------------------------------------# # Action # #----------------------------------------------------------# -if [ -x '/usr/bin/doveadm' ]; then - md5=$(/usr/bin/doveadm pw -s md5 -p "$password") -else - md5=$(/usr/sbin/dovecotpw -s md5 -p "$password") -fi +# Generating hashed password +salt=$(generate_password "$PW_MATRIX" "8") +md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)" if [[ "$MAIL_SYSTEM" =~ exim ]]; then + quota=$(grep $account $VESTA/data/users/${user}/mail/${domain}.conf) + quota=$(echo $quota | awk '{ print $7 }' | sed -e "s/'//g" ) + quota=$(echo $quota | cut -d "=" -f 2 | sed -e "s/unlimited/0/g") sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd - str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota" + str="$account:$md5:$user:mail::$HOMEDIR/$user:${quota}M" echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd fi @@ -68,6 +70,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5' "$md5" # Logging log_history "changed password for $account@$domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-mail-account-quota b/bin/v-change-mail-account-quota index 84a65c263..842169494 100755 --- a/bin/v-change-mail-account-quota +++ b/bin/v-change-mail-account-quota @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 quota=$4 @@ -22,13 +21,21 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ACCOUNT QUOTA' -validate_format 'user' 'domain' 'account' 'quota' +is_format_valid 'user' 'domain' 'account' +if [ "$quota" != 'unlimited' ]; then + is_format_valid 'quota' +fi is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -44,6 +51,9 @@ is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5') if [[ "$MAIL_SYSTEM" =~ exim ]]; then + if [ "$quota" = 'unlimited' ]; then + quota=0 + fi sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota" echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd @@ -54,11 +64,15 @@ fi # Vesta # #----------------------------------------------------------# +if [[ "$quota" -eq 0 ]]; then + quota='unlimited' +fi + # Update quota update_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA' "$quota" # Logging log_history "changed mail quota for $account@$domain to $quota" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-mail-domain-catchall b/bin/v-change-mail-domain-catchall index fa3c2a1cf..080e6a10c 100755 --- a/bin/v-change-mail-domain-catchall +++ b/bin/v-change-mail-domain-catchall @@ -2,32 +2,35 @@ # info: change mail domain catchall email # options: USER DOMAIN EMAIL # -# The function changes mail domain cathcall. +# The function changes mail domain catchall. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") -email="$3" +domain=$2 +domain_idn=$2 +email=$3 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN EMAIL' -validate_format 'user' 'domain' 'email' +is_format_valid 'user' 'domain' 'email' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -41,8 +44,8 @@ is_object_unsuspended 'mail' 'DOMAIN' "$domain" # Change cathcall alias if [[ "$MAIL_SYSTEM" =~ exim ]]; then - sed -i "/*@$domain:/d" $HOMEDIR/$user/conf/mail/$domain/aliases - echo "*@$domain:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases + sed -i "/*@$domain_idn:/d" $HOMEDIR/$user/conf/mail/$domain/aliases + echo "*@$domain_idn:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases fi @@ -53,9 +56,8 @@ fi # Change catchall in config update_object_value 'mail' 'DOMAIN' "$domain" '$CATCHALL' "$email" - # Logging log_history "changed catchall email for $domain to $email" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-remote-dns-domain-exp b/bin/v-change-remote-dns-domain-exp index 9cd4a37bd..0bb4685dd 100755 --- a/bin/v-change-remote-dns-domain-exp +++ b/bin/v-change-remote-dns-domain-exp @@ -1,5 +1,5 @@ #!/bin/bash -# info: change remote dns domain expiriation date +# info: change remote dns domain expiration date # options: USER DOMAIN # # The function synchronize dns domain with the remote server. @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 @@ -24,83 +24,41 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" - -if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then - echo "Error: dns-cluster.conf doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST -fi - -number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l) -if [ "$number_of_proc" -gt 2 ]; then - echo "Error: another sync process already exists" - log_event "$E_EXISTS $EVENT" - exit $E_EXISTS -fi +is_procces_running +remote_dns_health_check #----------------------------------------------------------# # Action # #----------------------------------------------------------# -old_ifs="$IFS" IFS=$'\n' +for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do -# Check remote dns nodes -remote_dns_health_check + # Parsing remote host parameters + eval $cluster -for cluster_str in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do - - # Get host values - eval $cluster_str - - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' - fi - - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - - # Check dns exceptions - if [ -z "$DNS_CLUSTER_IGNORE" ]; then - DNS_CLUSTER_IGNORE='dns-cluster' - fi - - # Sync domain + # Syncing domain str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) - eval $str - $send_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'scheduled' - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi + cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'no' + check_result $? "$HOST connection failed (exp insert)" $E_CONNECT done -# Update pipe -pipe="$VESTA/data/queue/dns-cluster.pipe" -str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) -if [ ! -z "$str" ]; then - sed -i "$str d" $pipe -fi - #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Updating pipe +pipe="$VESTA/data/queue/dns-cluster.pipe" +str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) +if [ ! -z "$str" ]; then + sed -i "$str d" $pipe +fi + exit diff --git a/bin/v-change-remote-dns-domain-soa b/bin/v-change-remote-dns-domain-soa index 596954a77..c522b4312 100755 --- a/bin/v-change-remote-dns-domain-soa +++ b/bin/v-change-remote-dns-domain-soa @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 @@ -24,86 +24,45 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" - -if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then - echo "Error: dns-cluster.conf doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST -fi - -number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l) -if [ "$number_of_proc" -gt 2 ]; then - echo "Error: another sync process already exists" - log_event "$E_EXISTS $EVENT" - exit $E_EXISTS -fi +is_procces_running +remote_dns_health_check #----------------------------------------------------------# # Action # #----------------------------------------------------------# -old_ifs="$IFS" IFS=$'\n' +for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do -# Check remote dns nodes -remote_dns_health_check + # Parsing remote host parameters + eval $cluster -for cluster_str in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do - - # Get host values - eval $cluster_str - - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' - fi - - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - - # Check dns exceptions - if [ -z "$DNS_CLUSTER_IGNORE" ]; then - DNS_CLUSTER_IGNORE='dns-cluster' - fi - - # Sync domain + # Syncing SOA str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) - eval $str - $send_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'no' + cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no' + check_result $? "$HOST connection failed (sync)" $E_CONNECT - # Rebuild dns zone - $send_cmd v-rebuild-dns-domain $DNS_USER $domain 'scheduled' - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed (rebuild)" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi + # Rebuilding dns zone + cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no' + check_result $? "$HOST connection failed (rebuild)" $E_CONNECT done -# Update pipe -pipe="$VESTA/data/queue/dns-cluster.pipe" -str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) -if [ ! -z "$str" ]; then - sed -i "$str d" $pipe -fi - #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Updating pipe +pipe="$VESTA/data/queue/dns-cluster.pipe" +str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) +if [ ! -z "$str" ]; then + sed -i "$str d" $pipe +fi + exit diff --git a/bin/v-change-remote-dns-domain-ttl b/bin/v-change-remote-dns-domain-ttl index 390ac9baa..77bc235fe 100755 --- a/bin/v-change-remote-dns-domain-ttl +++ b/bin/v-change-remote-dns-domain-ttl @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 @@ -24,100 +24,45 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" - -if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then - echo "Error: dns-cluster.conf doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST -fi - -number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l) -if [ "$number_of_proc" -gt 2 ]; then - echo "Error: another sync process already exists" - log_event "$E_EXISTS $EVENT" - exit $E_EXISTS -fi +is_procces_running +remote_dns_health_check #----------------------------------------------------------# # Action # #----------------------------------------------------------# -old_ifs="$IFS" IFS=$'\n' +for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do -# Check remote dns nodes -remote_dns_health_check + # Parsing remote host parameters + eval $cluster -# Starting cluster loop -for cluster_str in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do - - # Get host values - eval $cluster_str - - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' - fi - - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check host connection - $send_cmd v-list-sys-config - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - $send_cmd v-list-user $DNS_USER - if [ $? -ne 0 ]; then - echo "Error: dns user $DNS_USER doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST - fi - - # Check dns exceptions - if [ -z "$DNS_CLUSTER_IGNORE" ]; then - DNS_CLUSTER_IGNORE='dns-cluster' - fi - - # Sync domain + # Syncing TTL str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) - eval $str - $send_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'no' + cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no' + check_result $? "$HOST connection failed (sync)" $E_CONNECT - # Rebuild dns zone - $send_cmd v-rebuild-dns-domain $DNS_USER $domain 'scheduled' - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed (rebuild)" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi + # Rebuilding dns zone + cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no' + check_result $? "$HOST connection failed (rebuild)" $E_CONNECT done -# Update pipe + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Updating pipe pipe="$VESTA/data/queue/dns-cluster.pipe" str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) if [ ! -z "$str" ]; then sed -i "$str d" $pipe fi -#----------------------------------------------------------# -# Vesta # -#----------------------------------------------------------# - exit diff --git a/bin/v-change-sys-config-value b/bin/v-change-sys-config-value index 2e06192e1..3681075c3 100755 --- a/bin/v-change-sys-config-value +++ b/bin/v-change-sys-config-value @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition key=$(echo "$1" | tr '[:lower:]' '[:upper:]' ) value=$2 @@ -18,27 +18,34 @@ value=$2 source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin" + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'KEY VALUE' -validate_format 'key' -check_ckey=$(grep "^$key='" $VESTA/conf/vesta.conf) -if [ -z "$check_ckey" ]; then - echo "Error: key $key not found" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID -fi +is_format_valid 'key' +format_no_quotes "$value" 'value' #----------------------------------------------------------# # Action # #----------------------------------------------------------# # Updating conf -sed -i "s/$key=.*/$key='$value'/g" $VESTA/conf/vesta.conf +check_ckey=$(grep "^$key='" $VESTA/conf/vesta.conf) +if [ -z "$check_ckey" ]; then + echo "$key='$value'" >> $VESTA/conf/vesta.conf +else + sed -i "s|$key=.*|$key='$value'|g" $VESTA/conf/vesta.conf +fi + +if [ "$key" = "BACKUP" ] && [ "$value" != '/backup' ]; then + rm /backup + ln -s $value /backup +fi #----------------------------------------------------------# @@ -46,6 +53,6 @@ sed -i "s/$key=.*/$key='$value'/g" $VESTA/conf/vesta.conf #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-sys-hostname b/bin/v-change-sys-hostname index eab206a51..c5a6adb17 100755 --- a/bin/v-change-sys-hostname +++ b/bin/v-change-sys-hostname @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition domain=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'HOSTNAME' -validate_format 'domain' +is_format_valid 'domain' #----------------------------------------------------------# @@ -31,18 +31,16 @@ validate_format 'domain' hostname $domain -# RHEL/CentOS -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then + # RHEL/CentOS/Amazon touch /etc/sysconfig/network if [ -z "$(grep HOSTNAME /etc/sysconfig/network)" ]; then echo "HOSTNAME='$domain'" >> /etc/sysconfig/network else sed -i "s/HOSTNAME=.*/HOSTNAME='$domain'/" /etc/sysconfig/network fi -fi - -# Debian/Ubuntu -if [ ! -e "/etc/redhat-release" ]; then +else + # Debian/Ubuntu echo "$domain" > /etc/hostname fi @@ -52,6 +50,6 @@ fi #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-sys-ip-name b/bin/v-change-sys-ip-name index 8b3a5ef7d..78da096a4 100755 --- a/bin/v-change-sys-ip-name +++ b/bin/v-change-sys-ip-name @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition ip=$1 ip_name=$2 @@ -24,11 +24,9 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'IP IP_NAME' -validate_format 'ip' -if [ ! -z "$ip_name" ]; then - validate_format 'ip_name' -fi -is_ip_valid +is_format_valid 'ip' +is_format_valid 'ip_name' +is_ip_valid "$ip" #----------------------------------------------------------# @@ -44,7 +42,7 @@ update_ip_value '$NAME' "$ip_name" #----------------------------------------------------------# # Logging -log_history "changed associated dns on $ip to $domain" '' 'admin' -log_event "$OK" "$EVENT" +log_history "changed associated dns on $ip to $ip_name" '' 'admin' +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-sys-ip-nat b/bin/v-change-sys-ip-nat index 8d34b8642..a3b248301 100755 --- a/bin/v-change-sys-ip-nat +++ b/bin/v-change-sys-ip-nat @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition ip=$1 nat_ip=$2 restart=$3 @@ -25,65 +25,83 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'IP NAT_IP [RESTART]' -validate_format 'ip' -if [ ! -z "$nat_ip" ]; then - validate_format 'nat_ip' -fi -is_ip_valid +is_format_valid 'ip' +is_format_valid 'nat_ip' +is_ip_valid "$ip" #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Changing nat ip +# Updating IP if [ -z "$(grep NAT= $VESTA/data/ips/$ip)" ]; then sed -i "s/^TIME/NAT='$nat_ip'\nTIME/g" $VESTA/data/ips/$ip + old='' + new=$nat_ip else - update_ip_value '$NAT' "$nat_ip" -fi - -# Check ftp system -if [ "$FTP_SYSTEM" = 'vsftpd' ]; then - - # Find configuration - if [ -e '/etc/vsftpd/vsftpd.conf' ]; then - conf='/etc/vsftpd/vsftpd.conf' - fi - - if [ -e '/etc/vsftpd.conf' ]; then - conf='/etc/vsftpd.conf' - fi - - # Update config - if [ -z "$(grep pasv_address $conf)" ]; then - if [ ! -z "$nat_ip" ]; then - echo "pasv_address=$nat_ip" >> $conf - fi - else - if [ ! -z "$nat_ip" ]; then - sed -i "s/pasv_address=.*/pasv_address='$nat_ip'/g" $conf - else - sed -i "/pasv_address/d" $conf - fi + old=$(get_ip_value '$NAT') + new=$nat_ip + sed -i "s/NAT=.*/NAT='$new'/" $VESTA/data/ips/$ip + if [ -z "$nat_ip" ]; then + new=$ip fi fi +# Updating WEB configs +if [ ! -z "$old" ] && [ ! -z "$WEB_SYSTEM" ]; then + sed -i "s/$old/$new/" $VESTA/data/users/*/web.conf + for user in $(ls $VESTA/data/users/); do + $BIN/v-rebuild-web-domains $user no + done + $BIN/v-restart-dns $restart +fi + +# Updating DNS configs +if [ ! -z "$old" ] && [ ! -z "$DNS_SYSTEM" ]; then + sed -i "s/$old/$new/" $VESTA/data/users/*/dns.conf + sed -i "s/$old/$new/" $VESTA/data/users/*/dns/*.conf + for user in $(ls $VESTA/data/users/); do + $BIN/v-rebuild-dns-domains $user no + done + $BIN/v-restart-dns $restart +fi + +# Updating FTP +if [ ! -z "$old" ] && [ ! -z "$FTP_SYSTEM" ]; then + conf=$(find /etc -name $FTP_SYSTEM.conf) + if [ -e "$conf" ]; then + sed -i "s/$old/$new/g" $conf + if [ "$FTP_SYSTEM" = 'vsftpd' ]; then + check_pasv=$(grep pasv_address $conf) + if [ -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then + echo "pasv_address=$nat_ip" >> $conf + fi + if [ ! -z "$check_pasv" ] && [ -z "$nat_ip" ]; then + sed -i "/pasv_address/d" $conf + fi + if [ ! -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then + sed -i "s/pasv_address=.*/pasv_address='$nat_ip'/g" $conf + fi + fi + fi + $BIN/v-restart-ftp $restart +fi + +# Updating firewall +if [ ! -z "$old" ] && [ ! -z "$FIREWALL_SYSTEM" ]; then + sed -i "s/$old/$new/g" $VESTA/data/firewall/*.conf + $BIN/v-update-firewall +fi + + #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# -# Restart ftp server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-ftp - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi - # Logging log_history "changed associated nat address on $ip to $nat_ip" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-sys-ip-owner b/bin/v-change-sys-ip-owner index 0fe37ddc4..5ea71c348 100755 --- a/bin/v-change-sys-ip-owner +++ b/bin/v-change-sys-ip-owner @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition ip=$1 user=$2 @@ -24,14 +24,13 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'IP USER' -validate_format 'ip' 'user' +is_format_valid 'ip' 'user' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" -is_ip_valid +is_ip_valid "$ip" is_ip_key_empty '$U_WEB_DOMAINS' is_ip_key_empty '$U_SYS_USERS' - #----------------------------------------------------------# # Action # #----------------------------------------------------------# @@ -77,6 +76,6 @@ fi # Logging log_history "changed owner of $ip to $user" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-sys-ip-status b/bin/v-change-sys-ip-status index 30f00254e..7f834065f 100755 --- a/bin/v-change-sys-ip-status +++ b/bin/v-change-sys-ip-status @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition ip=$1 ip_status=$2 @@ -24,21 +24,16 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'IP IP_STATUS' -validate_format 'ip' 'ip_status' -is_ip_valid +is_format_valid 'ip' 'ip_status' +is_ip_valid "$ip" if [ "$ip_status" = "$(get_ip_value '$STATUS')" ]; then - echo "Error: status $ip_status is already set" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + check_result "$E_EXISTS" "status $ip_status is already set" fi - web_domains=$(get_ip_value '$U_WEB_DOMAINS') sys_user=$(get_ip_value '$U_SYS_USERS') ip_owner=$(get_ip_value '$OWNER') if [ "$web_domains" -ne '0' ] && [ "$sys_user" != "$ip_owner" ]; then - echo "Error: ip $ip is used" - log_event "$E_INUSE" "$EVENT" - exit $E_INUSE + check_result "$E_INUSE" "ip $ip is used" fi @@ -56,6 +51,6 @@ update_ip_value '$STATUS' "$ip_status" # Logging log_history "changed $ip status to $ip_status" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-sys-language b/bin/v-change-sys-language index 358a143e6..6f27a9020 100755 --- a/bin/v-change-sys-language +++ b/bin/v-change-sys-language @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition language=$1 # Includes @@ -20,7 +20,7 @@ source $VESTA/conf/vesta.conf is_language_valid() { if [ ! -e "$VESTA/web/inc/i18n/$language.php" ]; then echo "Error: language file $language doesn't exist" - log_event "$E_NOTEXIST $EVENT" + log_event "$E_NOTEXIST $ARGUMENTS" exit $E_NOTEXIST fi } @@ -31,7 +31,7 @@ is_language_valid() { #----------------------------------------------------------# check_args '1' "$#" 'LANGUAGE' -validate_format 'language' +is_format_valid 'language' is_language_valid $language @@ -52,6 +52,6 @@ fi #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-sys-service-config b/bin/v-change-sys-service-config new file mode 100755 index 000000000..f90326b72 --- /dev/null +++ b/bin/v-change-sys-service-config @@ -0,0 +1,131 @@ +#!/bin/bash +# info: change service config +# options: CONFIG SERVICE [RESTART] +# +# The function for changing service confguration. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +src=$1 +service=$2 +restart=$3 +echo "$0 $*" >/tmp/t.log + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'CONFIG SERVICE [RESTART]' +if [ ! -e "$src" ]; then + check_result "$E_NOTEXIST" "$src config doesn't exist" +fi + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining dst config path +case $service in + nginx) dst='/etc/nginx/nginx.conf';; + httpd) dst='/etc/httpd/conf/httpd.conf';; + apache2) dst='/etc/apache2/apache2.conf';; + exim) dst='/etc/exim/exim.conf';; + exim4) dst='/etc/exim4/exim4.conf.template';; + vsftpd) dst=$(find /etc/vsftpd* -name 'vsftpd.conf');; + proftpd) dst=$(find /etc/proftpd* -name 'proftpd.conf');; + php) dst=$(find /etc/php* -name php.ini);; + mysql) dst=$(find /etc/my* -name my.cnf);; + mysqld) dst=$(find /etc/my* -name my.cnf);; + mariadb) dst=$(find /etc/my* -name my.cnf);; + postgresql) dst=$($BIN/v-list-sys-pgsql-config plain |cut -f 1);; + postgresql-hba) dst=$($BIN/v-list-sys-pgsql-config plain |cut -f 2);; + dovecot) dst=$(find /etc/dovecot* -name dovecot.conf);; + dovecot-1) dst='/etc/dovecot/conf.d/10-auth.conf';; + dovecot-2) dst='/etc/dovecot/conf.d/10-logging.conf';; + dovecot-3) dst='/etc/dovecot/conf.d/10-mail.conf';; + dovecot-4) dst='/etc/dovecot/conf.d/10-master.conf';; + dovecot-5) dst='/etc/dovecot/conf.d/10-ssl.conf';; + dovecot-6) dst='/etc/dovecot/conf.d/20-imap.conf';; + dovecot-7) dst='/etc/dovecot/conf.d/20-pop3.conf';; + dovecot-8) dst='/etc/dovecot/conf.d/auth-passwdfile.conf.ext';; + named) dst='/etc/named.conf';; + bind9) dst='/etc/bind/named.conf';; + bind9-opt) dst='/etc/bind/named.conf.options';; + spamd) dst=$($BIN/v-list-sys-spamd-config plain);; + spamassassin) dst=$($BIN/v-list-sys-spamd-config plain);; + clamd) dst=$($BIN/v-list-sys-clamd-config plain);; + clamd.scan) dst=$($BIN/v-list-sys-clamd-config plain);; + cron) dst='/etc/crontab';; + crond) dst='/etc/crontab';; + fail2ban) dst='/etc/fail2ban/jail.local';; + *) check_result $E_NOTEXIST "service $service doesn't exist" +esac + +# Checking config path +for config in $dst; do + if [ ! -e "$config" ]; then + check_result $E_NOTEXIST "$service config doesn't exist" + fi +done + +# Checking diff between src and dst configs +for config in $dst; do + diff -q $src $config >/dev/null + + if [ $? -ne 0 ]; then + cp $config $config.vst.back + cp $src $config + update="yes" + fi +done + +# Restarting service +if [ "$update" = 'yes' ] && [ "$restart" != 'no' ]; then + if [[ "$service" =~ - ]]; then + service=$(echo ${service%-*}) + fi + + if [ "$service" = 'php' ]; then + if [ "$WEB_SYSTEM" = "nginx" ]; then + if [ $(ps --no-headers -o comm 1) == systemd ]; then + service=$(systemctl | grep -o -E "php.*fpm.*\.service") + service=${service//.service/} + else + service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d /) + fi + else + service=$WEB_SYSTEM + fi + fi + + for single_service in $service; do + service $single_service restart >/dev/null 2>&1 + done <<< "$service" + + if [ $? -ne 0 ]; then + for config in $dst; do + cat $config.vst.back > $config + rm -f $config.vst.back + done + check_result $E_RESTART "$service failed to start with new config" + fi +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-change-sys-timezone b/bin/v-change-sys-timezone new file mode 100755 index 000000000..bfd4e5bc8 --- /dev/null +++ b/bin/v-change-sys-timezone @@ -0,0 +1,72 @@ +#!/bin/bash +# info: change system timezone +# options: TIMEZONE +# +# The function for changing system timezone. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +timezone=$1 + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +is_timezone_valid() { + if [ ! -e "/usr/share/zoneinfo/$timezone" ]; then + echo "Error: tz file $timezone doesn't exist" + log_event $E_NOTEXIST "$ARGUMENTS" + exit $E_NOTEXIST + fi +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '1' "$#" 'TIMEZONE' +is_timezone_valid + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Changing system timezone +which timedatectls >/dev/null 2>&1 +if [ "$?" -eq 0 ]; then + timedatectl set-timezone $timezone +else + if [ -e "/etc/sysconfig/clock" ]; then + sed -i "s/ZONE.*//" /etc/sysconfig/clock + echo "ZONE=\"$timezone\"" >> /etc/sysconfig/clock + fi + if [ -e "/etc/timezone" ]; then + echo "$timezone" > /etc/timezone + fi + rm -f /etc/localtime + ln -sf /usr/share/zoneinfo/$timezone /etc/localtime +fi + +# Chaning php timezone +if [ ! -z "$WEB_SYSTEM" ]; then + for conf in $(find /etc/php* -name php.ini); do + sed -i "s|;date.timezone =|date.timezone =|" $conf + sed -i "s|date.timezone =.*|date.timezone = $timezone|" $conf + done +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-change-sys-vesta-ssl b/bin/v-change-sys-vesta-ssl new file mode 100755 index 000000000..2531714e0 --- /dev/null +++ b/bin/v-change-sys-vesta-ssl @@ -0,0 +1,77 @@ +#!/bin/bash +# info: change vesta ssl certificate +# options: SSL_DIR [RESTART] +# +# The function changes vesta SSL certificate and the key. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +domain='certificate' +ssl_dir=$1 +restart=$2 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '1' "$#" 'SSL_DIR [RESTART]' +is_format_valid 'ssl_dir' + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking new certificate +certificate=$(cat $ssl_dir/$domain.crt |grep -n END) +certificate_count=$(echo "$certificate" |wc -l) +if [ "$certificate_count" -gt 1 ]; then + crt_end=$(echo "$certificate" |head -n1 |cut -f 1 -d :) + crt_lines=$(wc -l $ssl_dir/$domain.crt |cut -f1 -d ' ') + pem_begin=$((crt_lines - crt_end)) + mv $ssl_dir/$domain.crt $ssl_dir/$domain.crt_full + head -n $crt_end $ssl_dir/$domain.crt_full > $ssl_dir/$domain.crt + tail -n $pem_begin $ssl_dir/$domain.crt_full > $ssl_dir/$domain.ca + is_web_domain_cert_valid + mv -f $ssl_dir/$domain.crt_full $ssl_dir/$domain.crt + rm -f $ssl_dir/$domain.ca +else + is_web_domain_cert_valid +fi + +# Moving old certificate +mv $VESTA/ssl/certificate.crt $VESTA/ssl/certificate.crt.back +mv $VESTA/ssl/certificate.key $VESTA/ssl/certificate.key.back + +# Adding new certificate +cp -f $ssl_dir/certificate.crt $VESTA/ssl/certificate.crt +cp -f $ssl_dir/certificate.key $VESTA/ssl/certificate.key + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting web server +if [ "$restart" != 'no' ]; then + kill -HUP $(cat /var/run/vesta-nginx.pid) + $BIN/v-restart-mail + if [ ! -z "$IMAP_SYSTEM" ]; then + v-restart-service "$IMAP_SYSTEM" + fi +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-change-user-contact b/bin/v-change-user-contact index a9bc75eeb..bbbb2d168 100755 --- a/bin/v-change-user-contact +++ b/bin/v-change-user-contact @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 email=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER EMAIL' -validate_format 'user' 'email' +is_format_valid 'user' 'email' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -49,6 +49,6 @@ $BIN/v-rebuild-cron-jobs $user > /dev/null 2>&1 # Logging log_history "changed contact email to $email" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-user-language b/bin/v-change-user-language index c6e7b0cbf..38084ccc3 100755 --- a/bin/v-change-user-language +++ b/bin/v-change-user-language @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 language=$2 @@ -19,9 +19,14 @@ source $VESTA/conf/vesta.conf is_language_valid() { - if [ ! -e "$VESTA/web/inc/i18n/$language.php" ]; then - echo "Error: language $language not exist" - log_event "$E_NOTEXIST $EVENT" + if ! [[ "$1" =~ ^[[:alnum:]_-]+$ ]]; then + echo "Error: language $1 is not valid" + log_event "$E_INVALID" "$ARGUMENTS" + exit $E_INVALID + fi + if [ ! -e "$VESTA/web/inc/i18n/$1.php" ]; then + echo "Error: language $1 doesn't exist" + log_event "$E_NOTEXIST" "$ARGUMENTS" exit $E_NOTEXIST fi } @@ -32,7 +37,7 @@ is_language_valid() { #----------------------------------------------------------# check_args '2' "$#" 'USER LANGUAGE' -validate_format 'user' 'language' +is_format_valid 'user' 'language' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_language_valid $language @@ -56,6 +61,6 @@ fi # Logging log_history "changed language to $language" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-user-name b/bin/v-change-user-name index 9cbecc596..2776b4cb5 100755 --- a/bin/v-change-user-name +++ b/bin/v-change-user-name @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 fname=$2 lname=$3 @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '3' "$#" 'USER FNAME LNAME' -validate_format 'user' 'fname' 'lname' +is_format_valid 'user' 'fname' 'lname' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -48,6 +48,6 @@ update_user_value "$user" '$LNAME' "$lname" # Logging log_history "changed user name to $fname $lname" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-user-ns b/bin/v-change-user-ns index a799257c9..0e28766cf 100755 --- a/bin/v-change-user-ns +++ b/bin/v-change-user-ns @@ -1,20 +1,24 @@ #!/bin/bash # info: change user nameservers -# options: USER NS1 NS2 [NS3] [NS4] +# options: USER NS1 NS2 [NS3] [NS4] [NS5] [NS6] [NS7] [NS8] # -# The function for changing default nameservers for speciefic user. +# The function for changing default nameservers for specific user. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 ns1=$(echo $2 | sed -e 's/\.*$//g' -e 's/^\.*//g') ns2=$(echo $3 | sed -e 's/\.*$//g' -e 's/^\.*//g') -ns3=$4 -ns4=$5 +ns3=$(echo $4 | sed -e 's/\.*$//g' -e 's/^\.*//g') +ns4=$(echo $5 | sed -e 's/\.*$//g' -e 's/^\.*//g') +ns5=$(echo $6 | sed -e 's/\.*$//g' -e 's/^\.*//g') +ns6=$(echo $7 | sed -e 's/\.*$//g' -e 's/^\.*//g') +ns7=$(echo $8 | sed -e 's/\.*$//g' -e 's/^\.*//g') +ns8=$(echo $9 | sed -e 's/\.*$//g' -e 's/^\.*//g') # Includes source $VESTA/func/main.sh @@ -26,19 +30,34 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# # Checking args -check_args '3' "$#" 'USER NS1 NS2 [NS3] [NS4]' +check_args '3' "$#" 'USER NS1 NS2 [NS3] [NS4] [NS5] [NS6] [NS7] [NS8]' # Checking argument format -validate_format 'user' 'ns1' 'ns2' +is_format_valid 'user' 'ns1' 'ns2' if [ ! -z "$ns3" ]; then ns3=$(echo $4 | sed -e 's/\.*$//g' -e 's/^\.*//g') - validate_format 'ns3' + is_format_valid 'ns3' fi if [ ! -z "$ns4" ]; then ns4=$(echo $5 | sed -e 's/\.*$//g' -e 's/^\.*//g') - validate_format 'ns4' + is_format_valid 'ns4' +fi +if [ ! -z "$ns5" ]; then + ns5=$(echo $6 | sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns5' +fi +if [ ! -z "$ns6" ]; then + ns6=$(echo $7 | sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns6' +fi +if [ ! -z "$ns7" ]; then + ns7=$(echo $8 | sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns7' +fi +if [ ! -z "$ns8" ]; then + ns8=$(echo $9 | sed -e 's/\.*$//g' -e 's/^\.*//g') + is_format_valid 'ns8' fi - is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -48,7 +67,7 @@ is_object_unsuspended 'user' 'USER' "$user" #----------------------------------------------------------# # Merging values -ns="$ns1,$ns2,$ns3,$ns4" +ns="$ns1,$ns2,$ns3,$ns4,$ns5,$ns6,$ns7,$ns8" ns=$(echo "$ns" | sed -e "s/,,//g" -e "s/,$//") # Changing ns values @@ -60,7 +79,7 @@ update_user_value "$user" '$NS' "$ns" #----------------------------------------------------------# # Logging -log_history "changed user nameservers to $ns1, $ns2" -log_event "$OK" "$EVENT" +log_history "updated nameservers $ns1 $ns2 $ns3 $ns4 $ns5 $ns6 $ns7 $ns8" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-user-package b/bin/v-change-user-package index 1e9a046df..b358fb13c 100755 --- a/bin/v-change-user-package +++ b/bin/v-change-user-package @@ -9,23 +9,19 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 package=$2 force=$3 # Includes source $VESTA/func/main.sh +source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf is_package_avalable() { - # Parsing user data - usr_data=$(cat $USER_DATA/user.conf) - IFS=$'\n' - for key in $usr_data; do - eval ${key%%=*}=${key#*=} - done + source $USER_DATA/user.conf WEB_DOMAINS='0' DATABASES='0' MAIL_DOMAINS='0' @@ -33,32 +29,66 @@ is_package_avalable() { DISK_QUOTA='0' BANDWIDTH='0' - pkg_data=$(cat $VESTA/data/packages/$package.pkg |grep -v TIME |\ - grep -v DATE) - eval $pkg_data + pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE") + IFS=$'\n' + for str in $pkg_data; do + key=$(echo $str |cut -f 1 -d =) + value=$(echo $str |cut -f 2 -d \') + eval $key="$value" + done - # Comparing user data with package - if [[ "$WEB_DOMAINS" -lt "$U_WEB_DOMAINS" ]] ||\ - [[ "$DNS_DOMAINS" -lt "$U_DNS_DOMAINS" ]] ||\ - [[ "$MAIL_DOMAINS" -lt "$U_MAIL_DOMAINS" ]] ||\ - [[ "$DATABASES" -lt "$U_DATABASES" ]] ||\ - [[ "$CRON_JOBS" -lt "$U_CRON_JOBS" ]] ||\ - [[ "$DISK_QUOTA" -lt "$U_DISK" ]] ||\ - [[ "$BANDWIDTH" -lt "$U_BANDWIDTH" ]]; then - echo "Error: Package not cover current usage" - log_event "$E_LIMIT" "$EVENT" - exit $E_LIMIT + # Checking usage agains package limits + if [ "$WEB_DOMAINS" != 'unlimited' ]; then + if [ "$WEB_DOMAINS" -lt "$U_WEB_DOMAINS" ]; then + check_result $E_LIMIT "Package doesn't cover WEB_DOMAIN usage" + fi fi + if [ "$DNS_DOMAINS" != 'unlimited' ]; then + if [ "$DNS_DOMAINS" -lt "$U_DNS_DOMAINS" ]; then + check_result $E_LIMIT "Package doesn't cover DNS_DOMAIN usage" + fi + fi + if [ "$MAIL_DOMAINS" != 'unlimited' ]; then + if [ "$MAIL_DOMAINS" -lt "$U_MAIL_DOMAINS" ]; then + check_result $E_LIMIT "Package doesn't cover MAIL_DOMAIN usage" + fi + fi + if [ "$DATABASES" != 'unlimited' ]; then + if [ "$DATABASES" -lt "$U_DATABASES" ]; then + check_result $E_LIMIT "Package doesn't cover DATABASE usage" + fi + fi + if [ "$CRON_JOBS" != 'unlimited' ]; then + if [ "$CRON_JOBS" -lt "$U_CRON_JOBS" ]; then + check_result $E_LIMIT "Package doesn't cover CRON usage" + fi + fi + if [ "$DISK_QUOTA" != 'unlimited' ]; then + if [ "$DISK_QUOTA" -lt "$U_DISK" ]; then + check_result $E_LIMIT "Package doesn't cover DISK usage" + fi + fi + if [ "$BANDWIDTH" != 'unlimited' ]; then + if [ "$BANDWIDTH" -lt "$U_BANDWIDTH" ]; then + check_result $E_LIMIT "Package doesn't cover BANDWIDTH usage" + fi + fi + + # Checking templates + is_web_template_valid $WEB_TEMPLATE + is_dns_template_valid $DNS_TEMPLATE + is_proxy_template_valid $PROXY_TEMPLATE } change_user_package() { - usr_data=$(cat $USER_DATA/user.conf) - eval $usr_data - - pkg_data=$(cat $VESTA/data/packages/$package.pkg |grep -v TIME |\ - grep -v DATE) - eval $pkg_data - + source $USER_DATA/user.conf + pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE") + IFS=$'\n' + for str in $pkg_data; do + key=$(echo $str |cut -f 1 -d =) + value=$(echo $str |cut -f 2 -d \') + eval $key="$value" + done echo "FNAME='$FNAME' LNAME='$LNAME' PACKAGE='$package' @@ -110,6 +140,7 @@ U_DATABASES='$U_DATABASES' U_CRON_JOBS='$U_CRON_JOBS' U_BACKUPS='$U_BACKUPS' LANGUAGE='$LANGUAGE' +NOTIFICATIONS='$NOTIFICATIONS' TIME='$TIME' DATE='$DATE'" > $USER_DATA/user.conf } @@ -120,7 +151,7 @@ DATE='$DATE'" > $USER_DATA/user.conf #----------------------------------------------------------# check_args '2' "$#" 'USER PACKAGE [FORCE]' -validate_format 'user' 'package' +is_format_valid 'user' 'package' is_object_valid 'user' 'USER' "$user" is_package_valid if [ "$force" != 'yes' ];then @@ -136,7 +167,7 @@ fi change_user_package # Update user shell -shell_conf=$(echo "$pkg_data" | grep 'SHELL' | cut -f 2 -d \') +shell_conf=$(echo "$pkg_data" |grep 'SHELL' |cut -f 2 -d \') shell=$(grep -w "$shell_conf" /etc/shells |head -n1) /usr/bin/chsh -s "$shell" "$user" &>/dev/null @@ -145,6 +176,12 @@ if [ -x "$VESTA/data/packages/$package.sh" ]; then $VESTA/data/packages/$package.sh "$user" "$CONTACT" "$FNAME" "$LNAME" fi +# Update disk quota +source $VESTA/conf/vesta.conf +if [ "$DISK_QUOTA" = 'yes' ]; then + $BIN/v-update-user-quota $user +fi + #----------------------------------------------------------# # Vesta # @@ -152,6 +189,6 @@ fi # Logging log_history "changed $user package to $package" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-user-password b/bin/v-change-user-password index 71332f572..30328641f 100755 --- a/bin/v-change-user-password +++ b/bin/v-change-user-password @@ -9,27 +9,31 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -password=$2 +password=$2; HIDE=2 + +# Importing system enviroment as we run this script +# mostly by cron wich not read it by itself +source /etc/profile # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf -# Hiding password -A2="******" -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" - #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# +if [ "$user" = "root" ]; then + check_result $E_FORBIDEN "Changing root password is forbiden" +fi check_args '2' "$#" 'USER PASSWORD' -validate_format 'user' 'password' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" +is_password_valid #----------------------------------------------------------# @@ -40,17 +44,21 @@ is_object_unsuspended 'user' 'USER' "$user" echo "$user:$password" | /usr/sbin/chpasswd md5=$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow) +if [ "$user" = 'admin' ] && [ -e "$VESTA/web/reset.admin" ]; then + rm -f $VESTA/web/reset.admin +fi + #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# # Changing RKEY value -update_user_value "$user" '$RKEY' "$(gen_password)" +update_user_value "$user" '$RKEY' "$(generate_password)" update_user_value "$user" '$MD5' "$md5" # Logging log_history "changed password" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-user-shell b/bin/v-change-user-shell index f533d43c3..6a079c0ad 100755 --- a/bin/v-change-user-shell +++ b/bin/v-change-user-shell @@ -2,14 +2,14 @@ # info: change user shell # options: USER SHELL # -# The function changes system shell of a user. Shell gives abilty to use ssh. +# The function changes system shell of a user. Shell gives ability to use ssh. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 shell=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER SHELL' -validate_format 'user' 'shell' +is_format_valid 'user' 'shell' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -36,9 +36,18 @@ is_object_unsuspended 'user' 'USER' "$user" shell_path=$(grep -w "$shell" /etc/shells | head -n1) # Changing passwd file -/usr/bin/chsh -s "$shell_path" "$user" &>/dev/null +/usr/bin/chsh -s "$shell_path" "$user" >/dev/null 2>&1 shell=$(basename $shell_path) +# Adding jailed sftp env +if [ ! -z "$SFTPJAIL_KEY" ]; then + if [[ "$shell" =~ nologin ]] || [[ "$shell" =~ rssh ]]; then + $BIN/v-add-user-sftp-jail $user >/dev/null 2>&1 + else + $BIN/v-delete-user-sftp-jail $user >/dev/null 2>&1 + fi +fi + #----------------------------------------------------------# # Vesta # @@ -49,6 +58,6 @@ update_user_value "$user" '$SHELL' "$shell" # Logging log_history "changed $user shell to $shell" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-user-template b/bin/v-change-user-template index 465b07097..5a3295352 100755 --- a/bin/v-change-user-template +++ b/bin/v-change-user-template @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 type=$(echo "$2" | tr '[:lower:]' '[:upper:]') template=$3 @@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '3' "$#" 'USER TYPE TEMPLATE' -validate_format 'user' 'template' +is_format_valid 'user' 'template' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -35,11 +35,11 @@ is_object_unsuspended 'user' 'USER' "$user" #----------------------------------------------------------# case $type in - WEB) is_web_template_valid; + WEB) is_web_template_valid $template; update_user_value "$user" '$WEB_TEMPLATE' "$template";; - PROXY) is_proxy_template_valid; + PROXY) is_proxy_template_valid $template; update_user_value "$user" '$PROXY_TEMPLATE' "$template";; - DNS) is_dns_template_valid; + DNS) is_dns_template_valid $template; update_user_value "$user" '$DNS_TEMPLATE' "$template";; *) check_args '1' '0' 'USER TYPE TEMPLATE' esac @@ -51,6 +51,6 @@ esac # Logging log_history "changed $type template to $template" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port new file mode 100644 index 000000000..3f3866549 --- /dev/null +++ b/bin/v-change-vesta-port @@ -0,0 +1,60 @@ +#!/bin/bash +# info: change vesta port +# options: port +# +# Function will change vesta port + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +port=$1 + +if [ -z "$VESTA" ]; then + VESTA="/usr/local/vesta" +fi + +# Get current vesta port by reading nginx.conf +oldport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||") +if [ -z "$oldport" ]; then + oldport=8083 +fi + +# Includes +source $VESTA/func/main.sh + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +# Checking permissions +if [ "$(id -u)" != '0' ]; then + check_result $E_FORBIDEN "You must be root to execute this script" +fi + +check_args '1' "$#" 'PORT' +is_int_format_valid "$port" 'port number' + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +sed -i "s|$oldport;|$port;|g" $VESTA/nginx/conf/nginx.conf +if [ -f "/etc/roundcube/plugins/password/config.inc.php" ]; then + sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php +fi +sed -i "s|'$oldport'|'$port'|g" $VESTA/data/firewall/rules.conf +$VESTA/bin/v-update-firewall +systemctl restart fail2ban.service +sed -i "s| $oldport | $port |g" /etc/iptables.rules +systemctl restart vesta + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit 0; diff --git a/bin/v-change-web-domain-backend-tpl b/bin/v-change-web-domain-backend-tpl new file mode 100755 index 000000000..71dc9fd63 --- /dev/null +++ b/bin/v-change-web-domain-backend-tpl @@ -0,0 +1,159 @@ +#!/bin/bash +# info: change web domain backend template +# options: USER DOMAIN TEMPLATE [RESTART] +# +# The function changes backend template + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +domain_idn=$2 +template=$3 +restart=$4 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/func/ip.sh +source $VESTA/conf/vesta.conf + +# Additional argument formatting +format_domain +format_domain_idn + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '3' "$#" 'USER DOMAIN TEMPLATE [RESTART]' +is_format_valid 'user' 'domain' 'template' +is_system_enabled "$WEB_BACKEND" 'WEB_BACKEND' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" +is_backend_template_valid $template + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +prepare_web_backend + +# Deleting backend +rm -f $pool/$backend_type.conf + +# Allocating backend port +backend_port=9000 +ports=$(grep listen $pool/* 2>/dev/null |grep -o :[0-9].*) +ports=$(echo "$ports" |sed "s/://" |sort -n) +for port in $ports; do + if [ "$backend_port" -eq "$port" ]; then + backend_port=$((backend_port + 1)) + fi +done + +# Changing backend config +cat $WEBTPL/$WEB_BACKEND/$template.tpl |\ + sed -e "s|%backend_port%|$backend_port|" \ + -e "s|%user%|$user|g"\ + -e "s|%domain%|$domain|g"\ + -e "s|%domain_idn%|$domain_idn|"\ + -e "s|%backend%|$backend_type|g" > $pool/$backend_type.conf + +# Checking backend pool configuration +if [ "$backend_type" = "$user" ]; then + conf=$USER_DATA/web.conf + fields='$DOMAIN' + nohead=1 + + for domain in $(shell_list); do + get_domain_values 'web' + local_ip=$(get_real_ip $IP) + prepare_web_domain_values + + # Rebuilding vhost + del_web_config "$WEB_SYSTEM" "$TPL.tpl" + add_web_config "$WEB_SYSTEM" "$TPL.tpl" + if [ "$SSL" = 'yes' ]; then + del_web_config "$WEB_SYSTEM" "$TPL.stpl" + add_web_config "$WEB_SYSTEM" "$TPL.stpl" + fi + + # Rebuilding proxy configuration + if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + if [ "$SSL" = 'yes' ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + fi + fi + + # Update config + add_object_key "web" 'DOMAIN' "$domain" 'BACKEND' 'PROXY' + update_object_value 'web' 'DOMAIN' "$domain" '$BACKEND' "$template" + done + + # Chaning template in user config + old_template=$(grep BACKEND_TEMPLATE $USER_DATA/user.conf) + if [ -z "$old_template" ]; then + sed -i "s/^WEB_DOMAINS/BACKEND_TEMPLATE='$template'\nWEB_DOMAINS/g" \ + $USER_DATA/user.conf + else + update_user_value "$user" '$BACKEND_TEMPLATE' "$template" + fi +else + # Parsing domain values + get_domain_values 'web' + local_ip=$(get_real_ip $IP) + prepare_web_domain_values + + # Rebuilding vhost + del_web_config "$WEB_SYSTEM" "$TPL.tpl" + add_web_config "$WEB_SYSTEM" "$TPL.tpl" + if [ "$SSL" = 'yes' ]; then + del_web_config "$WEB_SYSTEM" "$TPL.stpl" + add_web_config "$WEB_SYSTEM" "$TPL.stpl" + fi + + # Rebuilding proxy configuration + if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + if [ "$SSL" = 'yes' ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + fi + fi + + # Update config + add_object_key "web" 'DOMAIN' "$domain" 'BACKEND' 'PROXY' + update_object_value 'web' 'DOMAIN' "$domain" '$BACKEND' "$template" +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + + +# Restarting web +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null + +$BIN/v-restart-web-backend $restart +check_result $? "Web backend restart failed" >/dev/null + +# Logging +log_history "changed backend template for $domain to $template" +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-change-web-domain-ftp-password b/bin/v-change-web-domain-ftp-password index c4cd90f98..6e74fd9e9 100755 --- a/bin/v-change-web-domain-ftp-password +++ b/bin/v-change-web-domain-ftp-password @@ -9,34 +9,40 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ftp_user=$3 -ftp_password=$4 +password=$4; HIDE=4 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN FTP_USER FTP_PASSWORD' -validate_format 'user' 'domain' 'ftp_user' 'ftp_password' +is_format_valid 'user' 'domain' 'ftp_user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" +is_password_valid get_domain_values 'web' if [ -z "$(echo $FTP_USER | tr ':' '\n' | grep ^$ftp_user$)" ]; then echo "Error: account $ftp_user doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" + log_event "$E_NOTEXIST" "$ARGUMENTS" exit $E_NOTEXIST fi @@ -46,7 +52,7 @@ fi #----------------------------------------------------------# # Changing ftp user password -echo "$ftp_user:$ftp_password" | /usr/sbin/chpasswd +echo "$ftp_user:$password" | /usr/sbin/chpasswd ftp_md5=$(awk -v user=$ftp_user -F : 'user == $1 {print $2}' /etc/shadow) @@ -66,6 +72,6 @@ update_object_value 'web' 'DOMAIN' "$domain" '$FTP_MD5' "$ftp_md5" # Logging log_history "changed password for $ftp_user on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-web-domain-ftp-path b/bin/v-change-web-domain-ftp-path index f4489c0a1..61e1aa80c 100755 --- a/bin/v-change-web-domain-ftp-path +++ b/bin/v-change-web-domain-ftp-path @@ -9,10 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ftp_user=$3 ftp_path=$4 @@ -21,13 +21,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN FTP_USER FTP_PATH' -validate_format 'user' 'domain' 'ftp_user' +is_format_valid 'user' 'domain' 'ftp_user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -36,13 +41,13 @@ is_object_unsuspended 'web' 'DOMAIN' "$domain" get_domain_values 'web' if [ -z "$(echo $FTP_USER | tr ':' '\n' | grep ^$ftp_user$)" ]; then echo "Error: account $ftp_user doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" + log_event "$E_NOTEXIST" "$ARGUMENTS" exit $E_NOTEXIST fi ftp_path_a=$(readlink -f "$HOMEDIR/$user/web/$domain/$ftp_path") if [ -z "$(echo $ftp_path_a |grep $HOMEDIR/$user/web/$domain)" ]; then echo "Error: absolute path $ftp_path_a is invalid" - log_event "$E_INVALID" "$EVENT" + log_event "$E_INVALID" "$ARGUMENTS" exit $E_INVALID fi @@ -84,6 +89,6 @@ update_object_value 'web' 'DOMAIN' "$domain" '$FTP_PATH' "$ftp_path" # Logging log_history "changed path to $ftp_path_a for $ftp_user@$domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-web-domain-httpauth b/bin/v-change-web-domain-httpauth new file mode 100755 index 000000000..91ed166d4 --- /dev/null +++ b/bin/v-change-web-domain-httpauth @@ -0,0 +1,76 @@ +#!/bin/bash +# info: change password for http auth user +# options: USER DOMAIN AUTH_USER AUTH_PASSWORD +# +# The call is used for changing http auth user password + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +auth_user=$3 +password=$4; HIDE=4 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + +# Defining htpasswd file +htpasswd="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.htpasswd" + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '4' "$#" 'USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" +is_password_valid +get_domain_values 'web' +if [ -z "$(echo "$AUTH_USER" |tr : '\n' |grep ^$auth_user$)" ]; then + echo "Error: auth user $auth_user doesn't exist" + log_event "$E_NOTEXIST" "$ARGUMENTS" + exit $E_NOTEXIST +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Adding httpasswd user +auth_hash=$($BIN/v-generate-password-hash htpasswd htpasswd $password) +touch $htpasswd +sed -i "/^$auth_user:/d" $htpasswd +echo "$auth_user:$auth_hash" >> $htpasswd + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Rebuilding AUTH_HASH variable +position=$(echo $AUTH_USER |tr ':' '\n' |grep -n '' |grep ":$auth_user$" |\ + cut -f 1 -d:) +auth_hash=$(echo $AUTH_HASH |tr ':' '\n' |grep -n '' |\ + sed -e "s%^$position:.*%$position:$auth_hash%" |\ + cut -f 2 -d :| sed -e "/^$/d"| sed -e ':a;N;$!ba;s/\n/:/g') + +# Updating config +update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_HASH' "$auth_hash" + +# Logging +log_history "changed auth user $httpauth_user password on $domain" +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-change-web-domain-ip b/bin/v-change-web-domain-ip index d3c28facd..5b2ab31b0 100755 --- a/bin/v-change-web-domain-ip +++ b/bin/v-change-web-domain-ip @@ -1,18 +1,18 @@ #!/bin/bash -# info: change web domain ip address -# options: USER DOMAIN IP [RESTART] +# info: change web domain ip +# options: USER DOMAIN DOMAIN [RESTART] # -# The call is used for changing the site ip address. +# The call is used for changing domain ip #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ip=$3 restart=$4 @@ -22,54 +22,47 @@ source $VESTA/func/domain.sh source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN IP [RESTART]' -validate_format 'user' 'domain' 'ip' +is_format_valid 'user' 'domain' 'ip' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" -is_ip_valid -is_ip_avalable +is_ip_valid "$ip" "$user" #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Define variable for replace +# Preparing variables for vhost replace get_domain_values 'web' -ip=$(get_real_ip $ip) -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl" -conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" old=$(get_real_ip $IP) -new=$ip -replace_web_config +new=$(get_real_ip $ip) -# Checking SSL +# Replacing vhost +replace_web_config "$WEB_SYSTEM" "$TPL.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - replace_web_config + replace_web_config "$WEB_SYSTEM" "$TPL.stpl" fi -# Checking proxy -if [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - replace_web_config -fi - -# Checking SSL proxy -if [ "$SSL" = 'yes' ] && [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - replace_web_config +# Replacing proxy vhost +if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + replace_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + if [ "$SSL" = 'yes' ]; then + replace_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + fi fi @@ -85,20 +78,14 @@ decrease_ip_value "$old" update_object_value 'web' 'DOMAIN' "$domain" '$IP' "$3" # Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +$BIN/v-restart-web $restart +check_result $? "WEB restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging log_history "changed web domain $domain ip to $3" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-web-domain-name b/bin/v-change-web-domain-name new file mode 100755 index 000000000..6cbd1d999 --- /dev/null +++ b/bin/v-change-web-domain-name @@ -0,0 +1,98 @@ +#!/bin/bash +# info: change web domain name +# options: USER DOMAIN NEW_DOMAIN [RESTART] +# +# The call is used for changing the domain name. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument defenition +user=$1 +domain=$2 +domain_idn=$2 +new_domain=$3 +restart=$4 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/func/ip.sh +source $VESTA/conf/vesta.conf + +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '3' "$#" 'USER DOMAIN NEW_DOMAIN [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" +check_new_domain=$(grep "DOMAIN='$new_domain'" $VESTA/data/users/*/web.conf) +if [ ! -z "$check_new_domain" ]; then + check_result $E_EXISTS "$new_domain already exists" +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Fetching domain variables +get_domain_values 'web' + +# Changing domain in web.conf +sed -i "s/DOMAIN='$domain'/DOMAIN='$new_domain'/" $USER_DATA/web.conf +new_alias=$(echo "$ALIAS,$domain" |\ + sed -e "s/,/\n/g"|\ + sed -e "s/^$new_domain$//g"|\ + sed -e "/^$/d"|\ + sed -e ':a;N;$!ba;s/\n/,/g') + +# Updating domain alias +if [ "$ALIAS" != "$new_alias" ]; then + sed -i "s/ALIAS='$ALIAS'/ALIAS='$new_alias'/" $USER_DATA/web.conf +fi + +# Moving document root and domain logs +mv $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$new_domain/ +cd /var/log/$WEB_SYSTEM/domains +mv $domain.log $new_domain.log +mv $domain.error.log $new_domain.error.log +mv $domain.bytes $new_domain.bytes +rm -f $HOMEDIR/$user/web/$new_domain/logs/$domain.* + +# Updating domain certificates +if [ -e "$USER_DATA/ssl/$domain.crt" ]; then + cd $USER_DATA/ssl + mv $domain.crt $new_domain.crt + mv $domain.ca $new_domain.ca + mv $domain.pem $new_domain.pem + mv $domain.key $new_domain.key + rm -f $HOMEDIR/$user/conf/web/ssl.$domain.* +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Rebuilding vhosts +$BIN/v-rebuild-web-domains $user $restart + +# Logging +log_history "changed web domain name $old_domain to $new_domain" +log_event "$OK" "$EVENT" + +exit diff --git a/bin/v-change-web-domain-proxy-tpl b/bin/v-change-web-domain-proxy-tpl index 605d40f38..4d022cb9d 100755 --- a/bin/v-change-web-domain-proxy-tpl +++ b/bin/v-change-web-domain-proxy-tpl @@ -9,37 +9,41 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 template=$3 default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,\ exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm" extentions=${4-$default_extentions} restart="$5" - # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN TEMPLATE [EXTENTIONS] [RESTART]' -validate_format 'user' 'domain' 'template' +is_format_valid 'user' 'domain' 'template' is_system_enabled "$PROXY_SYSTEM" 'PROXY_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" is_object_value_exist 'web' 'DOMAIN' "$domain" '$PROXY' -is_proxy_template_valid +is_proxy_template_valid $template #----------------------------------------------------------# @@ -48,38 +52,21 @@ is_proxy_template_valid # Parsing domain values get_domain_values 'web' -tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" -old_tpl=$PROXY -conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" -ip=$(get_real_ip $IP) +local_ip=$(get_real_ip $IP) # Delete old vhost -del_web_config +del_web_config "$PROXY_SYSTEM" "$PROXY.tpl" +if [ "$SSL" = 'yes' ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" +fi # Add new vhost PROXY="$template" PROXY_EXT="$extentions" -tpl_file="$WEBTPL/$PROXY_SYSTEM/$template.tpl" -upd_web_domain_values -add_web_config -chown root:$user $conf -chmod 640 $conf - -# Checking SSL +prepare_web_domain_values +add_web_config "$PROXY_SYSTEM" "$PROXY.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$old_tpl.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - del_web_config - - tpl_file="$WEBTPL/$PROXY_SYSTEM/$template.stpl" - add_web_config - chown root:$user $conf - chmod 640 $conf -fi - -# Running template trigger -if [ -x $WEBTPL/$PROXY_SYSTEM/$template.sh ]; then - $WEBTPL/$PROXY_SYSTEM/$template.sh $user $domain $ip $HOMEDIR $docroot + add_web_config "$PROXY_SYSTEM" "$PROXY.stpl" fi @@ -87,20 +74,16 @@ fi # Vesta # #----------------------------------------------------------# -# Update config +# Updating config update_object_value 'web' 'DOMAIN' "$domain" '$PROXY' "$PROXY" update_object_value 'web' 'DOMAIN' "$domain" '$PROXY_EXT' "$extentions" -# Restart web -if [ "$restart" != 'no' ]; then - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting proxy +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging log_history "changed proxy template for $domain to $template" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-web-domain-sslcert b/bin/v-change-web-domain-sslcert index 7b6b77037..f60a4eb0f 100755 --- a/bin/v-change-web-domain-sslcert +++ b/bin/v-change-web-domain-sslcert @@ -1,6 +1,6 @@ #!/bin/bash # info: change domain ssl certificate -# options: USER DOMAIN SSL_DIR +# options: USER DOMAIN SSL_DIR [RESTART] # # The function changes SSL domain certificate and the key. If ca file present # it will be replaced as well. @@ -10,24 +10,30 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ssl_dir=$3 +restart=$4 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '3' "$#" 'USER DOMAIN SSL_DIR' -validate_format 'user' 'domain' 'ssl_dir' +check_args '3' "$#" 'USER DOMAIN SSL_DIR [RESTART]' +is_format_valid 'user' 'domain' 'ssl_dir' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -69,19 +75,15 @@ fi # Vesta # #----------------------------------------------------------# -# Restart web server -$BIN/v-restart-web -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null -$BIN/v-restart-proxy -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging log_history "changed ssl certificate for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-web-domain-sslhome b/bin/v-change-web-domain-sslhome index 972df049d..06b4c563a 100755 --- a/bin/v-change-web-domain-sslhome +++ b/bin/v-change-web-domain-sslhome @@ -5,24 +5,30 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ssl_home=$3 +restart=$4 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '3' "$#" 'USER DOMAIN SSL_HOME' -validate_format 'user' 'domain' +check_args '3' "$#" 'USER DOMAIN SSL_HOME [RESTART]' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -39,8 +45,6 @@ is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL' get_domain_values 'web' old_ssl_home=$SSL_HOME SSL_HOME=$ssl_home -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" -conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" # Parsing tpl_option case $SSL_HOME in @@ -52,13 +56,11 @@ case $SSL_HOME in esac # Changing sslhome directory -replace_web_config +replace_web_config "$WEB_SYSTEM" "$TPL.stpl" -# Checking proxy config -if [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - replace_web_config +# Changing proxy vhost +if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + replace_web_config "$PROXY_SYSTEM" "$PROXY.stpl" fi @@ -69,19 +71,15 @@ fi # Update config update_object_value 'web' 'DOMAIN' "$domain" '$SSL_HOME' "$SSL_HOME" -# Restart web server -$BIN/v-restart-web -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null -$BIN/v-restart-proxy -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging log_history "changed ssl home for $domain to $ssl_home" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-change-web-domain-stats b/bin/v-change-web-domain-stats index 11f59e986..6355e4a1b 100755 --- a/bin/v-change-web-domain-stats +++ b/bin/v-change-web-domain-stats @@ -10,10 +10,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 type=$3 # Includes @@ -21,13 +21,17 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN TYPE' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_type_valid "$STATS_SYSTEM" "$type" is_object_valid 'user' 'USER' "$user" @@ -46,7 +50,7 @@ get_domain_values 'web' # Comparing stats types if [ "$STATS" == $type ]; then - log_event "$OK" "$EVENT" + log_event "$OK" "$ARGUMENTS" exit 0 fi @@ -59,10 +63,8 @@ rm -rf $stats_dir/* # Deleting config rm -f $HOMEDIR/$user/conf/web/$STATS.$domain.conf -# Preparing domain values for the template substitution -upd_web_domain_values - # Adding statistic config +prepare_web_domain_values cat $WEBTPL/$type/$type.tpl |\ sed -e "s/%ip%/$ip/g" \ -e "s/%web_port%/$WEB_PORT/g" \ @@ -98,7 +100,7 @@ update_object_value 'web' 'DOMAIN' "$domain" '$STATS' "$type" # Logging log_history "changed web log stats for $domain to $type" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" # Build stats exec $BIN/v-update-web-domain-stat $user $domain diff --git a/bin/v-change-web-domain-tpl b/bin/v-change-web-domain-tpl index 908ed798b..9b9623bb1 100755 --- a/bin/v-change-web-domain-tpl +++ b/bin/v-change-web-domain-tpl @@ -10,10 +10,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 template=$3 restart=$4 @@ -23,19 +23,24 @@ source $VESTA/func/domain.sh source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN TEMPLATE [RESTART]' -validate_format 'user' 'domain' 'template' +is_format_valid 'user' 'domain' 'template' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" -is_web_template_valid +is_web_template_valid "$template" #----------------------------------------------------------# @@ -44,45 +49,19 @@ is_web_template_valid # Parsing domain values get_domain_values 'web' -ip=$(get_real_ip $IP) +local_ip=$(get_real_ip $IP) # Deleting domain -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl" -old_tpl=$TPL -conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" -del_web_config - -# Deleting ssl vhost +del_web_config "$WEB_SYSTEM" "$TPL.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - del_web_config + del_web_config "$WEB_SYSTEM" "$TPL.stpl" fi # Defining variables for new vhost config -upd_web_domain_values -tpl_file="$WEBTPL/$WEB_SYSTEM/$template.tpl" - -# Adding domain to the web conf -add_web_config - -# Running template trigger -if [ -x $WEBTPL/$WEB_SYSTEM/$template.sh ]; then - $WEBTPL/$WEB_SYSTEM/$template.sh $user $domain $ip $HOMEDIR $docroot -fi - -# Checking SSL +prepare_web_domain_values +add_web_config "$WEB_SYSTEM" "$template.tpl" if [ "$SSL" = 'yes' ]; then - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - tpl_file="$WEBTPL/$WEB_SYSTEM/$template.stpl" - del_web_config - add_web_config - - # Running template trigger - if [ -x $WEBTPL/$WEB_SYSTEM/$template.sh ]; then - $WEBTPL/$WEB_SYSTEM/$template.sh \ - "$user" "$domain" "$ip" "$HOMEDIR" "$sdocroot" - fi + add_web_config "$WEB_SYSTEM" "$template.stpl" fi @@ -93,16 +72,12 @@ fi # Changing tpl in config update_object_value 'web' 'DOMAIN' "$domain" '$TPL' "$template" -# Restart web -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting web +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null # Logging log_history "changed web domain template for $domain to $template" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-check-api-key b/bin/v-check-api-key new file mode 100755 index 000000000..8d0d409e1 --- /dev/null +++ b/bin/v-check-api-key @@ -0,0 +1,40 @@ +#!/bin/bash +# info: check api key +# options: KEY +# +# The function checks a key file in /usr/local/vesta/data/keys/ + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +if [ -z "$1" ]; then + echo "Error: key missmatch" + exit 9 +fi +key=$(basename $1) +ip=${2-127.0.0.1} +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +if [ ! -e $VESTA/data/keys/$key ]; then + echo "Error: key missmatch" + echo "$date $time api $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +echo "$date $time api $ip successfully launched" >> $VESTA/log/auth.log + +exit diff --git a/bin/v-check-fs-permission b/bin/v-check-fs-permission new file mode 100755 index 000000000..00e5482af --- /dev/null +++ b/bin/v-check-fs-permission @@ -0,0 +1,46 @@ +#!/bin/bash +# info: open file +# options: USER FILE +# +# The function opens/reads files on the file system + +user=$1 +src=$2 + +# Checking arguments +if [ -z "$src" ]; then + echo "Usage: USER FILE" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking path +if [ ! -z "$src" ]; then + rpath=$(readlink -f "$src") + if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid source path $user $src" + exit 2 + fi +fi + +# Checking if file has readable permission +sudo -u $user ls "$src" > /dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: can't read $src" + exit 1 +fi + +# Exiting +exit diff --git a/bin/v-check-user-hash b/bin/v-check-user-hash new file mode 100755 index 000000000..a18aba0ea --- /dev/null +++ b/bin/v-check-user-hash @@ -0,0 +1,100 @@ +#!/bin/bash +# info: check user hash +# options: USER HASH [IP] +# +# The function verifies user hash + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +hash=$2; HIDE=2 +ip=${3-127.0.0.1} + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +check_args '2' "$#" 'USER HASH' +is_format_valid 'user' + +# Checking user +if [ ! -d "$VESTA/data/users/$user" ] && [ "$user" != 'root' ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + +# Checking user hash +is_hash_valid + +# Checking empty hash +if [[ -z "$hash" ]]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + + +# Parsing user's salt +shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :) + +if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$' +then + salt=$(echo "$shadow" |cut -f 3 -d \$) + method=$(echo "$shadow" |cut -f 2 -d \$) + if [ "$method" -eq '1' ]; then + method='md5' + elif [ "$method" -eq '6' ]; then + method='sha-512' + else + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 + fi +else + salt=${shadow:0:2} + method='des' +fi + +# Checking salt +if [ -z "$salt" ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + +# Comparing hashes +if [[ "$shadow" != "$hash" ]]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +echo "$date $time $user $ip successfully logged in" >> $VESTA/log/auth.log + +exit diff --git a/bin/v-check-user-password b/bin/v-check-user-password new file mode 100755 index 000000000..fbb0221e3 --- /dev/null +++ b/bin/v-check-user-password @@ -0,0 +1,109 @@ +#!/bin/bash +# info: check user password +# options: USER PASSWORD [IP] +# +# The function verifies user password from file + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +password=$2; HIDE=2 +ip=${3-127.0.0.1} + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +check_args '2' "$#" 'USER PASSWORD' +is_format_valid 'user' + +# Checking user +if [ ! -d "$VESTA/data/users/$user" ] && [ "$user" != 'root' ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + +# Checking user password +is_password_valid + +# Checking empty password +if [[ -z "$password" ]]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + + +# Parsing user's salt +shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :) + +if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$' +then + salt=$(echo "$shadow" |cut -f 3 -d \$) + method=$(echo "$shadow" |cut -f 2 -d \$) + if [ "$method" -eq '1' ]; then + method='md5' + elif [ "$method" -eq '6' ]; then + method='sha-512' + else + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 + fi +else + salt=${shadow:0:2} + method='des' +fi + +if [ -z "$salt" ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + +# Generating hash +set -o noglob +hash=$($BIN/v-generate-password-hash $method $salt <<< "$password") +if [[ -z "$hash" ]]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + +# Checking hash +result=$(grep "^$user:$hash:" /etc/shadow 2>/dev/null) +if [[ -z "$result" ]]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +echo "$date $time $user $ip successfully logged in" >> $VESTA/log/auth.log + +exit diff --git a/bin/v-check-vesta-license b/bin/v-check-vesta-license new file mode 100755 index 000000000..7fa1a12cd --- /dev/null +++ b/bin/v-check-vesta-license @@ -0,0 +1,63 @@ +#!/bin/bash +# info: check vesta license +# options: [MODULE] +# +# The function activates and register vesta license + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +module=$(echo $1 | tr '[:lower:]' '[:upper:]') + +# Importing system environment +source /etc/profile + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking module +if [ -z "$module" ]; then + modules=$(grep _KEY= $VESTA/conf/vesta.conf) +else + modules=$(grep "${module}_KEY" $VESTA/conf/vesta.conf) +fi + +IFS=$'\n' +for str in $modules; do + module=$(echo "$str" |cut -f 1 -d _) + license=$(echo "$str" |cut -f 2 -d \') + if [ ! -z "$license" ]; then + v_host='https://vestacp.com/checkout' + answer=$(curl -s "$v_host/check.php?licence_key=$license&module=$module") + check_result $? "cant' connect to vestacp.com " 0 + echo "$module $license $answer" + if [[ "$answer" != '0' ]]; then + if [ "$module" = 'SFTPJAIL' ]; then + setsid $BIN/v-delete-sys-sftp-jail 2>/dev/null + fi + sed -i "s/${module}_KEY=.*/${module}_KEY=''/g" \ + $VESTA/conf/vesta.conf + fi + fi +done + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-copy-fs-directory b/bin/v-copy-fs-directory new file mode 100755 index 000000000..11c647ed7 --- /dev/null +++ b/bin/v-copy-fs-directory @@ -0,0 +1,58 @@ +#!/bin/bash +# info: copy directory +# options: USER SRC_DIRECTORY DST_DIRECTORY +# +# The function copies directory on the file system + +user=$1 +src_dir=$2 +dst_dir=$3 + +# Checking arguments +if [ -z "$dst_dir" ]; then + echo "Usage: USER SRC_DIRECTORY DST_DIRECTORY" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking source dir +if [ ! -e "$src_dir" ]; then + echo "Error: source directory $src_dir doesn't exist" + exit 3 +fi + +# Checking source path +rpath=$(readlink -f "$src_dir") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid source path $src_dir" + exit 2 +fi + +# Checking destination path +rpath=$(readlink -f "$dst_dir") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid destination path $dst_dir" + exit 2 +fi + +# Copying directory +sudo -u $user cp -r "$src_dir" "$dst_dir" >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: directory $src_dir was not copied" + exit 3 +fi + +# Exiting +exit diff --git a/bin/v-copy-fs-file b/bin/v-copy-fs-file index a3004654b..792956ecf 100755 --- a/bin/v-copy-fs-file +++ b/bin/v-copy-fs-file @@ -1,58 +1,58 @@ #!/bin/bash -# File copier +# info: copy file +# options: USER SRC_FILE DST_FLE +# +# The function copies file on the file system user=$1 -file_src=$2 -file_dst=$3 +src_file=$2 +dst_file=$3 # Checking arguments -if [ -z "$file_dst" ]; then +if [ -z "$dst_file" ]; then echo "Usage: USER SRC_FILE DST_FILE" exit 1 fi -# Checking users +# Checking vesta user if [ ! -e "$VESTA/data/users/$user" ]; then - exit 1 + echo "Error: vesta user $user doesn't exist" + exit 3 fi -# Checking homedir +# Checking user homedir homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) if [ -z $homedir ]; then - exit 1 + echo "Error: user home directory doesn't exist" + exit 12 fi # Checking source file -if [ ! -e "$file_src" ]; then - exit 1 +if [ ! -f "$src_file" ]; then + echo "Error: $src_file doesn't exist" + exit 3 fi # Checking source path -rpath=$(readlink -f "$file_src") -if [ -z "$(echo $rpath |grep ^/tmp)" ]; then - exit 1 +rpath=$(readlink -f "$src_file") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid source path $src_file" + exit 2 fi # Checking destination path -rpath=$(readlink -f "$file_dst") -if [ -z "$(echo $rpath |grep ^$homedir)" ]; then - exit 1 -fi - -# Checking dst file permission -if [ -e "$file_dst" ]; then - perms=$(stat --format '%a' $file_dst) +rpath=$(readlink -f "$dst_file") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: ivalid destination path $dst_file" + exit 2 fi # Copying file -cp $file_src $file_dst - -# Changing ownership -chown $user:$user $file_dst - -# Changin permissions -if [ ! -z "$perms" ]; then - chmod $perms $file_dst +sudo -u $user cp "$src_file" "$dst_file" >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: file $src_file was not copied" + exit 3 fi +# Exiting exit diff --git a/bin/v-deactivate-vesta-license b/bin/v-deactivate-vesta-license new file mode 100755 index 000000000..c7279e456 --- /dev/null +++ b/bin/v-deactivate-vesta-license @@ -0,0 +1,65 @@ +#!/bin/bash +# info: deactivate vesta license +# options: MODULE LICENSE +# +# The function deactivates vesta license + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +module=$(echo $1 | tr '[:lower:]' '[:upper:]') +license=$2 + +# Importing system environment +source /etc/profile + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +# Checking arg number +check_args '2' "$#" 'MODULE LICENSE' + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Activating license +v_host='https://vestacp.com/checkout' +answer=$(curl -s "$v_host/cancel.php?licence_key=$license&module=$module") +check_result $? "cant' connect to vestacp.com " $E_CONNECT + +# Checking server answer +if [[ "$answer" != '0' ]]; then + echo "Error: $module license $license is invalid" + exit $E_INVALID +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Updating vesta.conf +if [ ! -z "$(grep "${module}_KEY" $VESTA/conf/vesta.conf)" ]; then + sed -i "s/${module}_KEY=.*/${module}_KEY=''/g" $VESTA/conf/vesta.conf +fi + +# Deactivating sftpjail +if [ "$module" = 'SFTPJAIL' ]; then + setsid $BIN/v-delete-sys-sftp-jail 2>/dev/null +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-backup-ftp-host b/bin/v-delete-backup-host similarity index 72% rename from bin/v-delete-backup-ftp-host rename to bin/v-delete-backup-host index a2b8811cb..d5d447565 100755 --- a/bin/v-delete-backup-ftp-host +++ b/bin/v-delete-backup-host @@ -1,6 +1,6 @@ #!/bin/bash # info: delete backup ftp server -# options: NONE +# options: TYPE # # The function deletes ftp backup host @@ -9,6 +9,9 @@ # Variable&Function # #----------------------------------------------------------# +# Argument definition +type=$1 + # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf @@ -18,28 +21,36 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# +check_args '1' "$#" 'TYPE [HOST]' +types=$(echo "$BACKUP_SYSTEM" |sed "s/,/\n/g" |grep "^$type$") +if [ -z "$types" ]; then + echo "Error: invalid backup type" + log_event "$E_INVALID" "$ARGUMENTS" + exit $E_INVALID +fi + #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Checking network connection -rm -f $VESTA/conf/ftp.backup.conf +# Deleting host config +rm -f $VESTA/conf/$type.backup.conf #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# -# Update vesta.conf +# Updating vesta.conf bckp=$(echo "$BACKUP_SYSTEM" |\ sed "s/,/\n/g"|\ - sed "s/ftp//" |\ + sed "s/^$type$//" |\ sed "/^$/d"|\ sed ':a;N;$!ba;s/\n/,/g') sed -i "s/BACKUP_SYSTEM=.*/BACKUP_SYSTEM='$bckp'/g" $VESTA/conf/vesta.conf # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-cron-job b/bin/v-delete-cron-job index f47bbc92c..77668e17f 100755 --- a/bin/v-delete-cron-job +++ b/bin/v-delete-cron-job @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 job=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER JOB' -validate_format 'user' 'job' +is_format_valid 'user' 'job' is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -52,14 +52,12 @@ sync_cron_jobs # Decreasing cron value decrease_user_value "$user" '$U_CRON_JOBS' -# Restart crond +# Restarting crond $BIN/v-restart-cron -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +check_result $? "Restart restart failed" >/dev/null # Logging log_history "deleted cron job $job" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-cron-reports b/bin/v-delete-cron-reports index 247f17b13..45fd88cab 100755 --- a/bin/v-delete-cron-reports +++ b/bin/v-delete-cron-reports @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -44,14 +44,12 @@ sync_cron_jobs # Vesta # #----------------------------------------------------------# -# Restart crond +# Restarting crond $BIN/v-restart-cron -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +check_result $? "Cron restart failed" >/dev/null # Logging log_history "disabled cron reporting" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-cron-restart-job b/bin/v-delete-cron-restart-job index 5876ba3b9..33c8c5661 100755 --- a/bin/v-delete-cron-restart-job +++ b/bin/v-delete-cron-restart-job @@ -1,6 +1,6 @@ #!/bin/bash # info: delete restart job -# opions: NONE +# options: NONE # # The script for disabling restart cron tasks @@ -39,6 +39,6 @@ fi #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-cron-vesta-autoupdate b/bin/v-delete-cron-vesta-autoupdate index ee5f74a6b..051bc7649 100755 --- a/bin/v-delete-cron-vesta-autoupdate +++ b/bin/v-delete-cron-vesta-autoupdate @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=admin # Includes @@ -51,13 +51,11 @@ sync_cron_jobs # Decreasing cron value decrease_user_value "$user" '$U_CRON_JOBS' -# Restart crond +# Restarting crond $BIN/v-restart-cron -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +check_result $? "Cron restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-database b/bin/v-delete-database index 7257f85d7..33ed53f14 100755 --- a/bin/v-delete-database +++ b/bin/v-delete-database @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 database=$2 @@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DATABASE' -validate_format 'user' 'database' +is_format_valid 'user' 'database' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -60,6 +60,6 @@ decrease_user_value "$user" '$U_DATABASES' # Logging log_history "deleted $database database" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-database-host b/bin/v-delete-database-host index fe6f3db78..4a52be10f 100755 --- a/bin/v-delete-database-host +++ b/bin/v-delete-database-host @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition type=$1 host=$2 @@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'TYPE HOST' -validate_format 'type' 'host' +is_format_valid 'type' 'host' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_type_valid "$DB_SYSTEM" "$type" is_object_valid "../../conf/$type" 'HOST' "$host" @@ -45,6 +45,6 @@ sed -i "/HOST='$host' /d" $VESTA/conf/$type.conf # Logging log_history "deleted $type database server $host" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-databases b/bin/v-delete-databases index cb1421314..d771bba35 100755 --- a/bin/v-delete-databases +++ b/bin/v-delete-databases @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -43,6 +43,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-dns-domain b/bin/v-delete-dns-domain index 18e41337c..c82b0c00d 100755 --- a/bin/v-delete-dns-domain +++ b/bin/v-delete-dns-domain @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$(idn -t --quiet -u "$2" ) restart="$3" @@ -26,7 +26,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -71,16 +71,12 @@ rm -f $USER_DATA/dns/$domain.conf decrease_user_value "$user" '$U_DNS_DOMAINS' decrease_user_value "$user" '$U_DNS_RECORDS' "$records" -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns $restart - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "Bind restart failed" >/dev/null # Logging log_history "deleted dns domain $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-dns-domains b/bin/v-delete-dns-domains index da97aa69e..a98b31408 100755 --- a/bin/v-delete-dns-domains +++ b/bin/v-delete-dns-domains @@ -9,8 +9,9 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 +restart=$2 # Includes source $VESTA/func/main.sh @@ -22,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -41,13 +42,11 @@ done # Vesta # #----------------------------------------------------------# -# Restart named -$BIN/v-restart-dns -if [ $? -ne 0 ]; then - exit $E_RESTART -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "Bind restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-dns-domains-src b/bin/v-delete-dns-domains-src index dd646b705..85a6c147c 100755 --- a/bin/v-delete-dns-domains-src +++ b/bin/v-delete-dns-domains-src @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 src=$2 restart=$3 @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER SRC [RESTART]' -validate_format 'user' 'src' +is_format_valid 'user' 'src' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -44,14 +44,10 @@ done #----------------------------------------------------------# # Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-dns $restart +check_result $? "Bind restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-dns-on-web-alias b/bin/v-delete-dns-on-web-alias index 0a574bd5d..87e688493 100755 --- a/bin/v-delete-dns-on-web-alias +++ b/bin/v-delete-dns-on-web-alias @@ -9,13 +9,13 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(echo $2 | sed -e 's/\.*$//g' -e 's/^\.*//g') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 dom_alias=$(idn -t --quiet -u "$3" ) -dom_alias=$(echo $dom_alias | sed -e 's/\.*$//g' -e 's/^\.*//g') -dom_alias=$(echo $dom_alias | tr '[:upper:]' '[:lower:]') +dom_alias=$(echo $dom_alias |sed -e 's/\.*$//g' -e 's/^\.*//g') +dom_alias=$(echo $dom_alias |tr '[:upper:]' '[:lower:]') dom_alias_idn=$(idn -t --quiet -a "$dom_alias" ) restart="$4" @@ -24,13 +24,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ALIAS' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -63,7 +68,7 @@ else fi if [ ! -z "$rec" ]; then eval "$rec" - $BIN/v-delete-dns-record $user "$root" "$ID" + $BIN/v-delete-dns-record $user "$root" "$ID" $restart fi fi fi @@ -74,6 +79,6 @@ fi #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-dns-record b/bin/v-delete-dns-record index d5749d190..4b4555dfa 100755 --- a/bin/v-delete-dns-record +++ b/bin/v-delete-dns-record @@ -9,10 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 id=$3 restart=$4 @@ -21,13 +21,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ID [RESTART]' -validate_format 'user' 'domain' 'id' +is_format_valid 'user' 'domain' 'id' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" @@ -45,6 +50,7 @@ sed -i "/^ID='$id'/d" $USER_DATA/dns/$domain.conf # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -68,16 +74,12 @@ records="$(wc -l $USER_DATA/dns/$domain.conf | cut -f1 -d ' ')" update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records" decrease_user_value "$user" '$U_DNS_RECORDS' -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "Bind restart failed" >/dev/null # Logging log_history "deleted dns record $id on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-domain b/bin/v-delete-domain index deb4f2164..b6294679a 100755 --- a/bin/v-delete-domain +++ b/bin/v-delete-domain @@ -9,14 +9,13 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 restart="${3-yes}" # Includes source $VESTA/func/main.sh -source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf @@ -25,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -34,52 +33,50 @@ is_object_unsuspended 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Web domain -if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB_SYSTEM" != 'no' ]; then - check_web=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf) - if [ ! -z "$check_web" ]; then +# Working on Web domain +if [ ! -z "$WEB_SYSTEM" ]; then + str=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf) + if [ ! -z "$str" ]; then + domain_found='yes' $BIN/v-delete-web-domain $user $domain 'no' - if [ $? -ne 0 ]; then - exit $E_RESTART - fi + check_result $? "can't suspend web" > /dev/null fi fi -# DNS domain -if [ ! -z "$DNS_SYSTEM" ] && [ "$DNS_SYSTEM" != 'no' ]; then - check_dns=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) - if [ ! -z "$check_dns" ]; then +# Working on DNS domain +if [ ! -z "$DNS_SYSTEM" ]; then + str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) + if [ ! -z "$str" ]; then + domain_found='yes' $BIN/v-delete-dns-domain $user $domain 'no' - if [ $? -ne 0 ]; then - exit $E_RESTART - fi + check_result $? "can't suspend dns" > /dev/null fi fi -# Mail domain -if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL_SYSTEM" != 'no' ]; then - check_mail=$(grep "DOMAIN='$domain'" $USER_DATA/mail.conf) - if [ ! -z "$check_mail" ]; then +# Working on Mail domain +if [ ! -z "$MAIL_SYSTEM" ]; then + str=$(grep "DOMAIN='$domain'" $USER_DATA/mail.conf) + if [ ! -z "$str" ]; then + domain_found='yes' $BIN/v-delete-mail-domain $user $domain - if [ $? -ne 0 ]; then - exit $E_RESTART - fi + check_result $? "can't suspend mail" > /dev/null fi fi -# Check domain status -if [ -z "$check_web" ] && [ -z "$check_dns" ] && [ -z "$check_mail" ]; then - echo "Error: domain $domain doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST +# Checking domain search result +if [ -z "$domain_found" ]; then + check_result $E_NOTEXISTS "domain $domain doesn't exist" fi -# Restart services -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - $BIN/v-restart-proxy - $BIN/v-restart-dns -fi +# Restarting services +$BIN/v-restart-web $restart +check_result $? "can't restart web" > /dev/null + +$BIN/v-restart-proxy $restart +check_result $? "can't restart proxy" > /dev/null + +$BIN/v-restart-dns $restart +check_result $? "can't restart dns" > /dev/null #----------------------------------------------------------# diff --git a/bin/v-delete-firewall-ban b/bin/v-delete-firewall-ban index 97362adaa..52f3403d8 100755 --- a/bin/v-delete-firewall-ban +++ b/bin/v-delete-firewall-ban @@ -12,7 +12,7 @@ # Importing system variables source /etc/profile -# Argument defenition +# Argument definition ip=$1 chain=$(echo $2|tr '[:lower:]' '[:upper:]') @@ -29,7 +29,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'IP CHAIN' -validate_format 'ip' 'chain' +is_format_valid 'ip' 'chain' is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' @@ -45,9 +45,10 @@ if [ -z "$check_ip" ]; then fi # Deleting ip from banlist -sed -i "/IP='$ip' CHAIN='$chain'/d" $conf -$iptables -D fail2ban-$chain -s $ip \ - -j REJECT --reject-with icmp-port-unreachable 2>/dev/null +sip=$(echo "$ip"| sed "s|/|\\\/|g") +sed -i "/IP='$sip' CHAIN='$chain'/d" $conf +b=$($iptables -L fail2ban-$chain --line-number -n|grep $ip|awk '{print $1}') +$iptables -D fail2ban-$chain $b 2>/dev/null # Changing permissions chmod 660 $conf @@ -58,6 +59,6 @@ chmod 660 $conf #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-firewall-chain b/bin/v-delete-firewall-chain index cb1316bbb..7e510d80f 100755 --- a/bin/v-delete-firewall-chain +++ b/bin/v-delete-firewall-chain @@ -12,7 +12,7 @@ # Importing system variables source /etc/profile -# Argument defenition +# Argument definition chain=$(echo $1 | tr '[:lower:]' '[:upper:]') # Defining absolute path to iptables @@ -28,7 +28,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'CHAIN' -validate_format 'chain' +is_format_valid 'chain' is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' @@ -61,6 +61,6 @@ chmod 660 $chains #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-firewall-rule b/bin/v-delete-firewall-rule index 7f1c24d8e..8f646644b 100755 --- a/bin/v-delete-firewall-rule +++ b/bin/v-delete-firewall-rule @@ -12,7 +12,7 @@ # Importing system variables source /etc/profile -# Argument defenition +# Argument definition rule=$1 # Includes @@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'RULE' -validate_format 'rule' +is_format_valid 'rule' is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' is_object_valid '../../data/firewall/rules' 'RULE' "$rule" @@ -46,6 +46,6 @@ $BIN/v-update-firewall #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-fs-directory b/bin/v-delete-fs-directory new file mode 100755 index 000000000..b1cedde7e --- /dev/null +++ b/bin/v-delete-fs-directory @@ -0,0 +1,45 @@ +#!/bin/bash +# info: delete directory +# options: USER DIRECTORY +# +# The function deletes directory on the file system + + +user=$1 +dst_dir=$2 + +# Checking arguments +if [ -z "$dst_dir" ]; then + echo "Usage: USER DIRECTORY" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking destination path +rpath=$(readlink -f "$dst_dir") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid destination path $dst_dir" + exit 1 +fi + +# Deleting directory +sudo -u $user rm -rf "$dst_dir" # >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: directory $dst_dir was not deleted" + exit 3 +fi + +# Exiting +exit diff --git a/bin/v-delete-fs-file b/bin/v-delete-fs-file new file mode 100755 index 000000000..bca18ff06 --- /dev/null +++ b/bin/v-delete-fs-file @@ -0,0 +1,45 @@ +#!/bin/bash +# info: delete file +# options: USER FILE +# +# The function deletes file on the file system + + +user=$1 +dst_file=$2 + +# Checking arguments +if [ -z "$dst_file" ]; then + echo "Usage: USER FILE" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking destination path +rpath=$(readlink -f "$dst_file") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid destination path $dst_file" + exit 2 +fi + +# Deleting file +sudo -u $user rm -f "$dst_file" >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: file $dst_file was not deleted" + exit 3 +fi + +# Exiting +exit diff --git a/bin/v-delete-letsencrypt-domain b/bin/v-delete-letsencrypt-domain new file mode 100755 index 000000000..4dad88b97 --- /dev/null +++ b/bin/v-delete-letsencrypt-domain @@ -0,0 +1,66 @@ +#!/bin/bash +# info: deleting letsencrypt ssl cetificate for domain +# options: USER DOMAIN [RESTART] +# +# The function turns off letsencrypt SSL support for a domain. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +restart=$3 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_system_enabled "$WEB_SSL" 'SSL_SUPPORT' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" +is_object_value_exist 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Delete SSL +$BIN/v-delete-web-domain-ssl $user $domain $restart >/dev/null 2>&1 +check_result $? "SSL delete" >/dev/null + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Updating letsencrypt flag +update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'no' + +# Restarting web +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null + +# Restarting proxy +if [ ! -z "$PROXY_SYSTEM" ]; then + $BIN/v-restart-web $restart >/dev/null + check_result $? "Proxy restart failed" >/dev/null +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-mail-account b/bin/v-delete-mail-account index e94cae4d0..f0da423cb 100755 --- a/bin/v-delete-mail-account +++ b/bin/v-delete-mail-account @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 # Includes @@ -21,13 +20,17 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ACCOUNT' -validate_format 'user' 'domain' 'account' +is_format_valid 'user' 'domain' 'account' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -44,11 +47,11 @@ is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" if [[ "$MAIL_SYSTEM" =~ exim ]]; then aliases=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$ALIAS') for al in ${aliases//,/ }; do - sed -i "/^$al@$domain:$account/d" \ + sed -i "/^$al@$domain_idn:$account/d" \ $HOMEDIR/$user/conf/mail/$domain/aliases done - sed -i "/^$account@$domain:/d" $HOMEDIR/$user/conf/mail/$domain/aliases + sed -i "/^$account@$domain_idn:/d" $HOMEDIR/$user/conf/mail/$domain/aliases sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd rm -rf $HOMEDIR/$user/mail/$domain/$account fi @@ -68,6 +71,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$ACCOUNTS' "$accounts" # Logging log_history "deleted $account@$domain mail account" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-account-alias b/bin/v-delete-mail-account-alias index de7310d73..9d5f902f3 100755 --- a/bin/v-delete-mail-account-alias +++ b/bin/v-delete-mail-account-alias @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 malias=$4 @@ -22,13 +21,17 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ACCOUNT ALIAS' -validate_format 'user' 'domain' 'account' 'malias' +is_format_valid 'user' 'domain' 'account' 'malias' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -39,7 +42,7 @@ is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" aliases=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$ALIAS') if [ -z "$(echo $aliases | grep -w $malias)" ]; then echo "Error: alias $malias doesn't exist" - log_event "$E_NOTEXIST $EVENT" + log_event "$E_NOTEXIST $ARGUMENTS" exit $E_NOTEXIST fi @@ -49,7 +52,7 @@ fi #----------------------------------------------------------# if [[ "$MAIL_SYSTEM" =~ exim ]]; then - sed -i "/^$malias@$domain:$account/d" \ + sed -i "/^$malias@$domain_idn:$account/d" \ $HOMEDIR/$user/conf/mail/$domain/aliases fi @@ -69,6 +72,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$ALIAS' "$aliases" # Logging log_history "deleted alias $malias on $account@$domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-account-autoreply b/bin/v-delete-mail-account-autoreply index 9d8c4c223..d4cb02133 100755 --- a/bin/v-delete-mail-account-autoreply +++ b/bin/v-delete-mail-account-autoreply @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 malias=$4 @@ -22,13 +21,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ACCOUNT' -validate_format 'user' 'domain' 'account' +is_format_valid 'user' 'domain' 'account' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -60,7 +64,7 @@ rm -f $USER_DATA/mail/$domain/$account@$domain.msg update_object_value "mail/$domain" 'ACCOUNT' "$account" '$AUTOREPLY' 'no' # Logging -log_history "$EVENT" -log_event "$OK" "$EVENT" +log_history "$ARGUMENTS" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-account-forward b/bin/v-delete-mail-account-forward index 4eb31e6cc..bb2096514 100755 --- a/bin/v-delete-mail-account-forward +++ b/bin/v-delete-mail-account-forward @@ -1,5 +1,5 @@ #!/bin/bash -# info: delte mail account forward +# info: delete mail account forward # options: USER DOMAIN ACCOUNT EMAIL # # The function add delete email account forward address. @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 forward=$4 @@ -22,13 +21,17 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ACCOUNT FORWARD' -validate_format 'user' 'domain' 'account' 'forward' +is_format_valid 'user' 'domain' 'account' 'forward' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -38,9 +41,7 @@ is_object_valid "mail/$domain" 'ACCOUNT' "$account" is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" fwd=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD') if [ -z "$(echo $fwd | grep -w $forward)" ]; then - echo "Error: forward $forward doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST + check_result $E_NOTEXIST "forward $forward doesn't exist" fi @@ -57,8 +58,8 @@ fwd=$(echo "$fwd" |\ # Deleting exim forward if [[ "$MAIL_SYSTEM" =~ exim ]]; then - sed -i "/^$account@$domain:/ d" $HOMEDIR/$user/conf/mail/$domain/aliases - echo "$account@$domain:$fwd" >> $HOMEDIR/$user/conf/mail/$domain/aliases + sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/aliases + echo "$account@$domain_idn:$fwd" >> $HOMEDIR/$user/conf/mail/$domain/aliases fi @@ -71,6 +72,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD' "$fwd" # Logging log_history "deleted $forward forward on $account@$domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-account-fwd-only b/bin/v-delete-mail-account-fwd-only index 9ea83bbcd..820164ed8 100755 --- a/bin/v-delete-mail-account-fwd-only +++ b/bin/v-delete-mail-account-fwd-only @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 # Includes @@ -21,13 +20,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ACCOUNT' -validate_format 'user' 'domain' 'account' +is_format_valid 'user' 'domain' 'account' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -56,6 +60,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD_ONLY' '' # Logging log_history "deleted fwd_only flag for $account@$domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-domain b/bin/v-delete-mail-domain index cb32dfaf6..ee727aa96 100755 --- a/bin/v-delete-mail-domain +++ b/bin/v-delete-mail-domain @@ -10,23 +10,27 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -52,7 +56,7 @@ fi # Deleting dkim dns record if [ "$DKIM" = 'yes' ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then records=$($BIN/v-list-dns-records $user $domain plain) - dkim_records=$(echo "$records" |grep -w '_domainkey' | cut -f 1 -d ' ') + dkim_records=$(echo "$records" |grep -w '_domainkey' |cut -f 1) for id in $dkim_records; do $BIN/v-delete-dns-record $user $domain $id done @@ -79,6 +83,6 @@ decrease_user_value "$user" '$U_MAIL_ACCOUNTS' "$accounts" # Logging log_history "deleted mail domain $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-domain-antispam b/bin/v-delete-mail-domain-antispam index 3e68529e4..455ed9caa 100755 --- a/bin/v-delete-mail-domain-antispam +++ b/bin/v-delete-mail-domain-antispam @@ -2,31 +2,35 @@ # info: delete mail domain antispam support # options: USER DOMAIN # -# The function disable spamassasin for incomming emails. +# The function disable spamassasin for incoming emails. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -54,6 +58,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$ANTISPAM' 'no' # Logging log_history "disabled antispam support for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-domain-antivirus b/bin/v-delete-mail-domain-antivirus index 6a925e4c8..312120f77 100755 --- a/bin/v-delete-mail-domain-antivirus +++ b/bin/v-delete-mail-domain-antivirus @@ -2,31 +2,35 @@ # info: delete mail domain antivirus support # options: USER DOMAIN # -# The function disables clamav scan for incomming emails. +# The function disables clamav scan for incoming emails. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -54,6 +58,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$ANTIVIRUS' 'no' # Logging log_history "disabled antivirus support on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-domain-catchall b/bin/v-delete-mail-domain-catchall index 42a6ce66b..7a30175d0 100755 --- a/bin/v-delete-mail-domain-catchall +++ b/bin/v-delete-mail-domain-catchall @@ -9,24 +9,27 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -41,7 +44,7 @@ is_object_value_exist 'mail' 'DOMAIN' "$domain" '$CATCHALL' # Delete cathcall alias if [[ "$MAIL_SYSTEM" =~ exim ]]; then - sed -i "/*@$domain:/d" $HOMEDIR/$user/conf/mail/$domain/aliases + sed -i "/*@$domain_idn:/d" $HOMEDIR/$user/conf/mail/$domain/aliases fi @@ -54,6 +57,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$CATCHALL' '' # Logging log_history "deleted catchall email on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-domain-dkim b/bin/v-delete-mail-domain-dkim index a79c2cfe0..f11e48d4f 100755 --- a/bin/v-delete-mail-domain-dkim +++ b/bin/v-delete-mail-domain-dkim @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$(idn -t --quiet -u "$2" ) domain=$(echo $domain | tr '[:upper:]' '[:lower:]') @@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -61,10 +61,10 @@ fi # Updatoing config update_object_value 'mail' 'DOMAIN' "$domain" '$DKIM' 'no' -decrease_user_value "$user" '$U_MAIL_DKMI' +decrease_user_value "$user" '$U_MAIL_DKIM' # Logging log_history "disabled DKIM support on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-mail-domains b/bin/v-delete-mail-domains index ae4153810..e734f8449 100755 --- a/bin/v-delete-mail-domains +++ b/bin/v-delete-mail-domains @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -42,6 +42,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-remote-dns-domain b/bin/v-delete-remote-dns-domain index 9d5bb1547..bd8f46dd5 100755 --- a/bin/v-delete-remote-dns-domain +++ b/bin/v-delete-remote-dns-domain @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 @@ -24,86 +24,42 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' - -if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then - echo "Error: dns-cluster.conf doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST -fi - -number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l) -if [ "$number_of_proc" -gt 2 ]; then - echo "Error: another sync process already exists" - log_event "$E_EXISTS $EVENT" - exit $E_EXISTS -fi +is_procces_running +remote_dns_health_check #----------------------------------------------------------# # Action # #----------------------------------------------------------# -old_ifs="$IFS" -IFS=$'\n' - # Starting cluster loop -for cluster_str in $(grep SUSPENDED='no' $VESTA/conf/dns-cluster.conf); do +IFS=$'\n' +for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do - # Get host values - eval $cluster_str + # Parsing remote host parameters + eval $cluster - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' + # Syncing domain + cluster_cmd v-delete-dns-domain $DNS_USER $domain 'yes' + rc=$? + if [ "$rc" -ne 0 ] && [ $rc -ne 3 ]; then + check_result $rc "$HOST connection failed (sync)" $E_CONNECT fi - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check host connection - $send_cmd v-list-sys-config - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - $send_cmd v-list-user $DNS_USER - if [ $? -ne 0 ]; then - echo "Error: dns user $DNS_USER doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST - fi - - # Check dns exceptions - if [ -z "$DNS_CLUSTER_IGNORE" ]; then - DNS_CLUSTER_IGNORE='dns-cluster' - fi - - # Sync domain - $send_cmd v-delete-dns-domain $DNS_USER $domain 'scheduled' - done -# Update pipe -pipe="$VESTA/data/queue/dns-cluster.pipe" -str=$(grep -n "$SCRIPT $1 $2$" $pipe | cut -f1 -d: | head -n1) -if [ ! -z "$str" ]; then - sed -i "$str d" $pipe -fi - #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Updating pipe +pipe="$VESTA/data/queue/dns-cluster.pipe" +str=$(grep -n "$SCRIPT $1 $2$" $pipe | cut -f1 -d: | head -n1) +if [ ! -z "$str" ]; then + sed -i "$str d" $pipe +fi + exit diff --git a/bin/v-delete-remote-dns-domains b/bin/v-delete-remote-dns-domains index c2e2300f5..3c3b8fd3d 100755 --- a/bin/v-delete-remote-dns-domains +++ b/bin/v-delete-remote-dns-domains @@ -8,7 +8,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition host=$1 # Includes @@ -22,26 +22,14 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' - -if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then - echo "Error: dns-cluster.conf doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST -fi - -number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l) -if [ "$number_of_proc" -gt 2 ]; then - echo "Error: another sync process already exists" - log_event "$E_EXISTS $EVENT" - exit $E_EXISTS -fi +is_procces_running +remote_dns_health_check #----------------------------------------------------------# # Action # #----------------------------------------------------------# -old_ifs="$IFS" IFS=$'\n' if [ -z $host ]; then @@ -51,65 +39,18 @@ else fi # Starting cluster loop -for cluster_str in $hosts; do +for cluster in $hosts; do - # Get host values - eval $cluster_str + # Parsing remote host parameters + eval $cluster - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' - fi + # Deleting source records + cluster_cmd v-delete-dns-domains-src $DNS_USER $HOSTNAME 'no' + check_result $? "$HOST connection failed (cleanup)" $E_CONNECT - # Print hostname - if [ ! -z "$verbose" ]; then - echo "HOSTNAME: $HOSTNAME" - echo "TYPE: $TYPE" - fi - - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check host connection - $send_cmd v-list-sys-config - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - if [ ! -z "$verbose" ]; then - echo "DNS_USER: $DNS_USER" - fi - $send_cmd v-list-user $DNS_USER - if [ $? -ne 0 ]; then - echo "Error: dns user $DNS_USER doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST - fi - - # Clean source records - $send_cmd v-delete-dns-domains-src $DNS_USER $HOSTNAME 'no' - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed (cleanup)" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - - # Rebuild dns zones - $send_cmd v-rebuild-dns-domains $DNS_USER 'scheduled' - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed (rebuild)" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi + # Rebuilding dns zones + $send_cmd v-rebuild-dns-domains $DNS_USER 'yes' + check_result $? "$HOST connection failed (rebuild)" $E_CONNECT done @@ -118,4 +59,11 @@ done # Vesta # #----------------------------------------------------------# +# Updating pipe +pipe="$VESTA/data/queue/dns-cluster.pipe" +str=$(grep -n "$SCRIPT $1 $2$" $pipe | cut -f1 -d: | head -n1) +if [ ! -z "$str" ]; then + sed -i "$str d" $pipe +fi + exit diff --git a/bin/v-delete-remote-dns-host b/bin/v-delete-remote-dns-host index e82cad688..e65867390 100755 --- a/bin/v-delete-remote-dns-host +++ b/bin/v-delete-remote-dns-host @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition host=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'HOST' -validate_format 'host' +is_format_valid 'host' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_object_valid "../../conf/dns-cluster" 'HOST' "$host" @@ -32,25 +32,13 @@ is_object_valid "../../conf/dns-cluster" 'HOST' "$host" # Action # #----------------------------------------------------------# -eval $(grep $host $VESTA/conf/dns-cluster.conf) -case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; -esac - - -# Check host connection -$send_cmd v-list-sys-config -if [ $? -eq 0 ]; then - # Deleting domains - $BIN/v-delete-remote-dns-domains $host >>/dev/null 2>&1 - $send_cmd v-add-cron-restart-job -fi +# Deleting remote domains +$BIN/v-delete-remote-dns-domains $host >>/dev/null 2>&1 # Deleting server sed -i "/HOST='$host' /d" $VESTA/conf/dns-cluster.conf -# Delete DNS_CLUSTER key +# Deleting DNS_CLUSTER key check_cluster=$(grep HOST $VESTA/conf/dns-cluster.conf |wc -l) if [ "$check_cluster" -eq '0' ]; then rm -f $VESTA/conf/dns-cluster.conf @@ -72,6 +60,6 @@ fi # Logging log_history "deleted remote dns server $host" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-remote-dns-record b/bin/v-delete-remote-dns-record index 29102f6e6..a4732a2d4 100755 --- a/bin/v-delete-remote-dns-record +++ b/bin/v-delete-remote-dns-record @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 id=$3 @@ -25,81 +25,50 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ID' -validate_format 'user' 'domain' 'id' +is_format_valid 'user' 'domain' 'id' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' - -if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then - echo "Error: dns-cluster.conf doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST -fi - -number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l) -if [ "$number_of_proc" -gt 2 ]; then - echo "Error: another sync process already exists" - log_event "$E_EXISTS $EVENT" - exit $E_EXISTS -fi +is_procces_running +remote_dns_health_check #----------------------------------------------------------# # Action # #----------------------------------------------------------# -old_ifs="$IFS" -IFS=$'\n' # Starting cluster loop -for cluster_str in $(cat $VESTA/conf/dns-cluster.conf); do +IFS=$'\n' +for cluster in $(cat $VESTA/conf/dns-cluster.conf); do - # Get host values - eval $cluster_str + # Parsing remote host parameters + eval $cluster - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' - fi - - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check host connection - $send_cmd v-list-sys-config - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - $send_cmd v-list-user $DNS_USER - if [ $? -ne 0 ]; then - echo "Error: dns user $DNS_USER doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST - fi + # Syncing serial + str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) + cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no' + check_result $? "$HOST connection failed (soa sync)" $E_CONNECT # Sync domain - $send_cmd v-delete-dns-record $DNS_USER $domain $id 'scheduled' + cluster_cmd v-delete-dns-record $DNS_USER $domain $id 'no' + #check_result $? "$HOST connection failed (delete)" $E_CONNECT + + # Rebuilding dns zone + cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no' + check_result $? "$HOST connection failed (rebuild)" $E_CONNECT done -# Update pipe -pipe="$VESTA/data/queue/dns-cluster.pipe" -str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) -if [ ! -z "$str" ]; then - sed -i "$str d" $pipe -fi #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Updating pipe +pipe="$VESTA/data/queue/dns-cluster.pipe" +str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) +if [ ! -z "$str" ]; then + sed -i "$str d" $pipe +fi + exit diff --git a/bin/v-list-dns-domains-src b/bin/v-delete-sys-firewall similarity index 56% rename from bin/v-list-dns-domains-src rename to bin/v-delete-sys-firewall index 0ac5cae3f..75b787945 100755 --- a/bin/v-list-dns-domains-src +++ b/bin/v-delete-sys-firewall @@ -1,51 +1,48 @@ #!/bin/bash -# info: list dns domains -# options: USER [FORMAT] +# info: delete system firewall +# options: NONE # -# The function for obtaining all DNS domains of a user. +# The script disables firewall support #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition -user=$1 -format=${2-shell} - # Includes source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' -is_object_valid 'user' 'USER' "$user" +if [ -z "$FIREWALL_SYSTEM" ]; then + exit +fi #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Defining config and fields -conf=$USER_DATA/dns.conf -fields='$DOMAIN $IP $TPL $TTL $EXP $SOA $SRC $RECORDS $SUSPENDED $TIME $DATE' +# Stopping firewall +$BIN/v-stop-firewall -# Listing domains -case $format in - json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$DOMAIN $IP $SRC $DATE'; - shell_list| column -t ;; - *) check_args '1' '0' 'USER [FORMAT]';; -esac +# Updating FIREWALL_SYSTEM value +if [ -z "$(grep FIREWALL_SYSTEM $VESTA/conf/vesta.conf)" ]; then + echo "FIREWALL_SYSTEM=''" >> $VESTA/conf/vesta.conf +else + sed -i "s/FIREWALL_SYSTEM=.*/FIREWALL_SYSTEM=''/g" $VESTA/conf/vesta.conf +fi #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Logging +log_event "$OK" "$ARGUMENTS" + exit diff --git a/bin/v-delete-sys-ip b/bin/v-delete-sys-ip index 6c06b3cd8..9692cc8cf 100755 --- a/bin/v-delete-sys-ip +++ b/bin/v-delete-sys-ip @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition ip=$1 # Includes @@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'IP' -validate_format 'ip' +is_format_valid 'ip' is_ip_valid "$ip" is_ip_key_empty '$U_WEB_DOMAINS' is_ip_key_empty '$U_SYS_USERS' @@ -35,33 +35,40 @@ is_ip_key_empty '$U_SYS_USERS' # Action # #----------------------------------------------------------# -# Get ip owner -user="$(get_ip_value '$OWNER')" -ip_status="$(get_ip_value '$STATUS')" +# Import ip variables +source $VESTA/data/ips/$ip +cidr=$(convert_netmask $NETMASK) -# Deleting interface -interface=$(/sbin/ifconfig | grep -B1 "dr:$ip " | head -n1 | cut -f1 -d \ ) +# Checking main ip on the interface +interface=$(/sbin/ip addr | grep "$ip/$cidr" | awk '{print $NF}') if [ ! -z "$interface" ] && [ -z "$(echo $interface |cut -s -f2 -d :)" ]; then echo "Error: can't delete main IP address" - log_event "$E_FORBIDEN" "$EVENT" + log_event "$E_FORBIDEN" "$ARGUMENTS" exit $E_FORBIDEN fi + +# Deleting system ip if [ ! -z "$interface" ]; then - /sbin/ifconfig $interface down - - # Deleting startup conf on RHEL/CentOS/Fedora - if [ -e "/etc/sysconfig/network-scripts/ifcfg-$interface" ]; then - rm -f /etc/sysconfig/network-scripts/ifcfg-$interface + /sbin/ip addr del $ip/$cidr dev $INTERFACE + if [ "$?" -ne 0 ]; then + echo "Error: can't delete system ip" + log_event "$E_FORBIDEN" "$ARGUMENTS" + exit $E_FORBIDEN fi +fi - # Deleting startup conf on Debian/Ubuntu - if [ -e "/etc/network/interfaces" ]; then - ip_str=$(grep -n $ip$ /etc/network/interfaces |cut -f1 -d:) - if [ ! -z "$ip_str" ]; then - first_str=$((ip_str - 3)) - last_str=$((ip_str + 1)) - sed -i "$first_str,$last_str d" /etc/network/interfaces - fi +# Deleting startup conf on RHEL/CentOS/Fedora +if [ -e "/etc/sysconfig/network-scripts/ifcfg-$interface" ]; then + rm -f /etc/sysconfig/network-scripts/ifcfg-$interface +fi + +# Deleting startup conf on Debian/Ubuntu +if [ -e "/etc/network/interfaces" ]; then + ip_str=$(grep -n $ip$ /etc/network/interfaces |cut -f1 -d:) + if [ ! -z "$ip_str" ]; then + first_str=$((ip_str - 3)) + last_str=$((ip_str + 1)) + sed -i "$first_str,$last_str d" /etc/network/interfaces fi fi @@ -92,7 +99,12 @@ if [ ! -z "$PROXY_SYSTEM" ]; then new_ips=$(echo "$rpaf_str" | sed "s/$ip//") sed -i "s/$ips/$new_ips/g" $rpaf_conf fi - + + #mod_remoteip + remoteip_conf="/etc/$WEB_SYSTEM/mods-enabled/remoteip.conf" + if [ -e "$remoteip_conf" ]; then + sed -i "s/RemoteIPInternalProxy $ip//g" $remoteip_conf + fi fi @@ -101,37 +113,37 @@ fi #----------------------------------------------------------# # Updating user conf -if [ ! -z "$user" ]; then - decrease_user_value "$user" '$IP_OWNED' +if [ ! -z "$OWNER" ]; then + decrease_user_value "$OWNER" '$IP_OWNED' fi -if [ "$user" = 'admin' ]; then - if [ "$ip_status" = 'shared' ]; then +if [ "$OWNER" = 'admin' ]; then + if [ "$STATUS" = 'shared' ]; then for user in $(ls $VESTA/data/users/); do decrease_user_value "$user" '$IP_AVAIL' done - else - decrease_user_value 'admin' '$IP_AVAIL' fi else - decrease_user_value "$user" '$IP_AVAIL' - decrease_user_value 'admin' '$IP_AVAIL' + decrease_user_value "$OWNER" '$IP_AVAIL' fi - -# Adding task to the vesta pipe +# Restarting web server $BIN/v-restart-web -if [ $? -ne 0 ]; then - exit $E_RESTART +check_result $? "Web restart failed" >/dev/null + +# Restarting proxy server +if [ ! -z "$PROXY_SYSTEM" ]; then + $BIN/v-restart-proxy + check_result $? "Proxy restart failed" >/dev/null fi -$BIN/v-restart-proxy -if [ $? -ne 0 ]; then - exit $E_RESTART +# Restarting firewall +if [ ! -z "$FIREWALL_SYSTEM" ]; then + $BIN/v-update-firewall fi # Logging log_history "deleted system ip address $ip" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-sys-mail-ssl b/bin/v-delete-sys-mail-ssl new file mode 100755 index 000000000..06dab82ba --- /dev/null +++ b/bin/v-delete-sys-mail-ssl @@ -0,0 +1,75 @@ +#!/bin/bash +# info: delete sys vesta user ssl certificate +# options: NONE +# +# The script disables user domain ssl synchronization + + +#----------------------------------------------------------# +# Variable & Function # +#----------------------------------------------------------# + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +vst_crt="$VESTA/ssl/certificate.crt" +vst_key="$VESTA/ssl/certificate.key" + +# Updating mail certificate +case $MAIL_SYSTEM in + exim) conf='/etc/exim/exim.conf';; + exim4) conf='/etc/exim4/exim4.conf.template';; +esac +if [ -e "$conf" ]; then + sed -e "s|^tls_certificate.*|tls_certificate = $vst_crt|" \ + -e "s|^tls_privatekey.*|tls_privatekey = $vst_key|" -i $conf +fi + +# Updating imap certificate +conf="/etc/dovecot/conf.d/10-ssl.conf" +if [ ! -z "$IMAP_SYSTEM" ] && [ -e "$conf" ]; then + sed -e "s|ssl_cert.*|ssl_cert = <$vst_crt|" \ + -e "s|ssl_key.*|ssl_key = <$vst_key|" -i $conf +fi + +# Moving old certificates +if [ -e "$VESTA/ssl/mail.crt" ]; then + mv -f $VESTA/ssl/mail.crt $VESTA/ssl/mail.crt.old +fi +if [ -e "VESTA/ssl/mail.key" ]; then + mv $VESTA/ssl/mail.key VESTA/ssl/mail.key.old +fi + +# Updating vesta.conf value +sed -i "/MAIL_CERTIFICATE=/ d" $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting services +if [ "$restart" != 'no' ]; then + if [ ! -z "$MAIL_SYSTEM" ]; then + $BIN/v-restart-service $MAIL_SYSTEM + fi + if [ ! -z "$IMAP_SYSTEM" ]; then + $BIN/v-restart-service $IMAP_SYSTEM + fi +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-sys-quota b/bin/v-delete-sys-quota index 13f23e9c8..4b8913bfe 100755 --- a/bin/v-delete-sys-quota +++ b/bin/v-delete-sys-quota @@ -1,12 +1,12 @@ #!/bin/bash # info: delete system quota -# opions: NONE +# options: NONE # -# The script disables filesystem quota on /home patition +# The script disables filesystem quota on /home partition #----------------------------------------------------------# -# Variable&Function # +# Variable & Function # #----------------------------------------------------------# # Includes @@ -23,29 +23,34 @@ source $VESTA/conf/vesta.conf # Action # #----------------------------------------------------------# -# Deleting usrquota on /home partition -mnt=$(df -P /home |awk '{print $6}' |tail -n1) -lnr=$(cat -n /etc/fstab |awk '{print $1,$3}' |grep "$mnt$" |cut -f 1 -d ' ') -options=$(sed -n ${lnr}p /etc/fstab |awk '{print $4}') -if [ ! -z "$(echo $options |grep usrquota)" ]; then - sed -i "$lnr s/,usrquota//" /etc/fstab +# Deleting group and user quota on /home partition +mnt=$(df -P /home | awk '{print $6}' | tail -n1) +lnr=$(cat -n /etc/fstab | awk '{print $1,$3}' | grep "$mnt$" | cut -f 1 -d ' ') +opt=$(sed -n ${lnr}p /etc/fstab | awk '{print $4}') +fnd='usrquota\|grpquota\|usrjquota=\|grpjquota=\|jqfmt=' +if [ ! -z "$(echo $opt | grep $fnd)" ]; then + rep=$(echo $(echo $opt | tr ',' '\n' | grep -v $fnd) | tr ' ' ',') + sed -i "$lnr s/$opt/$rep/" /etc/fstab mount -o remount $mnt fi -# Disabling fs quota -if [ -z "$(quotaon -pa|grep " $mnt "|grep user|grep 'off')" ]; then - quotaoff $mnt +# Disabling group and user quota +quotaoff=$(which --skip-alias --skip-functions quotaoff 2>/dev/null) +if [ $? -eq 0 ]; then + if [ ! -z "$(quotaon -pa | grep " $mnt " | grep 'user\|group' | grep 'is on')" ]; then + $quotaoff $mnt + fi fi -# Deleting quota index -if [ -e "$mnt/aquota.user" ]; then - rm $mnt/aquota.user -fi +# Deleting v1 + v2 group and user quota index +for idx in $(echo 'quota.user quota.group aquota.user aquota.group'); do + [ -e "$mnt/$idx" ] && rm -f $mnt/$idx +done -# Deleting weekly cron job +# Deleting cron job rm -f /etc/cron.daily/quotacheck -# Updating DISK_QUOTA value +# Updating vesta.conf value if [ -z "$(grep DISK_QUOTA $VESTA/conf/vesta.conf)" ]; then echo "DISK_QUOTA='no'" >> $VESTA/conf/vesta.conf else @@ -58,6 +63,6 @@ fi #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-sys-sftp-jail b/bin/v-delete-sys-sftp-jail new file mode 100755 index 000000000..464f147fb --- /dev/null +++ b/bin/v-delete-sys-sftp-jail @@ -0,0 +1,88 @@ +#!/bin/bash +# info: delete system sftp jail +# options: NONE +# +# The script disables sftp jailed environment + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Importing system environment as we run this script +# mostly by cron which do not read it by itself +source /etc/profile + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +#if [ -z "$SFTPJAIL_KEY" ]; then +# exit +#fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking users +for user in $(grep "$HOMEDIR" /etc/passwd |cut -f 1 -d:); do + $BIN/v-delete-user-sftp-jail $user +done + +# Checking sshd directives +config='/etc/ssh/sshd_config' +sftp_n=$(grep -n "Subsystem.*sftp" $config |grep -v internal |grep ":#") +sftp_i=$(grep -n "Subsystem.*sftp" $config |grep internal |grep -v ":#") + +# Backing up config +cp $config $config.bak-$(date +%s) + +# Enabling normal sftp +if [ ! -z "$sftp_n" ]; then + fline=$(echo $sftp_n |cut -f 1 -d :) + sed -i "${fline}s/#Subsystem/Subsystem sftp/" $config + restart='yes' +fi + +# Disabling jailed sftp +if [ ! -z "$sftp_i" ]; then + fline=$(echo $sftp_i |cut -f 1 -d :) + lline=$((fline + 5)) + sed -i "${fline},${lline}d" $config + restart='yes' +fi + +# Validating opensshd config +if [ "$restart" = 'yes' ]; then + subj="OpenSSH restart failed" + email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f 2 -d \') + /usr/sbin/sshd -t >/dev/null 2>&1 + if [ "$?" -ne 0 ]; then + mail_text="OpenSSH can not be restarted. Please check config: + \n\n$(/usr/sbin/sshd -t)" + echo -e "$mail_text" |$SENDMAIL -s "$subj" $email + else + service ssh restart >/dev/null 2>&1 + service sshd restart >/dev/null 2>&1 + fi +fi + +# Deleting v-add-sys-sftp-jail from startup +sed -i "/v-add-sys-sftp-jail/d" /etc/rc.local 2>/dev/null + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-sys-vesta-ssl b/bin/v-delete-sys-vesta-ssl new file mode 100755 index 000000000..e90f32b9b --- /dev/null +++ b/bin/v-delete-sys-vesta-ssl @@ -0,0 +1,37 @@ +#!/bin/bash +# info: delete sys vesta user ssl certificate +# options: NONE +# +# The script disables user domain ssl synchronization + + +#----------------------------------------------------------# +# Variable & Function # +#----------------------------------------------------------# + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Updating vesta.conf value +sed -i "/VESTA_CERTIFICATE=/ d" $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-user b/bin/v-delete-user index 07efd7496..c452f0a0e 100755 --- a/bin/v-delete-user +++ b/bin/v-delete-user @@ -2,7 +2,7 @@ # info: delete user # options: USER # -# This function deletes a certain user and all his resourses such as domains, +# This function deletes a certain user and all his resources such as domains, # databases, cron jobs, etc. @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -27,7 +27,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" if [ "$user" = 'admin' ]; then @@ -38,64 +38,59 @@ fi # Action # #----------------------------------------------------------# -# Checking web system is enabled +# Deleting web domains if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB_SYSTEM" != 'no' ]; then $BIN/v-unsuspend-web-domains $user $restart $BIN/v-delete-web-domains $user $restart - rv="$?" - if [ "$rv" -ne '0' ]; then - exit $rv - fi + check_result "$?" "web domain deletion failed" fi -# Checking dns system is enabled +# Deleting dns domains if [ ! -z "$DNS_SYSTEM" ] && [ "$DNS_SYSTEM" != 'no' ]; then $BIN/v-unsuspend-dns-domains $user $restart $BIN/v-delete-dns-domains $user $restart - rv="$?" - if [ "$rv" -ne '0' ]; then - exit $rv - fi + check_result "$?" "dns domain deletion failed" fi -# Checking mail system is enabled +# Deleting mail domains if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL_SYSTEM" != 'no' ]; then $BIN/v-unsuspend-mail-domains $user $BIN/v-delete-mail-domains $user - rv="$?" - if [ "$rv" -ne '0' ]; then - exit $rv - fi + check_result "$?" "mail domain deletion failed" fi -# Checking db system is enabled +# Deleting databases if [ ! -z "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'no' ]; then $BIN/v-unsuspend-databases $user $BIN/v-delete-databases $user - rv="$?" - if [ "$rv" -ne '0' ]; then - exit $rv - fi + check_result "$?" "database deletion failed" fi -# Checking ip +# Releasing user ips $BIN/v-delete-user-ips "$user" -rv="$?" -if [ "$rv" -ne '0' ]; then - exit $rv -fi +check_result "$?" "user ip release failed" # Deleteing user pipes sed -i "/ $user$/d" $VESTA/data/queue/disk.pipe sed -i "/ $user$/d" $VESTA/data/queue/traffic.pipe +# Deleting sftp jail +if [ ! -z "$SFTPJAIL_KEY" ]; then + $BIN/v-delete-user-sftp-jail $user +fi + # Deleting system user /usr/sbin/userdel -f $user >> /dev/null 2>&1 -if [ "$?" != 0 ]; then +if [ $? -ne 0 ]; then sed -i "/^$user:/d" /etc/passwd sed -i "/^$user:/d" /etc/shadow fi +/usr/sbin/groupdel $user >> /dev/null 2>&1 +if [ $? -ne 0 ]; then + sed -i "/^$user:/d" /etc/group +fi + # Deleting user directories chattr -i $HOMEDIR/$user/conf rm -rf $HOMEDIR/$user @@ -116,6 +111,6 @@ fi # Logging log_history "deleted system user $user" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-user-backup b/bin/v-delete-user-backup index a56ac8a78..0166be0a9 100755 --- a/bin/v-delete-user-backup +++ b/bin/v-delete-user-backup @@ -1,6 +1,6 @@ #!/bin/bash # info: delete user backup -# options: USER NACKUP +# options: USER BACKUP # # The function deletes user backup. @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 backup=$(echo $2| cut -f 2 -d \.) @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER BACKUP' -validate_format 'user' 'backup' +is_format_valid 'user' 'backup' is_system_enabled "$BACKUP_SYSTEM" 'BACKUP_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -48,6 +48,6 @@ update_user_value "$user" '$U_BACKUPS' "$U_BACKUPS" # Logging log_history "deleted backup archive $backup" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-user-backup-exclusions b/bin/v-delete-user-backup-exclusions index 40f0ec7ca..0b1a1e330 100755 --- a/bin/v-delete-user-backup-exclusions +++ b/bin/v-delete-user-backup-exclusions @@ -2,14 +2,14 @@ # info: delete backup exclusion # options: USER [SYSTEM] # -# The function for deleteing backup exclusion +# The function for deleting backup exclusion #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 system=$(echo $2 | tr '[:lower:]' '[:upper:]') @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [SYSTEM]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -72,6 +72,6 @@ if [ -z "$system" ]; then else log_history "deleted $system exlusion" fi -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-user-favourites b/bin/v-delete-user-favourites new file mode 100755 index 000000000..28a8dd971 --- /dev/null +++ b/bin/v-delete-user-favourites @@ -0,0 +1,126 @@ +#!/bin/bash +# info: deleting user favourites +# options: USER SYSTEM OBJECT +# +# The function deletes object from users favourites + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +system=$(echo "$2" |tr '[:lower:]' '[:upper:]') +object=$3 +email=$3 +id=$3 + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '3' "$#" 'USER SYSTEM OBJECT' +case $system in + MAIL_ACC) is_format_valid 'email' ;; + CRON) is_format_valid 'id' ;; + DNS_REC) is_format_valid 'id' ;; + *) is_format_valid 'object' +esac + +is_format_valid 'user' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" + +# Checking system +case $system in + USER) check='ok' ;; + WEB) check='ok' ;; + DNS) check='ok' ;; + DNS_REC) check='ok' ;; + MAIL) check='ok' ;; + MAIL_ACC) check='ok' ;; + DB) check='ok' ;; + CRON) check='ok' ;; + BACKUP) check='ok' ;; + IP) check='ok' ;; + PACKAGE) check='ok' ;; + FIREWALL) check='ok' ;; + *) check_args '2' '0' 'USER SYSTEM OBJECT' +esac + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Flushing vars +USER='' +WEB='' +DNS='' +DNS_REC='' +MAIL='' +MAIL_ACC='' +DB='' +CRON='' +BACKUP='' +IP='' +PACKAGE='' +FIREWALL='' + +# Creating config just in case +touch $USER_DATA/favourites.conf + +# Reading current values +source $USER_DATA/favourites.conf + +# Assigning current system value +eval value=\$$system + +# Checking if object is new +check_fav=$(echo "$value" |tr ',' '\n'| grep "^$object$") +if [ -z "$check_fav" ]; then + exit 0 +fi + +# Deleting object from favorites +value=$(echo "$value" |\ + sed -e "s/,/\n/g"|\ + sed -e "s/^$object$//g"|\ + sed -e "/^$/d"|\ + sed -e ':a;N;$!ba;s/\n/,/g') + +# Updating sytem +eval $system=$value + +# Updating user favorites +echo "USER='$USER' +WEB='$WEB' +DNS='$DNS' +DNS_REC='$DNS_REC' +MAIL='$MAIL' +MAIL_ACC='$MAIL_ACC' +DB='$DB' +CRON='$CRON' +BACKUP='$BACKUP' +IP='$IP' +PACKAGE='$PACKAGE' +FIREWALL='$FIREWALL'" > $USER_DATA/favourites.conf + +# Changing file permission +chmod 640 $USER_DATA/favourites.conf + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_history "deleted starred $object from $system listing" +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-user-ips b/bin/v-delete-user-ips index a6125333b..7f8e32241 100755 --- a/bin/v-delete-user-ips +++ b/bin/v-delete-user-ips @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" if [ "$user" = 'admin' ]; then @@ -58,6 +58,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-user-notification b/bin/v-delete-user-notification new file mode 100755 index 000000000..6b223e0b4 --- /dev/null +++ b/bin/v-delete-user-notification @@ -0,0 +1,66 @@ +#!/bin/bash +# info: delete user notification +# options: USER NOTIFICATION +# +# The function deletes user notification. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +nid=$2 + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER NOTIFICATION' +is_format_valid 'user' 'nid' +is_object_valid 'user' 'USER' "$user" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Deleting notification +sed -i "/NID='$nid' /d" $USER_DATA/notifications.conf 2>/dev/null + +# Checking last notification +if [ -e "$USER_DATA/notifications.conf" ]; then + if [ -z "$(grep NID= $USER_DATA/notifications.conf)" ]; then + notice='no' + fi + if [ -z "$(grep "ACK='no'" $USER_DATA/notifications.conf)" ]; then + notice='no' + fi +else + notice='no' +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Updating notification counter +if [ "$notice" = 'no' ]; then + if [ -z "$(grep NOTIFICATIONS $USER_DATA/user.conf)" ]; then + sed -i "s/^TIME/NOTIFICATIONS='no'\nTIME/g" $USER_DATA/user.conf + else + update_user_value "$user" '$NOTIFICATIONS' "no" + fi +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-user-package b/bin/v-delete-user-package index db5bdaab7..dbd75a861 100755 --- a/bin/v-delete-user-package +++ b/bin/v-delete-user-package @@ -2,7 +2,7 @@ # info: delete user package # options: PACKAGE # -# The function for deleting user package. It does not allow to delete pacakge +# The function for deleting user package. It does not allow to delete package # if it is in use. @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition package=$1 # Includes @@ -22,7 +22,7 @@ is_package_in_use() { check_package=$(grep "PACKAGE='$package'" $USER_DATA/*/user.conf) if [ ! -z "$check_package" ]; then echo "Error: package $package is in use" - log_event "$E_INUSE" "$EVENT" + log_event "$E_INUSE" "$ARGUMENTS" exit $E_INUSE fi } @@ -32,7 +32,7 @@ is_package_in_use() { #----------------------------------------------------------# check_args '1' "$#" 'PACKAGE' -validate_format 'package' +is_format_valid 'package' is_package_valid is_package_in_use @@ -50,6 +50,6 @@ rm -f $VESTA/data/packages/$package.pkg #----------------------------------------------------------# log_history "deleted user package $package" '' 'admin' -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-list-web-domains-stats b/bin/v-delete-user-sftp-jail similarity index 50% rename from bin/v-list-web-domains-stats rename to bin/v-delete-user-sftp-jail index 52c3eb23a..7fc863f48 100755 --- a/bin/v-list-web-domains-stats +++ b/bin/v-delete-user-sftp-jail @@ -1,55 +1,63 @@ #!/bin/bash -# info: list web domains and stats key -# options: USER [FORMAT] +# info: delete user sftp jail +# options: USER # -# The function for obtaining the list of domains with statistics parameter -# displayed, including authentication settings. This call was arranged for -# filling in the lack of information by applying v-list-web-domains call in -# the shell format. +# The script disables sftp jailed environment for USER #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -format=${2-shell} # Includes source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' -is_object_valid 'user' 'USER' "$user" - +check_args '1' "$#" 'USER' +is_format_valid 'user' +user_str=$(grep "^$user:" /etc/passwd) +if [ -z "$user_str" ]; then + exit +fi #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Defining config -conf=$USER_DATA/web.conf +# Defining user homedir +home="$(echo $user_str |cut -f 6 -d :)" -# Defining fileds to select -fields="\$DOMAIN \$STATS \$STATS_AUTH \$SUSPENDED \$TIME \$DATE" +# Unmounting home directory +mount_dir=$(mount |grep /chroot/$user/ |awk '{print $3}') +if [ ! -z "$mount_dir" ]; then + umount -f $mount_dir 2>/dev/null + if [ $? -ne 0 ]; then + gpasswd -d $user sftp-only >/dev/null 2>&1 + exit 1 + fi +fi -# Listing domains -case $format in - json) json_list ;; - plain) nohead=1; shell_list ;; - shell) shell_list | column -t ;; - *) check_args '1' "0" 'USER [FORMAT]' -esac +# Deleting chroot dir +rmdir $mount_dir 2>/dev/null +rm -rf /chroot/$user + +# Deleting user from sftp group +gpasswd -d $user sftp-only >/dev/null 2>&1 #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Logging +#log_event "$OK" "$ARGUMENTS" + exit diff --git a/bin/v-delete-vesta-softaculous b/bin/v-delete-vesta-softaculous new file mode 100755 index 000000000..c15d68c1a --- /dev/null +++ b/bin/v-delete-vesta-softaculous @@ -0,0 +1,48 @@ +#!/bin/bash +# info: delete vesta softaculous +# options: NONE +# +# The script disables softaculous plugin + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +if [ "$SOFTACULOUS" = 'no' ] || [ -z "$SOFTACULOUS" ]; then + exit +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Deleting symlink +if [ -e "$VESTA/web/softaculous" ]; then + mkdir -p $VESTA/disabled_plugins + mv $VESTA/web/softaculous $VESTA/disabled_plugins +fi + +# Updating SOFTACULOUS value +sed -i "s/SOFTACULOUS.*/SOFTACULOUS='no'/g" \ + $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-web-domain b/bin/v-delete-web-domain index 3ee9121d2..529f5d09e 100755 --- a/bin/v-delete-web-domain +++ b/bin/v-delete-web-domain @@ -12,10 +12,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 restart=$3 # Includes @@ -24,13 +24,18 @@ source $VESTA/func/domain.sh source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -42,47 +47,40 @@ is_object_unsuspended 'web' 'DOMAIN' "$domain" # Action # #----------------------------------------------------------# -# Get template name -get_domain_values 'web' -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl" -conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" -ip=$(get_real_ip $IP) - -# Deleting domain -del_web_config - -# Checking aliases -if [ ! -z "$ALIAS" ]; then - aliases=$(echo $ALIAS | tr ',' '\n' | wc -l ) -else - aliases=0 +# Deleting web backend +if [ ! -z "$WEB_BACKEND" ]; then + $BIN/v-delete-web-domain-backend $user $domain $restart fi -# Checking SSL -if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - del_web_config +# Parsing domain values +get_domain_values 'web' +local_ip=$(get_real_ip $IP) - # Deleting SSL certificates +# Deleting domain from web.conf +sed -i "/DOMAIN='$domain'/ d" $USER_DATA/web.conf + +# Deleting vhost configuration +del_web_config "$WEB_SYSTEM" "$TPL.tpl" + +# Deleting SSL configuration and certificates +if [ "$SSL" = 'yes' ]; then + del_web_config "$WEB_SYSTEM" "$TPL.stpl" rm -f $HOMEDIR/$user/conf/web/ssl.$domain.* rm -f $USER_DATA/ssl/$domain.* fi -# Checking proxy +# Deleting proxy if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - del_web_config - + del_web_config "$PROXY_SYSTEM" "$PROXY.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - del_web_config + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + fi + if [ -e "/etc/$PROXY_SYSTEM/conf.d/01_caching_pool.conf" ]; then + sed -i "/=$domain:/d" /etc/$PROXY_SYSTEM/conf.d/01_caching_pool.conf fi fi -# Checking stats +# Deleting web stats if [ ! -z "$STATS" ] && [ "$STATS" != 'no' ]; then sed -i "/ $domain$/d" $VESTA/data/queue/webstats.pipe rm -f $HOMEDIR/$user/conf/web/$STATS.$domain.conf @@ -100,78 +98,40 @@ if [ ! -z "$FTP_USER" ]; then done fi -# Deleting directory -rm -rf $HOMEDIR/$user/web/$domain - # Deleting logs rm -f /var/log/$WEB_SYSTEM/domains/$domain.log* rm -f /var/log/$WEB_SYSTEM/domains/$domain.bytes rm -f /var/log/$WEB_SYSTEM/domains/$domain.error* +# Deleting directory +rm -rf $HOMEDIR/$user/web/$domain + #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# -# Deleting domain -sed -i "/DOMAIN='$domain'/ d" $USER_DATA/web.conf - -# Checking last SSL domain -conf="/etc/$WEB_SYSTEM/conf.d/vesta.conf" -ssl_dom=$(grep "SSL='yes'" $USER_DATA/web.conf | wc -l) -if [ "$ssl_dom" -eq '0' ]; then - sed -i "/.*\/$user\/.*s$WEB_SYSTEM.conf/d" $conf - rm -f $HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf -fi - -# Checking last domain -domains=$(wc -l $USER_DATA/web.conf | cut -f1 -d ' ') -if [ "$domains" -eq '0' ]; then - sed -i "/.*\/$user\/.*$WEB_SYSTEM.conf/d" $conf - rm -f $HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf -fi - -# Proxy -if [ ! -z "$PROXY_SYSTEM" ]; then - # Checking last SSL proxy - conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf" - last_sproxy=$(grep "SSL='yes'" $USER_DATA/web.conf) - if [ -z "$last_sproxy" ]; then - sed -i "/.*\/$user\/.*s$PROXY_SYSTEM.conf/d" $conf - rm -f $HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf - fi - - # Checking last proxy - last_proxy=$(grep -v "PROXY=''" $USER_DATA/web.conf) - if [ -z "$last_proxy" ]; then - sed -i "/.*\/$user\/.*$PROXY_SYSTEM.conf/d" $conf - rm -f $HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf - fi -fi - -# Decrease counters -decrease_ip_value "$ip" +# Decreasing user counters +decrease_ip_value "$local_ip" decrease_user_value "$user" '$U_WEB_DOMAINS' -decrease_user_value "$user" '$U_WEB_ALIASES' "$aliases" if [ "$SSL" = 'yes' ]; then decrease_user_value "$user" '$U_WEB_SSL' fi - -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi - - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +if [ ! -z "$ALIAS" ]; then + aliases=$(echo $ALIAS | tr ',' '\n' | wc -l ) + decrease_user_value "$user" '$U_WEB_ALIASES' "$aliases" fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null + +# Restartinh proxy server +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null + # Logging log_history "deleted web domain $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-web-domain-alias b/bin/v-delete-web-domain-alias index a5f3462c5..45bef00b9 100755 --- a/bin/v-delete-web-domain-alias +++ b/bin/v-delete-web-domain-alias @@ -10,13 +10,11 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain" ) -dom_alias=$(idn -t --quiet -u "$3" ) -dom_alias_idn=$(idn -t --quiet -a "$dom_alias" ) -restart="$4" +domain=$2 +dom_alias=$3 +restart=$4 # Includes source $VESTA/func/main.sh @@ -30,18 +28,15 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN DOM_ALIAS [RESTART]' -validate_format 'user' 'domain' 'dom_alias' +is_format_valid 'user' 'domain' 'dom_alias' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" get_domain_values 'web' -ip=$(get_real_ip $IP) -if [ -z "$(echo $ALIAS | tr ',' '\n' | grep ^$dom_alias$)" ]; then - echo "Error: alias $dom_alias doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST +if [ -z "$(echo $ALIAS |tr ',' '\n' |grep ^$dom_alias$)" ]; then + check_result $E_NOTEXIST "alias $dom_alias doesn't exist" fi @@ -49,41 +44,30 @@ fi # Action # #----------------------------------------------------------# -# Defining new alias string +# Preparing domain values for the template substitution +local_ip=$(get_real_ip $IP) ALIAS=$(echo "$ALIAS" |\ sed -e "s/,/\n/g"|\ sed -e "s/^$dom_alias$//g"|\ sed -e "/^$/d"|\ sed -e ':a;N;$!ba;s/\n/,/g') -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl" -conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" - -# Preparing domain values for the template substitution -upd_web_domain_values - -# Recreating vhost -del_web_config -add_web_config +prepare_web_domain_values +# Rebuilding vhost +del_web_config "$WEB_SYSTEM" "$TPL.tpl" +add_web_config "$WEB_SYSTEM" "$TPL.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - del_web_config - add_web_config + del_web_config "$WEB_SYSTEM" "$TPL.stpl" + add_web_config "$WEB_SYSTEM" "$TPL.stpl" fi -# Checking proxy -if [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - del_web_config - add_web_config - +# Rebuilding proxy configuration +if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - del_web_config - add_web_config + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.stpl" fi fi @@ -94,25 +78,17 @@ fi # Update config update_object_value 'web' 'DOMAIN' "$domain" '$ALIAS' "$ALIAS" - -# Update counters decrease_user_value "$user" '$U_WEB_ALIASES' -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging log_history "deleted alias $dom_alias on $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-web-domain-backend b/bin/v-delete-web-domain-backend new file mode 100755 index 000000000..935b55bbc --- /dev/null +++ b/bin/v-delete-web-domain-backend @@ -0,0 +1,81 @@ +#!/bin/bash +# info: deleting web domain backend configuration +# options: USER DOMAIN [RESTART] +# +# The function of deleting the virtualhost backend configuration. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +domain_idn=$2 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining pool directory +pool=$(find -L /etc/php* -type d \( -name "pool.d" -o -name "*fpm.d" \)) +if [ ! -e "$pool" ]; then + check_result $E_NOTEXIST "php-fpm pool doesn't exist" +fi + +# Defining backend type +backend_type="$domain" +if [ "$WEB_BACKEND_POOL" = 'user' ]; then + backend_type="$user" +fi + +# Checking last webdomain +if [ "$WEB_BACKEND_POOL" = 'user' ]; then + domains=$(search_objects 'web' 'SUSPENDED' "no" 'DOMAIN'|wc -l) + if [ "$backend" = "$user" ] && [ "$domains" -gt 1 ]; then + exit + fi +fi + +# Deleting backend +rm -f $pool/$backend_type.conf + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting backend server +$BIN/v-restart-web-backend $restart +check_result $? "Backend restart failed" >/dev/null + +# Logging +log_history "deleting backend support for $domain" +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-web-domain-ftp b/bin/v-delete-web-domain-ftp index 01b8ac479..218f4d55f 100755 --- a/bin/v-delete-web-domain-ftp +++ b/bin/v-delete-web-domain-ftp @@ -9,10 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 ftp_user=$3 # Includes @@ -20,13 +20,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN FTP_USER' -validate_format 'user' 'domain' 'ftp_user' +is_format_valid 'user' 'domain' 'ftp_user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -35,7 +40,7 @@ is_object_unsuspended 'web' 'DOMAIN' "$domain" get_domain_values 'web' if [ -z "$(echo $FTP_USER | tr ':' '\n' | grep ^$ftp_user$)" ]; then echo "Error: account $ftp_user doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" + log_event "$E_NOTEXIST" "$ARGUMENTS" exit $E_NOTEXIST fi @@ -51,6 +56,11 @@ if [ "$?" != 0 ]; then sed -i "/^$ftp_user:/d" /etc/shadow fi +# Deleting sftp jail +if [ ! -z "$SFTPJAIL_KEY" ]; then + $BINv-delete-user-sftp-jail $ftp_user +fi + #----------------------------------------------------------# # Vesta # @@ -73,6 +83,6 @@ update_object_value 'web' 'DOMAIN' "$domain" '$FTP_PATH' "$ftp_path" # Logging log_history "deleted ftp account ${3} for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-web-domain-httpauth b/bin/v-delete-web-domain-httpauth new file mode 100755 index 000000000..3fbc85da2 --- /dev/null +++ b/bin/v-delete-web-domain-httpauth @@ -0,0 +1,88 @@ +#!/bin/bash +# info: delete http auth user +# options: USER DOMAIN AUTH_USER [RESTART] +# +# The call is used for deleting http auth user + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +auth_user=$3 +restart=${4-yes} + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + +# Defining htpasswd file +htaccess="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.conf_htaccess" +htpasswd="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.htpasswd" +shtaccess="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.$domain.conf_htaccess" +shtpasswd="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.$domain.htpasswd" + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '3' "$#" 'USER DOMAIN AUTH_USER [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" +is_password_valid +get_domain_values 'web' +if [ -z "$(echo "$AUTH_USER" |tr : '\n' |grep ^$auth_user$)" ]; then + echo "Error: auth user $auth_user doesn't exist" + log_event "$E_NOTEXIST" "$ARGUMENTS" + exit $E_NOTEXIST +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Deleting auth user +sed -i "/^$auth_user:/d" $htpasswd + +# Deleting password protection +if [ "$(echo "$AUTH_USER" |tr : '\n' |wc -l)" -le 1 ]; then + rm -f $htaccess $htpasswd $shtaccess $shtpasswd + restart_required='yes' +fi + +# Restarting web server +if [ "$restart" != 'no' ] && [ "$restart_required" = 'yes' ]; then + $BIN/v-restart-web +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Rebuilding FTP variables +position=$(echo $AUTH_USER |tr ':' '\n' |grep -n '' |grep ":$auth_user$" |\ + cut -f 1 -d:) +auth_user=$(echo $AUTH_USER |tr ':' '\n' |grep -n '' |grep -v "^$position:" |\ + cut -f 2 -d :| sed -e "/^$/d"| sed -e ':a;N;$!ba;s/\n/:/g') +auth_hash=$(echo $AUTH_HASH |tr ':' '\n' |grep -n '' |grep -v "^$position:" |\ + cut -f 2 -d :| sed -e ':a;N;$!ba;s/\n/:/g') + +# Update config +update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_USER' "$auth_user" +update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_HASH' "$auth_hash" + +# Logging +log_history "changed auth user $httpauth_user password on $domain" +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-web-domain-proxy b/bin/v-delete-web-domain-proxy index 0aa73e150..73eeabb73 100755 --- a/bin/v-delete-web-domain-proxy +++ b/bin/v-delete-web-domain-proxy @@ -9,10 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 restart=$3 # Includes @@ -20,14 +20,19 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' -is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_format_valid 'user' 'domain' +is_system_enabled "$PROXY_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" @@ -41,19 +46,11 @@ is_object_value_exist 'web' 'DOMAIN' "$domain" '$PROXY' # Defining domain parameters get_domain_values 'web' -tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" -conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" -if [ ! -z "$PROXY_SYSTEM" ]; then - del_web_config -fi +del_web_config "$PROXY_SYSTEM" "$PROXY.tpl" # Checking SSL if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - if [ ! -z "$PROXY_SYSTEM" ]; then - del_web_config - fi + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" fi @@ -65,35 +62,12 @@ fi update_object_value 'web' 'DOMAIN' "$domain" '$PROXY' '' update_object_value 'web' 'DOMAIN' "$domain" '$PROXY_EXT' '' -if [ -z "$PROXY_SYSTEM" ]; then - exit -fi - -# Checking last SSL proxy -conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf" -last_sproxy=$(grep "SSL='yes'" $USER_DATA/web.conf) -if [ -z "$last_sproxy" ]; then - sed -i "/.*\/$user\/.*s$PROXY_SYSTEM.conf/d" $conf - rm -f $HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf -fi - -# Checking last proxy -last_proxy=$(grep -v "PROXY=''" $USER_DATA/web.conf) -if [ -z "$last_proxy" ]; then - sed -i "/.*\/$user\/.*$PROXY_SYSTEM.conf/d" $conf - rm -f $HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf -fi - # Restart proxy server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging log_history "disabled proxy support for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-web-domain-ssl b/bin/v-delete-web-domain-ssl index 476cf7ba8..160b07cce 100755 --- a/bin/v-delete-web-domain-ssl +++ b/bin/v-delete-web-domain-ssl @@ -9,10 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 restart=$3 # Includes @@ -20,13 +20,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -41,22 +46,24 @@ is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL' # Parsing domain values get_domain_values 'web' -conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" # Deleting domain -del_web_config +del_web_config "$WEB_SYSTEM" "$TPL.stpl" # Checking proxy -if [ ! -z "$PROXY" ]; then - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - del_web_config +if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" fi # Deleting old certificate tmpdir=$(mktemp -p $HOMEDIR/$user/web/$domain/private -d) -rm -f $HOMEDIR/$user/conf/web/ssl.$domain.* + +# remove certificate files - do not use wildcard, as this might remove other domains +rm -f $HOMEDIR/$user/conf/web/ssl.$domain.ca +rm -f $HOMEDIR/$user/conf/web/ssl.$domain.crt +rm -f $HOMEDIR/$user/conf/web/ssl.$domain.key +rm -f $HOMEDIR/$user/conf/web/ssl.$domain.pem + mv $USER_DATA/ssl/$domain.* $tmpdir chown -R $user:$user $tmpdir @@ -66,44 +73,23 @@ chown -R $user:$user $tmpdir #----------------------------------------------------------# # Update config +if [ ! -z "$LETSENCRYPT" ]; then + update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'no' +fi update_object_value 'web' 'DOMAIN' "$domain" '$SSL' 'no' -# Checking last SSL domain -ssl_dom=$(grep "SSL='yes'" $USER_DATA/web.conf) -conf="/etc/$WEB_SYSTEM/conf.d/vesta.conf" -if [ -z "$ssl_dom" ]; then - sed -i "/.*\/$user\/.*s$WEB_SYSTEM.conf/d" $conf - rm -f $HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf - -fi - -# Checking proxy -if [ ! -z "$PROXY_SYSTEM" ]; then - conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf" - if [ -z "$ssl_dom" ]; then - sed -i "/.*\/$user\/.*s$PROXY_SYSTEM.conf/d" $conf - rm -f $HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf - fi -fi - # Decreasing domain value decrease_user_value "$user" '$U_WEB_SSL' -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging log_history "disabled ssl support for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-web-domain-stats b/bin/v-delete-web-domain-stats index 3d2292a9f..33a22dca6 100755 --- a/bin/v-delete-web-domain-stats +++ b/bin/v-delete-web-domain-stats @@ -10,23 +10,27 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -65,6 +69,6 @@ update_object_value 'web' 'DOMAIN' "$domain" '$STATS' '' # Logging log_history "disabled web log analyzer for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-web-domain-stats-user b/bin/v-delete-web-domain-stats-user index 877f5482a..dd7a4f33a 100755 --- a/bin/v-delete-web-domain-stats-user +++ b/bin/v-delete-web-domain-stats-user @@ -1,6 +1,6 @@ #!/bin/bash # info: disable webdomain stats authentication support -# options: USER DOMAIN +# options: USER DOMAIN [RESTART] # # The function removes authentication of statistics system. If the script is # called without naming a certain user, all users will be removed. After @@ -12,9 +12,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$(idn -t --quiet -u "$2" ) +restart=$3 # Includes source $VESTA/func/main.sh @@ -26,8 +27,8 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# -check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +check_args '2' "$#" 'USER DOMAIN [RESTART]' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -40,10 +41,18 @@ is_object_value_exist 'web' 'DOMAIN' "$domain" '$STATS_USER' # Action # #----------------------------------------------------------# -# Definining statistic dir +# Defining statistic dir rm -f $HOMEDIR/$user/web/$domain/stats/.htpasswd rm -f $HOMEDIR/$user/web/$domain/stats/.htaccess +# Deleting nginx auth config +if [ "$WEB_SYSTEM" = 'nginx' ]; then + conf_dir="$HOMEDIR/$user/conf/web" + rm -f $conf_dir/$domain.auth 2>/dev/null + $BIN/v-restart-web $restart + check_result $? "Web restart failed" >/dev/null +fi + #----------------------------------------------------------# # Vesta # @@ -56,6 +65,6 @@ update_object_value 'web' 'DOMAIN' "$domain" '$STATS_CRYPT' '' # Logging log_history "disabled web stats password protection for $domain" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-delete-web-domains b/bin/v-delete-web-domains index fed92740b..8822ab0af 100755 --- a/bin/v-delete-web-domains +++ b/bin/v-delete-web-domains @@ -2,14 +2,14 @@ # info: delete web domains # options: USER [RESTART] # -# The function deteles all user's webdomains. +# The function deletes all user's webdomains. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -42,20 +42,14 @@ done # Vesta # #----------------------------------------------------------# -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-extract-fs-archive b/bin/v-extract-fs-archive new file mode 100755 index 000000000..1ea608af9 --- /dev/null +++ b/bin/v-extract-fs-archive @@ -0,0 +1,119 @@ +#!/bin/bash +# info: archive to directory +# options: USER ARCHIVE DIRECTORY +# +# The function extracts archive into directory on the file system + +user=$1 +src_file=$2 +dst_dir=$3 + +# Checking arguments +if [ -z "$dst_dir" ]; then + echo "Usage: USER ARCHIVE DIRECTORY" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking source dir +if [ ! -e "$src_file" ]; then + echo "Error: source file $src_file doesn't exist" + exit 3 +fi + +# Checking source path +rpath=$(readlink -f "$src_file") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid source path $src_file" + exit 2 +fi + +# Checking destination path +rpath=$(readlink -f "$dst_dir") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid destination path $dst_dir" + exit 2 +fi + +# Extracting gziped archive +if [ ! -z "$(echo $src_file |egrep -i '.tgz|.tar.gz')" ]; then + x='yes' + sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1 + sudo -u $user tar -xzf "$src_file" -C "$dst_dir" >/dev/null 2>&1 + rc=$? +fi + +# Extracting bziped archive +if [ ! -z "$(echo $src_file |egrep -i '.tbz|.tar.bz')" ]; then + x='yes' + sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1 + sudo -u $user tar -xjf "$src_file" -C "$dst_dir" >/dev/null 2>&1 + rc=$? +fi + +# Extracting gziped file +if [ ! -z "$(echo $src_file |grep -i '.gz')" ] && [ -z "$x" ]; then + sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1 + sudo -u $user mv "$src_file" "$dst_dir" >/dev/null 2>&1 + sudo -u $user gzip -d "$dst_dir/$(basename $src_file)" >/dev/null 2>&1 + rc=$? +fi + +# Extracting bziped file +if [ ! -z "$(echo $src_file |grep -i '.bz')" ] && [ -z "$x" ]; then + sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1 + sudo -u $user mv "$src_file" "$dst_dir"# >/dev/null 2>&1 + sudo -u $user bzip2 -d "$dst_dir/$(basename $src_file)" >/dev/null 2>&1 + rc=$? +fi + +# Extracting ziped archive +if [ ! -z "$(echo $src_file |grep -i '.zip')" ]; then + sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1 + sudo -u $user unzip -o "$src_file" -d "$dst_dir" >/dev/null 2>&1 + rc=$? +fi + +# Extracting ziped archive +if [ ! -z "$(echo $src_file |grep -i '.7z')" ]; then + sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1 + sudo -u $user mv "$src_file" "$dst_dir" >/dev/null 2>&1 + sudo -u $user p7zip -d "$src_file" >/dev/null 2>&1 + rc=$? +fi + +# Extracting tared archive +if [ ! -z "$(echo $src_file |grep -i '.tar')" ] && [ -z "$x" ]; then + x='yes' + sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1 + sudo -u $user tar -xf "$src_file" -C "$dst_dir" >/dev/null 2>&1 + rc=$? +fi + +# Extracting rared archive +if [ ! -z "$(echo $src_file |grep -i '.rar')" ]; then + sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1 + sudo -u $user unrar "$src_file" "$dst_dir" >/dev/null 2>&1 + rc=$? +fi + +# Checking result +if [ $rc -ne 0 ]; then + echo "Error: $src_file was not extracted" + exit 3 +fi + +# Exiting +exit diff --git a/bin/v-generate-api-key b/bin/v-generate-api-key new file mode 100755 index 000000000..ba60b92fc --- /dev/null +++ b/bin/v-generate-api-key @@ -0,0 +1,41 @@ +#!/bin/bash +# info: generate api key +# options: none +# +# The function creates a key file in /usr/local/vesta/data/keys/ + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +keygen() +{ + < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32};echo; +} +KEYS='/usr/local/vesta/data/keys/' +HASH=$(keygen) + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +if [ ! -d ${KEYS} ]; then + mkdir ${KEYS} +fi + +if [[ -e ${KEYS}${HASH} ]] ; then + while [[ -e ${KEYS}${HASH} ]] ; do + HASH=$(keygen) + done +fi + +touch ${KEYS}${HASH} +echo ${HASH} + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-generate-password-hash b/bin/v-generate-password-hash new file mode 100755 index 000000000..78a551fe0 --- /dev/null +++ b/bin/v-generate-password-hash @@ -0,0 +1,46 @@ +#!/usr/local/vesta/php/bin/php +/dev/null +openssl genrsa $KEY_SIZE > $domain.key 2>/dev/null # Generate the CSR subj="/C=$country/ST=$state/localityName=$city/O=$org" -subj="$subj/organizationalUnitName=$org_unit/commonName=$domain" +subj="$subj/organizationalUnitName=$org_unit/commonName=$domain_idn" subj="$subj/emailAddress=$email" +if [ -z "$aliases" ]; then + openssl req -sha256\ + -new \ + -batch \ + -subj "$subj" \ + -key $domain.key \ + -out $domain.csr #>/dev/null 2>&1 +else + for alias in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do + if [[ "$alias" = *[![:ascii:]]* ]]; then + alias=$(idn -t --quiet -a $alias) + fi + dns_aliases="${dns_aliases}DNS:$alias," + done + dns_aliases=$(echo $dns_aliases |sed "s/,$//") + if [ -e "/etc/ssl/openssl.cnf" ]; then + ssl_conf='/etc/ssl/openssl.cnf' + else + ssl_conf="/etc/pki/tls/openssl.cnf" + fi -openssl req \ - -new \ - -batch \ - -subj "$subj" \ - -key $domain.key \ - -out $domain.csr \ - -passin env:PASSPHRASE >/dev/null 2>&1 - -# Remove passphrase -cp $domain.key $domain.key.tmp -openssl rsa \ - -in $domain.key.tmp \ - -out $domain.key \ - -passin env:PASSPHRASE >/dev/null 2>&1 -rm $domain.key.tmp + openssl req -sha256\ + -new \ + -batch \ + -subj "$subj" \ + -key $domain.key \ + -reqexts SAN \ + -config <(cat $ssl_conf \ + <(printf "[SAN]\nsubjectAltName=$dns_aliases")) \ + -out $domain.csr >/dev/null 2>&1 +fi # Generate the cert 1 year -openssl x509 -req \ +openssl x509 -req -sha256 \ -days $DAYS \ -in $domain.csr \ -signkey $domain.key \ -out $domain.crt >/dev/null 2>&1 + # Listing certificates if [ -e "$domain.crt" ]; then - crt=$(cat $domain.crt | sed ':a;N;$!ba;s/\n/\\n/g' ) + crt=$(cat $domain.crt |sed ':a;N;$!ba;s/\n/\\n/g' ) fi if [ -e "$domain.key" ]; then - key=$(cat $domain.key | sed ':a;N;$!ba;s/\n/\\n/g' ) + key=$(cat $domain.key |sed ':a;N;$!ba;s/\n/\\n/g' ) fi if [ -e "$domain.csr" ]; then - csr=$(cat $domain.csr | sed ':a;N;$!ba;s/\n/\\n/g' ) + csr=$(cat $domain.csr |sed ':a;N;$!ba;s/\n/\\n/g' ) fi case $format in @@ -123,7 +146,7 @@ case $format in esac # Delete tmp dir -rm -rf $workdir +#rm -rf $workdir #----------------------------------------------------------# @@ -131,6 +154,6 @@ rm -rf $workdir #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-get-dns-domain-value b/bin/v-get-dns-domain-value index 191120504..b530588a1 100755 --- a/bin/v-get-dns-domain-value +++ b/bin/v-get-dns-domain-value @@ -9,22 +9,27 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 key=$(echo "$3"| tr '[:lower:]' '[:upper:]' | sed "s/^/$/") # Includes source $VESTA/func/main.sh +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN KEY' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" @@ -42,6 +47,6 @@ get_object_value 'dns' 'DOMAIN' "$domain" "$key" #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-get-fs-file-type b/bin/v-get-fs-file-type new file mode 100755 index 000000000..ba2b7a660 --- /dev/null +++ b/bin/v-get-fs-file-type @@ -0,0 +1,40 @@ +#!/bin/bash +# info: get file type +# options: USER FILE +# +# The function shows file type + +user=$1 +path=$2 + +# Checking arguments +if [ -z "$path" ]; then + echo "Usage: USER FILE" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking path +rpath=$(readlink -f "$path") +if [ -z "$(echo $rpath |grep $homedir)" ]; then + echo "Error: invalid path $path" + exit 2 +fi + +# Listing file type +sudo -u $user file -i -b "$path" 2>/dev/null + +# Exiting +exit $? diff --git a/bin/v-get-mail-account-value b/bin/v-get-mail-account-value index db9f298ba..abff06a53 100755 --- a/bin/v-get-mail-account-value +++ b/bin/v-get-mail-account-value @@ -9,23 +9,28 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 key=$(echo "$4"| tr '[:lower:]' '[:upper:]' | sed "s/^/$/") # Includes source $VESTA/func/main.sh +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN KEY' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" is_object_valid "mail/$domain" 'ACCOUNT' "$account" @@ -44,6 +49,6 @@ get_object_value "mail/$domain" 'ACCOUNT' "$account" "$key" #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-get-mail-domain-value b/bin/v-get-mail-domain-value index b6f4cc458..97a1a3e46 100755 --- a/bin/v-get-mail-domain-value +++ b/bin/v-get-mail-domain-value @@ -9,22 +9,27 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 key=$(echo "$3"| tr '[:lower:]' '[:upper:]' | sed "s/^/$/") # Includes source $VESTA/func/main.sh +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN KEY' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" @@ -42,6 +47,6 @@ get_object_value 'mail' 'DOMAIN' "$domain" "$key" #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-get-sys-timezone b/bin/v-get-sys-timezone new file mode 100755 index 000000000..ced92ba47 --- /dev/null +++ b/bin/v-get-sys-timezone @@ -0,0 +1,49 @@ +#!/bin/bash +# info: get system timezone +# options: [FORMAT] +# +# The function to get system timezone + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking timesonze on RHEL/CentOS +if [ -f "/etc/sysconfig/clock" ]; then + source /etc/sysconfig/clock + +# Checking timezone on Debian/Ubuntu +elif [ -f "/etc/timezone" ]; then + ZONE=$(cat /etc/timezone) + +# Checking symlynks +elif [ -h /etc/localtime ]; then + ZONE=$(readlink /etc/localtime | sed "s%.*share/zoneinfo/%%") + +# Parsing zoneinfo (very slow) +else + checksum=$(md5sum /etc/localtime | cut -d' ' -f1) + ZONE=$(find /usr/share/zoneinfo/ -type f -exec md5sum {} \; |\ + grep "^$checksum" | sed "s/.*\/usr\/share\/zoneinfo\///" | head -n 1) +fi + +echo $ZONE + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-get-sys-timezones b/bin/v-get-sys-timezones new file mode 100755 index 000000000..2799fccb9 --- /dev/null +++ b/bin/v-get-sys-timezones @@ -0,0 +1,476 @@ +#!/bin/bash +# info: list system timezone +# options: [FORMAT] +# +# The function checks system timezone settings + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +Zones="Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +Africa/Algiers +Africa/Asmara +Africa/Bamako +Africa/Bangui +Africa/Banjul +Africa/Bissau +Africa/Blantyre +Africa/Brazzaville +Africa/Bujumbura +Africa/Cairo +Africa/Casablanca +Africa/Ceuta +Africa/Conakry +Africa/Dakar +Africa/Dar_es_Salaam +Africa/Djibouti +Africa/Douala +Africa/El_Aaiun +Africa/Freetown +Africa/Gaborone +Africa/Harare +Africa/Johannesburg +Africa/Juba +Africa/Kampala +Africa/Khartoum +Africa/Kigali +Africa/Kinshasa +Africa/Lagos +Africa/Libreville +Africa/Lome +Africa/Luanda +Africa/Lubumbashi +Africa/Lusaka +Africa/Malabo +Africa/Maputo +Africa/Maseru +Africa/Mbabane +Africa/Mogadishu +Africa/Monrovia +Africa/Nairobi +Africa/Ndjamena +Africa/Niamey +Africa/Nouakchott +Africa/Ouagadougou +Africa/Porto-Novo +Africa/Sao_Tome +Africa/Tripoli +Africa/Tunis +Africa/Windhoek +America/Adak +America/Anchorage +America/Anguilla +America/Antigua +America/Araguaina +America/Argentina/Buenos_Aires +America/Argentina/Catamarca +America/Argentina/Cordoba +America/Argentina/Jujuy +America/Argentina/La_Rioja +America/Argentina/Mendoza +America/Argentina/Rio_Gallegos +America/Argentina/Salta +America/Argentina/San_Juan +America/Argentina/San_Luis +America/Argentina/Tucuman +America/Argentina/Ushuaia +America/Aruba +America/Asuncion +America/Atikokan +America/Bahia +America/Bahia_Banderas +America/Barbados +America/Belem +America/Belize +America/Blanc-Sablon +America/Boa_Vista +America/Bogota +America/Boise +America/Cambridge_Bay +America/Campo_Grande +America/Cancun +America/Caracas +America/Cayenne +America/Cayman +America/Chicago +America/Chihuahua +America/Costa_Rica +America/Creston +America/Cuiaba +America/Curacao +America/Danmarkshavn +America/Dawson +America/Dawson_Creek +America/Denver +America/Detroit +America/Dominica +America/Edmonton +America/Eirunepe +America/El_Salvador +America/Fortaleza +America/Glace_Bay +America/Godthab +America/Goose_Bay +America/Grand_Turk +America/Grenada +America/Guadeloupe +America/Guatemala +America/Guayaquil +America/Guyana +America/Halifax +America/Havana +America/Hermosillo +America/Indiana/Indianapolis +America/Indiana/Knox +America/Indiana/Marengo +America/Indiana/Petersburg +America/Indiana/Tell_City +America/Indiana/Vevay +America/Indiana/Vincennes +America/Indiana/Winamac +America/Inuvik +America/Iqaluit +America/Jamaica +America/Juneau +America/Kentucky/Louisville +America/Kentucky/Monticello +America/Kralendijk +America/La_Paz +America/Lima +America/Los_Angeles +America/Lower_Princes +America/Maceio +America/Managua +America/Manaus +America/Marigot +America/Martinique +America/Matamoros +America/Mazatlan +America/Menominee +America/Merida +America/Metlakatla +America/Mexico_City +America/Miquelon +America/Moncton +America/Monterrey +America/Montevideo +America/Montserrat +America/Nassau +America/New_York +America/Nipigon +America/Nome +America/Noronha +America/North_Dakota/Beulah +America/North_Dakota/Center +America/North_Dakota/New_Salem +America/Ojinaga +America/Panama +America/Pangnirtung +America/Paramaribo +America/Phoenix +America/Port-au-Prince +America/Port_of_Spain +America/Porto_Velho +America/Puerto_Rico +America/Rainy_River +America/Rankin_Inlet +America/Recife +America/Regina +America/Resolute +America/Rio_Branco +America/Santa_Isabel +America/Santarem +America/Santiago +America/Santo_Domingo +America/Sao_Paulo +America/Scoresbysund +America/Sitka +America/St_Barthelemy +America/St_Johns +America/St_Kitts +America/St_Lucia +America/St_Thomas +America/St_Vincent +America/Swift_Current +America/Tegucigalpa +America/Thule +America/Thunder_Bay +America/Tijuana +America/Toronto +America/Tortola +America/Vancouver +America/Whitehorse +America/Winnipeg +America/Yakutat +America/Yellowknife +Antarctica/Casey +Antarctica/Davis +Antarctica/DumontDUrville +Antarctica/Macquarie +Antarctica/Mawson +Antarctica/McMurdo +Antarctica/Palmer +Antarctica/Rothera +Antarctica/Syowa +Antarctica/Troll +Antarctica/Vostok +Arctic/Longyearbyen +Asia/Aden +Asia/Almaty +Asia/Amman +Asia/Anadyr +Asia/Aqtau +Asia/Aqtobe +Asia/Ashgabat +Asia/Baghdad +Asia/Bahrain +Asia/Baku +Asia/Bangkok +Asia/Beirut +Asia/Bishkek +Asia/Brunei +Asia/Chita +Asia/Choibalsan +Asia/Colombo +Asia/Damascus +Asia/Dhaka +Asia/Dili +Asia/Dubai +Asia/Dushanbe +Asia/Gaza +Asia/Hebron +Asia/Ho_Chi_Minh +Asia/Hong_Kong +Asia/Hovd +Asia/Irkutsk +Asia/Jakarta +Asia/Jayapura +Asia/Jerusalem +Asia/Kabul +Asia/Kamchatka +Asia/Karachi +Asia/Kathmandu +Asia/Khandyga +Asia/Kolkata +Asia/Krasnoyarsk +Asia/Kuala_Lumpur +Asia/Kuching +Asia/Kuwait +Asia/Macau +Asia/Magadan +Asia/Makassar +Asia/Manila +Asia/Muscat +Asia/Nicosia +Asia/Novokuznetsk +Asia/Novosibirsk +Asia/Omsk +Asia/Oral +Asia/Phnom_Penh +Asia/Pontianak +Asia/Pyongyang +Asia/Qatar +Asia/Qyzylorda +Asia/Rangoon +Asia/Riyadh +Asia/Sakhalin +Asia/Samarkand +Asia/Seoul +Asia/Shanghai +Asia/Singapore +Asia/Srednekolymsk +Asia/Taipei +Asia/Tashkent +Asia/Tbilisi +Asia/Tehran +Asia/Thimphu +Asia/Tokyo +Asia/Ulaanbaatar +Asia/Urumqi +Asia/Ust-Nera +Asia/Vientiane +Asia/Vladivostok +Asia/Yakutsk +Asia/Yekaterinburg +Asia/Yerevan +Atlantic/Azores +Atlantic/Bermuda +Atlantic/Canary +Atlantic/Cape_Verde +Atlantic/Faroe +Atlantic/Madeira +Atlantic/Reykjavik +Atlantic/South_Georgia +Atlantic/St_Helena +Atlantic/Stanley +Australia/Adelaide +Australia/Brisbane +Australia/Broken_Hill +Australia/Currie +Australia/Darwin +Australia/Eucla +Australia/Hobart +Australia/Lindeman +Australia/Lord_Howe +Australia/Melbourne +Australia/Perth +Australia/Sydney +Europe/Amsterdam +Europe/Andorra +Europe/Athens +Europe/Belgrade +Europe/Berlin +Europe/Bratislava +Europe/Brussels +Europe/Bucharest +Europe/Budapest +Europe/Busingen +Europe/Chisinau +Europe/Copenhagen +Europe/Dublin +Europe/Gibraltar +Europe/Guernsey +Europe/Helsinki +Europe/Isle_of_Man +Europe/Istanbul +Europe/Jersey +Europe/Kaliningrad +Europe/Kiev +Europe/Lisbon +Europe/Ljubljana +Europe/London +Europe/Luxembourg +Europe/Madrid +Europe/Malta +Europe/Mariehamn +Europe/Minsk +Europe/Monaco +Europe/Moscow +Europe/Oslo +Europe/Paris +Europe/Podgorica +Europe/Prague +Europe/Riga +Europe/Rome +Europe/Samara +Europe/San_Marino +Europe/Sarajevo +Europe/Simferopol +Europe/Skopje +Europe/Sofia +Europe/Stockholm +Europe/Tallinn +Europe/Tirane +Europe/Uzhgorod +Europe/Vaduz +Europe/Vatican +Europe/Vienna +Europe/Vilnius +Europe/Volgograd +Europe/Warsaw +Europe/Zagreb +Europe/Zaporozhye +Europe/Zurich +Indian/Antananarivo +Indian/Chagos +Indian/Christmas +Indian/Cocos +Indian/Comoro +Indian/Kerguelen +Indian/Mahe +Indian/Maldives +Indian/Mauritius +Indian/Mayotte +Indian/Reunion +Pacific/Apia +Pacific/Auckland +Pacific/Bougainville +Pacific/Chatham +Pacific/Chuuk +Pacific/Easter +Pacific/Efate +Pacific/Enderbury +Pacific/Fakaofo +Pacific/Fiji +Pacific/Funafuti +Pacific/Galapagos +Pacific/Gambier +Pacific/Guadalcanal +Pacific/Guam +Pacific/Honolulu +Pacific/Johnston +Pacific/Kiritimati +Pacific/Kosrae +Pacific/Kwajalein +Pacific/Majuro +Pacific/Marquesas +Pacific/Midway +Pacific/Nauru +Pacific/Niue +Pacific/Norfolk +Pacific/Noumea +Pacific/Pago_Pago +Pacific/Palau +Pacific/Pitcairn +Pacific/Pohnpei +Pacific/Port_Moresby +Pacific/Rarotonga +Pacific/Saipan +Pacific/Tahiti +Pacific/Tarawa +Pacific/Tongatapu +Pacific/Wake +Pacific/Wallis" + +# Check timesonze +if [ -f /etc/timezone ]; then + TZ=$(cat /etc/timezone) +elif [ -h /etc/localtime ]; then + TZ=$(readlink /etc/localtime | sed "s/\/usr\/share\/zoneinfo\///") +else + checksum=$(md5sum /etc/localtime | cut -d' ' -f1) + TZ=$(find /usr/share/zoneinfo/ -type f -exec md5sum {} \; |\ + grep "^$checksum" | sed "s/.*\/usr\/share\/zoneinfo\///" | head -n 1) +fi + +echo $TZ + +exit +# Defining config +echo -e "$str" > $tmp_file +conf=$tmp_file + +# Defining fileds to select +fields="\$SYS \$HOSTNAME \$OS \$VERSION \$ARCH \$UPTIME \$LOADAVERAGE" + +# Listing services +case $format in + json) json_list ;; + plain) nohead=1; shell_list ;; + shell) fields="\$HOSTNAME \$OS \$VERSION \$ARCH \$UPTIME \$LOADAVERAGE" + shell_list | column -t ;; + *) check_args '1' '0' 'USER [FORMAT]' +esac + +rm -f $tmp_file + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-get-user-salt b/bin/v-get-user-salt new file mode 100755 index 000000000..08ee5a9ca --- /dev/null +++ b/bin/v-get-user-salt @@ -0,0 +1,118 @@ +#!/bin/bash +# info: get user salt +# options: USER [IP] [FORMAT] +# +# The function provides users salt + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +ip=${2-127.0.0.1} +format=${3-shell} + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + +# JSON list function +json_list() { + echo '{' + echo ' "'$user'": { + "METHOD": "'$method'", + "SALT": "'$salt'", + "TIME": "'$time'", + "DATE": "'$date'" + }' + echo '}' +} + +# SHELL list function +shell_list() { + echo "METHOD: $method" + echo "SALT: $salt" +} + +# PLAIN list function +plain_list() { + echo -e "$method\t$salt" +} + +# CSV list function +csv_list() { + echo "METHOD,SALT" + echo "$method, $salt" +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +check_args '1' "$#" 'USER [IP] [SALT]' +is_format_valid 'user' + +# Checking user +if [ ! -d "$VESTA/data/users/$user" ] && [ "$user" != 'root' ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Parsing user's salt +shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :) + +if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$' +then + salt=$(echo "$shadow" |cut -f 3 -d \$) + method=$(echo "$shadow" |cut -f 2 -d \$) + if [ "$method" -eq '1' ]; then + method='md5' + elif [ "$method" -eq '6' ]; then + method='sha-512' + else + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 + fi +else + salt=${shadow:0:2} + method='des' +fi + +if [ -z "$salt" ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging + +exit diff --git a/bin/v-get-user-value b/bin/v-get-user-value index 19ccf4ce7..a832801ac 100755 --- a/bin/v-get-user-value +++ b/bin/v-get-user-value @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 key=$(echo "$2"| tr '[:lower:]' '[:upper:]' | sed "s/^/$/") @@ -22,7 +22,7 @@ source $VESTA/func/main.sh #----------------------------------------------------------# check_args '2' "$#" 'USER KEY' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" diff --git a/bin/v-get-web-domain-value b/bin/v-get-web-domain-value index 3e74e31ee..68745401f 100755 --- a/bin/v-get-web-domain-value +++ b/bin/v-get-web-domain-value @@ -11,7 +11,11 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Say goodbye +echo "This script is not used anymore" +exit + +# Argument definition user=$1 domain=$(idn -t --quiet -u "$2" ) domain_idn=$(idn -t --quiet -a "$domain") @@ -28,7 +32,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN KEY' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" diff --git a/bin/v-insert-dns-domain b/bin/v-insert-dns-domain index eb246f5d4..9e6874df5 100755 --- a/bin/v-insert-dns-domain +++ b/bin/v-insert-dns-domain @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 data=$2 src=$3 @@ -26,15 +26,15 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# -check_args '2' "$#" 'USER DATA [SRC] [RESTART]' -validate_format 'user' 'data' +check_args '2' "$#" 'USER DATA [SRC] [FLUSH] [RESTART]' +is_format_valid 'user' 'data' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" eval $data domain="$DOMAIN" if [ "$flush" = 'no' ]; then - is_domain_new 'dns' + is_domain_new 'dns' $domain fi @@ -47,18 +47,22 @@ if [ "$flush" = 'records' ]; then rm -f $USER_DATA/dns/$DOMAIN.conf touch $USER_DATA/dns/$DOMAIN.conf chmod 660 $USER_DATA/dns/$DOMAIN.conf - exit fi # Flush domain -if [ "$flush" = 'domain' ]; then +if [ "$flush" != 'no' ]; then sed -i "/DOMAIN='$DOMAIN'/d" $USER_DATA/dns.conf 2> /dev/null fi +# Generating timestamp +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + # Prepare values for the insert dns_rec="DOMAIN='$DOMAIN' IP='$IP' TPL='$TPL' TTL='$TTL' EXP='$EXP'" -dns_rec="$dns_rec SOA='$SOA' SRC='$src' RECORDS='$RECORDS'" -dns_rec="$dns_rec SUSPENDED='$SUSPENDED' TIME='$TIME' DATE='$DATE'" +dns_rec="$dns_rec SOA='$SOA' SERIAL="$SERIAL" SRC='$src' RECORDS='$RECORDS'" +dns_rec="$dns_rec SUSPENDED='$SUSPENDED' TIME='$time' DATE='$date'" echo "$dns_rec" >> $USER_DATA/dns.conf # Set permission @@ -69,15 +73,11 @@ chmod 660 $USER_DATA/dns.conf # Vesta # #----------------------------------------------------------# -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns $restart - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "Bind restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-insert-dns-record b/bin/v-insert-dns-record index 25f87dbe5..1afdd5202 100755 --- a/bin/v-insert-dns-record +++ b/bin/v-insert-dns-record @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 data=$3 @@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN DATA [RESTART]' -validate_format 'user' 'domain' 'data' +is_format_valid 'user' 'domain' 'data' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -44,15 +44,11 @@ echo "$data" >> $USER_DATA/dns/$domain.conf # Vesta # #----------------------------------------------------------# -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns $restart - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "Bind restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-insert-dns-records b/bin/v-insert-dns-records index 8fb2f55ce..52c72c66a 100755 --- a/bin/v-insert-dns-records +++ b/bin/v-insert-dns-records @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 data_file=$3 @@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN DATAFILE [RESTART]' -validate_format 'user' 'domain' 'data_file' +is_format_valid 'user' 'domain' 'data_file' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -47,15 +47,11 @@ fi # Vesta # #----------------------------------------------------------# -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "Bind restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-list-backup-ftp-host b/bin/v-list-backup-ftp-host deleted file mode 100755 index a4869c540..000000000 --- a/bin/v-list-backup-ftp-host +++ /dev/null @@ -1,87 +0,0 @@ -#!/bin/bash -# info: list backup host -# options: [FORMAT] -# -# The function for obtaining the list of back fto host. - - -#----------------------------------------------------------# -# Variable&Function # -#----------------------------------------------------------# - -# Argument defenition -format=${1-shell} - -# Includes -source $VESTA/func/main.sh - -# Json function -json_list_ftp_host() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - ip_data=$(cat $VESTA/conf/ftp.backup.conf) - echo '{' - eval $ip_data - for field in $fields; do - eval value=$field - if [ $i -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ $fileds_count -eq $i ]; then - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e ' }' - fi - echo -e '}' -} - -# Shell function -shell_list_ftp_host() { - line=$(cat $VESTA/conf/ftp.backup.conf) - eval $line - for field in $fields; do - eval key="$field" - if [ -z "$key" ]; then - key='NULL' - fi - echo "${field//$/}: $key " - done -} - - -#----------------------------------------------------------# -# Verifications # -#----------------------------------------------------------# - - -#----------------------------------------------------------# -# Action # -#----------------------------------------------------------# - -if [ ! -e "$VESTA/conf/ftp.backup.conf" ]; then - exit -fi - -# Defining fileds to select -fields='$HOST $USERNAME $PORT $TIME $DATE' - -# Listing database -case $format in - json) json_list_ftp_host ;; - plain) nohead=1; shell_list_ftp_host;; - shell) shell_list_ftp_host | column -t ;; - *) check_args '2' '0' '[FORMAT]' -esac - - -#----------------------------------------------------------# -# Vesta # -#----------------------------------------------------------# - -exit diff --git a/bin/v-list-backup-host b/bin/v-list-backup-host new file mode 100755 index 000000000..60e80fa17 --- /dev/null +++ b/bin/v-list-backup-host @@ -0,0 +1,98 @@ +#!/bin/bash +# info: list backup host +# options: TYPE HOST [FORMAT] +# +# The function for obtaining the list of backup host parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +type=$1 +format=${2-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{' + echo ' "'$type'": { + "HOST": "'$HOST'", + "USERNAME": "'$USERNAME'", + "PORT": "'$PORT'", + "TYPE": "'$type'", + "BPATH": "'$BPATH'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' +} + +# SHELL list function +shell_list() { + echo "HOST: $HOST" + echo "USERNAME: $USERNAME" + echo "PORT: $PORT" + echo "TYPE: $type" + echo "PATH: $BPATH" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -e "$HOST\t$USERNAME\t$PORT\t$type\t$BPATH\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo "HOST,USERNAME,PORT,TYPE,PATH,TIME,DATE" + echo "$HOST,$USERNAME,$PORT,$type,$BPATH,$TIME,$DATE" +} + +# Type format validator +is_type_format_valid() { + exclude="[!|#|$|^|&|(|)|+|=|{|}|:|@|<|>|?|/|\|\"|'|;|%|\`| ]|\." + if [[ "$1" =~ $exclude ]]; then + check_result $E_INVALID "invalid type extention format :: $1" + fi +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '1' "$#" 'TYPE [FORMAT]' +is_type_format_valid "$type" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking backup config +if [ ! -e "$VESTA/conf/$type.backup.conf" ]; then + exit +fi + +# Parsing backup config +source "$VESTA/conf/$type.backup.conf" + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-cron-job b/bin/v-list-cron-job index 166525eab..18592a52e 100755 --- a/bin/v-list-cron-job +++ b/bin/v-list-cron-job @@ -2,14 +2,14 @@ # info: list cron job # options: USER JOB [FORMAT] # -# The function of obtaining cron job settings. +# The function of obtaining cron job parameters. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 job=$2 format=${3-shell} @@ -17,44 +17,46 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_job() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - line=$(grep "JOB='$job'" $conf) - echo '{' - eval $line - for field in $fields; do - eval value=$field - value=$(echo "$value"|sed -e 's/"/\\"/g' -e "s/%quote%/'/g") - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$fileds_count" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"$value\"" - else - echo -e "\t\t\"${field//$/}\": \"$value\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e ' }' - fi - echo -e "}" +# JSON list function +json_list() { + echo "{" + echo -n ' "'$job'": { + "MIN": "'$MIN'", + "HOUR": "'$HOUR'", + "DAY": "'$DAY'", + "MONTH": "'$MONTH'", + "WDAY": "'$WDAY'", + "CMD": "'$CMD'", + "JOB": "'$JOB'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo + echo '}' } -# Shell function -shell_list_job() { - line=$(grep "JOB='$job'" $conf) - eval $line - for field in $fields; do - eval key="$field" - if [ -z "$key" ]; then - key=NULL - fi - echo "${field//$/}: $key " - done +# SHELL list function +shell_list() { + echo "MINUTE: $MIN" + echo "HOUR: $HOUR" + echo "DAY: $DAY" + echo "DAY OF WEEK: $WDAY" + echo "COMMAND: $CMD" + echo "SUSPENDED: $SUSPENDED" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -e "$MIN\t$HOUR\t$DAY\t$WDAY\t$CMD\t$SUSPENDED\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo "MIN,HOUR,DAY,WDAY,CMD,SUSPENDED,TIME,DATE" + echo "$MIN,$HOUR,$DAY,$WDAY,\"$CMD\",$SUSPENDED,$TIME,$DATE'" } @@ -63,6 +65,8 @@ shell_list_job() { #----------------------------------------------------------# check_args '2' "$#" 'USER JOB [FORMAT]' +is_format_valid 'user' +is_number_format_valid "$job" "job_id" is_object_valid 'user' 'USER' "$user" @@ -70,17 +74,27 @@ is_object_valid 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Defining config and fields to select +# Defining config conf=$USER_DATA/cron.conf -fields="\$JOB \$MIN \$HOUR \$DAY \$MONTH \$WDAY \$CMD \$SUSPENDED" -fields="$fields \$TIME \$DATE" -# Listing domains -case $format in - json) json_list_job ;; - plain) nohead=1; shell_list_job ;; - shell) shell_list_job |column -t ;; - *) check_args '2' '0' 'USER JOB [FORMAT]' +# Checking job id +cron_line=$(grep "JOB='$job'" $conf) +if [ -z "$cron_line" ]; then + check_result $E_NOTEXIST "cron job $job doesn't exist" +fi + +# Parsing cron job +eval $cron_line + +# Replacing quoted and backslahed text +CMD=$(echo "$CMD" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g") + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-cron-jobs b/bin/v-list-cron-jobs index 1fc327fde..d9b5c3791 100755 --- a/bin/v-list-cron-jobs +++ b/bin/v-list-cron-jobs @@ -9,60 +9,78 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh -# Json list function -json_list_cron() { - echo '{' - fileds_count=$(echo $fields| wc -w ) - while read line; do - eval $line - if [ -n "$data" ]; then - echo -e ' },' +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep JOB $USER_DATA/cron.conf |wc -l) + echo "{" + while read str; do + eval $str + CMD=$(echo "$CMD" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g") + echo -n ' "'$JOB'": { + "MIN": "'$MIN'", + "HOUR": "'$HOUR'", + "DAY": "'$DAY'", + "MONTH": "'$MONTH'", + "WDAY": "'$WDAY'", + "CMD": "'$CMD'", + "JOB": "'$JOB'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo fi - i=1 - IFS=' ' - for field in $fields; do - eval value=\"$field\" - value=$(echo "$value"|sed -e 's/"/\\"/g' -e "s/%quote%/'/g") - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - data=1 - fi - fi - done - done < $conf - if [ -n "$data" ]; then - echo -e ' }' - fi - echo -e '}' + ((i++)) + done < <(cat $USER_DATA/cron.conf) + echo '}' } -# Shell list function -shell_list_cron() { - if [ -z "$nohead" ] ; then - echo "${fields//$/}" - for a in $fields; do - echo -e "------ \c" - done - echo - fi - while read line ; do - eval $line - eval echo "$fields" | sed -e "s/%quote%/'/g" - done < $conf + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "JOB^MIN^HOUR^MONTH^WDAY^COMMAND" + echo "---^---^----^-----^----^-------" + while read str; do + eval $str + CMD=$(echo "$CMD" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g") + echo "$JOB^$MIN^$HOUR^$MONTH^$WDAY^$CMD" + done < <(cat $USER_DATA/cron.conf) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + CMD=$(echo "$CMD" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g") + echo -ne "$JOB\t$MIN\t$HOUR\t$MONTH\t$WDAY\t$CMD\t" + echo -e "$SUSPENDED\t$TIME\t$DATE" + done < <(cat $USER_DATA/cron.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "MIN,HOUR,DAY,WDAY,CMD,SUSPENDED,TIME,DATE" + while read str; do + eval $str + CMD=$(echo "$CMD" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g") + echo -n "$JOB,$MIN,$HOUR,$MONTH,$WDAY,\"$CMD\"," + echo "$SUSPENDED,$TIME,$DATE" + done < <(cat $USER_DATA/cron.conf) } @@ -71,7 +89,7 @@ shell_list_cron() { #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -79,23 +97,12 @@ is_object_valid 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Defining config -conf=$USER_DATA/cron.conf - -# Defining fileds to select -fields='$JOB $MIN $HOUR $DAY $MONTH $WDAY $CMD $JOB $SUSPENDED $TIME $DATE' - -# Listing domains -case $format in - json) json_list_cron ;; - plain) nohead=1; - fields="\"\$JOB\" \"\$SUSPENDED\" \"\$MIN\" \"\$HOUR\" \"\$DAY\"" - fields="$fields \"\$MONTH\" \"\$WDAY\" \"\$CMD\" "; - fields="$fields \"\$TIME\" \"\$DATE\"" - shell_list_cron ;; - shell) fields='$JOB~$SUSPENDED~$MIN~$HOUR~$DAY~$MONTH~$WDAY~$CMD'; - shell_list_cron |column -t -s '~';; - *) check_args '1' '0' 'USER [FORMAT]' ;; +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t -s '^';; esac diff --git a/bin/v-list-database b/bin/v-list-database index d9136aeed..420d0e692 100755 --- a/bin/v-list-database +++ b/bin/v-list-database @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 database=$2 format=${3-shell} @@ -17,40 +17,46 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_db() { - i=1 - last_word=$(echo "$fields" | wc -w) - line=$(grep "DB='$database'" $conf) +# JSON list function +json_list() { echo '{' - eval $line - for field in $fields; do - eval value=$field - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$last_word" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e "\t}" - fi - echo -e '}' + echo ' "'$database'": { + "DATABASE": "'$DB'", + "DBUSER": "'$DBUSER'", + "HOST": "'$HOST'", + "TYPE": "'$TYPE'", + "CHARSET": "'$CHARSET'", + "U_DISK": "'$U_DISK'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell list for single database -shell_list_db() { - line=$(grep "DB='$database'" $conf) - eval $line - for field in $fields; do - eval key="$field" - echo "${field//$/}: $key " - done +# SHELL list function +shell_list() { + echo "DATABASE: $DB" + echo "DB USER: $DBUSER" + echo "HOST: $HOST" + echo "TYPE: $TYPE" + echo "CHARSET: $CHARSET" + echo "DISK: $U_DISK" + echo "SUSPENDED: $SUSPENDED" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -ne "$DB\t$DBUSER\t$HOST\t$TYPE\t$CHARSET\t$U_DISK\t" + echo -e "$SUSPENDED\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo "DATABASE,DBUSER,HOST,TYPE,CHARSET,U_DISK,SUSPENDED,TIME,DATE" + echo "$DB,$DBUSER,$HOST,$TYPE,$CHARSET,$U_DISK,$SUSPENDED,$TIME,$DATE" } @@ -59,7 +65,7 @@ shell_list_db() { #----------------------------------------------------------# check_args '2' "$#" 'USER DATABASE [FORMAT]' -validate_format 'user' 'database' +is_format_valid 'user' 'database' is_object_valid 'user' 'USER' "$user" is_object_valid 'db' 'DB' "$database" @@ -68,17 +74,15 @@ is_object_valid 'db' 'DB' "$database" # Action # #----------------------------------------------------------# +# Parsing database +eval $(grep "DB='$database'" $USER_DATA/db.conf) -# Defining fileds to select -conf=$USER_DATA/db.conf -fields='$DB $DBUSER $HOST $TYPE $CHARSET $U_DISK $SUSPENDED $TIME $DATE' - -# Listing database -case $format in - json) json_list_db ;; - plain) shell_list_db ;; - shell) shell_list_db | column -t ;; - *) check_args '2' '0' 'USER DATABASE [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-database-host b/bin/v-list-database-host index a3ab0d89c..326764af1 100755 --- a/bin/v-list-database-host +++ b/bin/v-list-database-host @@ -1,15 +1,15 @@ #!/bin/bash -# info: list database server +# info: list database host # options: TYPE HOST [FORMAT] # -# The function for obtaining database server parameters. +# The function for obtaining database host parameters. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition type=$1 host=$2 format=${3-shell} @@ -17,40 +17,58 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_dbhost() { - i=1 - fields_count=$(echo "$fields" | wc -w) - line=$(grep "HOST='$host'" $conf) +# JSON list function +json_list() { echo '{' - eval $line - for field in $fields; do - eval value=$field - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$fields_count" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e "\t}" - fi - echo -e "}" + echo ' "'$HOST'": { + "HOST": "'$HOST'", + "TYPE": "'$type'", + "CHARSETS": "'$CHARSETS'", + "MAX_DB": "'$MAX_DB'", + "U_SYS_USERS": "'$U_SYS_USERS'", + "U_DB_BASES": "'$U_DB_BASES'", + "TPL": "'$TPL'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell function -shell_list_dbhost() { - line=$(grep "HOST='$host'" $conf) - eval $line - for field in $fields; do - eval key="$field" - echo "${field//$/}: $key" - done +# SHELL list function +shell_list() { + echo "HOST: $HOST" + echo "TYPE: $type" + echo "CHARSETS: $CHARSETS" + echo "MAX_DB: $MAX_DB" + echo "U_DB_BASES: $U_DB_BASES" + echo "U_SYS_USERS: $U_SYS_USERS" + echo "TPL: $TPL" + echo "SUSPENDED: $SUSPENDED" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -ne "$HOST\t$type\t$CHARSETS\t$MAX_DB\t$U_SYS_USERS\t" + echo -e "$U_DB_BASES\t$TPL\t$SUSPENDED\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo -n "HOST,TYPE,CHARSETS,MAX_DB,U_SYS_USERS," + echo "U_DB_BASES,TPL,SUSPENDED,TIME,DATE'" + echo -n "$HOST,$type,\"$CHARSETS\",$MAX_DB,\"$U_SYS_USERS\"," + echo "$U_DB_BASES,$TPL,$SUSPENDED,$TIME,$DATE" +} + +# Type format validator +is_type_format_valid() { + exclude="[!|#|$|^|&|(|)|+|=|{|}|:|@|<|>|?|/|\|\"|'|;|%|\`| ]|\." + if [[ "$1" =~ $exclude ]]; then + check_result $E_INVALID "invalid type extention format :: $1" + fi } @@ -59,7 +77,7 @@ shell_list_dbhost() { #----------------------------------------------------------# check_args '2' "$#" 'TYPE HOST [FORMAT]' -validate_format 'host' +is_type_format_valid "$type" is_object_valid "../../conf/$type" 'HOST' "$host" @@ -67,17 +85,15 @@ is_object_valid "../../conf/$type" 'HOST' "$host" # Action # #----------------------------------------------------------# -# Defining fileds to select -conf=$VESTA/conf/$type.conf -fields='$HOST $CHARSETS $MAX_DB $U_SYS_USERS $U_DB_BASES $TPL $SUSPENDED' -fields="$fields \$TIME \$DATE" +# Parsing hosts +eval $(grep "HOST='$host'" $VESTA/conf/$type.conf) -# Listing database -case $format in - json) json_list_dbhost ;; - plain) nohead=1; shell_list_dbhost ;; - shell) shell_list_dbhost | column -t;; - *) check_args '2' '0' 'TYPE HOST [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-database-hosts b/bin/v-list-database-hosts index d59d42d26..1355a5a48 100755 --- a/bin/v-list-database-hosts +++ b/bin/v-list-database-hosts @@ -1,46 +1,131 @@ #!/bin/bash -# info: list database servers -# options: TYPE [FORMAT] +# info: list database hosts +# options: [FORMAT] # -# The function for obtaining the list of all hosts of the same databases' type. +# The function for obtaining the list of all configured database hosts. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition -type=${1-mysql} -format=${2-shell} +# Argument definition +format=${1-shell} # Includes source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=0 + for type in $(echo $DB_SYSTEM |sed -e 's/,/\n/'); do + if [ -e "$VESTA/conf/$type.conf" ]; then + db_hosts=$(grep HOST $VESTA/conf/$type.conf |wc -l) + objects=$((objects + db_hosts)) + fi + done + + echo "[" + for type in $(echo $DB_SYSTEM |sed -e 's/,/\n/'); do + if [ -e "$VESTA/conf/$type.conf" ]; then + for str in $(cat $VESTA/conf/$type.conf); do + eval $str + echo -n ' { + "HOST": "'$HOST'", + "TYPE": "'$type'", + "CHARSETS": "'$CHARSETS'", + "MAX_DB": "'$MAX_DB'", + "U_SYS_USERS": "'$U_SYS_USERS'", + "U_DB_BASES": "'$U_DB_BASES'", + "TPL": "'$TPL'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done + fi + done + echo ']' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "HOST TYPE MAX_DB DB_USED SPND TIME DATE" + echo "---- ---- ------ ------- ---- ---- ----" + for type in $(echo $DB_SYSTEM |sed -e 's/,/\n/'); do + if [ -e "$VESTA/conf/$type.conf" ]; then + for str in $(cat $VESTA/conf/$type.conf); do + eval $str + echo "$HOST $type $MAX_DB $U_DB_BASES $SUSPENDED $TIME $DATE" + done + fi + done +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + for type in $(echo $DB_SYSTEM |sed -e 's/,/\n/'); do + if [ -e "$VESTA/conf/$type.conf" ]; then + for str in $(cat $VESTA/conf/$type.conf); do + eval $str + echo -ne "$HOST\t$type\t$CHARSETS\t$MAX_DB\t$U_SYS_USERS\t" + echo -e "$U_DB_BASES\t$TPL\t$SUSPENDED\t$TIME\t$DATE" + done + fi + done +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo -n "HOST,TYPE,CHARSETS,MAX_DB,U_SYS_USERS," + echo "U_DB_BASES,TPL,SUSPENDED,TIME,DATE" + for type in $(echo $DB_SYSTEM |sed -e 's/,/\n/'); do + if [ -e "$VESTA/conf/$type.conf" ]; then + for str in $(cat $VESTA/conf/$type.conf); do + eval $str + echo -n "$HOST,$type,\"$CHARSETS\",$MAX_DB,\"$U_SYS_USERS\"," + echo "$U_DB_BASES,$TPL,$SUSPENDED,$TIME,$DATE" + done + fi + done +} + +# Type format validator +is_type_format_valid() { + exclude="[!|#|$|^|&|(|)|+|=|{|}|:|@|<|>|?|/|\|\"|'|;|%|\`| ]|\." + if [[ "$1" =~ $exclude ]]; then + check_result $E_INVALID "invalid type extention format :: $1" + fi +} #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -# Checking args -#check_args '1' "$#" 'TYPE [FORMAT]' - #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Defining fileds to select -conf=$VESTA/conf/$type.conf -fields='$HOST $CHARSETS $MAX_DB $U_SYS_USERS $U_DB_BASES $TPL $SUSPENDED' -fields="$fields \$TIME \$DATE" - -# Listing database -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list;; - shell) fields='$HOST $MAX_DB $U_DB_BASES $SUSPENDED $DATE'; - shell_list | column -t ;; - *) check_args '2' '0' 'TYPE [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-database-types b/bin/v-list-database-types index 8a08a25b1..13f8edadb 100755 --- a/bin/v-list-database-types +++ b/bin/v-list-database-types @@ -9,38 +9,47 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf -# Json function -json_list_dbtypes() { - types=$(echo "${DB_SYSTEM//,/ }") - t_counter=$(echo "$types" | wc -w) +# JSON list function +json_list() { + objects=$(echo "${DB_SYSTEM//,/ }" |wc -w) i=1 echo '[' - for type in $types; do - if [ "$i" -lt "$t_counter" ]; then - echo -e "\t\"$type\"," + for type in ${DB_SYSTEM//,/ }; do + echo -n ' "'$type'"' + if [ "$i" -lt "$objects" ]; then + echo ',' else - echo -e "\t\"$type\"" + echo fi - (( ++i)) + ((i++)) done echo "]" } -# Shell function -shell_list_dbtypes() { - types=$(echo "${DB_SYSTEM//,/ }") - if [ -z "$nohead" ]; then - echo "TYPES" - echo "----------" - fi - for type in $types; do +# SHELL list function +shell_list() { + echo -e "TYPE\n----" + echo "$DB_SYSTEM" |sed -e "s/,/\n/" +} + +# PLAIN list function +plain_list() { + for type in ${DB_SYSTEM//,/ }; do + echo "$type" + done +} + +# CSV list function +csv_list() { + echo "TYPE" + for type in ${DB_SYSTEM//,/ }; do echo "$type" done } @@ -50,12 +59,12 @@ shell_list_dbtypes() { # Action # #----------------------------------------------------------# -# Listing domains -case $format in - json) json_list_dbtypes ;; - plain) nohead=1; shell_list_dbtypes ;; - shell) shell_list_dbtypes ;; - *) check_args '1' '0' '[FORMAT]' ;; +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; esac diff --git a/bin/v-list-databases b/bin/v-list-databases index 282fb52c2..b3e83b1d8 100755 --- a/bin/v-list-databases +++ b/bin/v-list-databases @@ -9,20 +9,80 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep "DB=" $USER_DATA/db.conf |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$DB'": { + "DATABASE": "'$DB'", + "DBUSER": "'$DBUSER'", + "HOST": "'$HOST'", + "TYPE": "'$TYPE'", + "CHARSET": "'$CHARSET'", + "U_DISK": "'$U_DISK'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $USER_DATA/db.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "DATABASE USER HOST TYPE DISK SPND DATE" + echo "-------- ---- ---- ---- ---- ---- ----" + while read str; do + eval $str + echo "$DB $DBUSER $HOST $TYPE $U_DISK $SUSPENDED $DATE" + done < <(cat $USER_DATA/db.conf) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$DB\t$DBUSER\t$HOST\t$TYPE\t$CHARSET\t$U_DISK\t" + echo -e "$SUSPENDED\t$TIME\t$DATE" + done < <(cat $USER_DATA/db.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "DATABASE,DBUSER,HOST,TYPE,CHARSET,U_DISK,SUSPENDED,TIME,DATE" + while read str; do + eval $str + echo "$DB,$DBUSER,$HOST,$TYPE,$CHARSET,$U_DISK,$SUSPENDED,$TIME,$DATE" + done < <(cat $USER_DATA/db.conf) +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -30,17 +90,12 @@ is_object_valid 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Defining fileds to select -conf=$USER_DATA/db.conf -fields='$DB $DBUSER $HOST $TYPE $CHARSET $U_DISK $SUSPENDED $TIME $DATE' - -# Listing databases -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$DB $DBUSER $HOST $TYPE $U_DISK $DATE'; - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-dns-domain b/bin/v-list-dns-domain index 8f24a37c3..c9c3f1ea6 100755 --- a/bin/v-list-dns-domain +++ b/bin/v-list-dns-domain @@ -2,15 +2,14 @@ # info: list dns domain # options: USER DOMAIN [FORMAT] # -# The function of obtaining the list of domain parameters. This call, just as -# all v_list_* calls, supports 3 formats - json, shell and plain. +# The function of obtaining the list of dns domain parameters. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 format=${3-shell} @@ -18,57 +17,52 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_domain() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - line=$(grep "DOMAIN='$domain'" $conf) - - # Print top bracket +# JSON list function +json_list() { echo '{' - - # Assing key=value - eval $line - - # Starting output loop - for field in $fields; do - # Parsing key=value - eval value=$field - - # Checking first field - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$fileds_count" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"$value\"" - else - echo -e "\t\t\"${field//$/}\": \"$value\"," - fi - fi - # Updating iterator - (( ++i)) - done - - # If there was any output - if [ -n "$value" ]; then - echo -e ' }' - fi - # Printing bottom json bracket - echo -e "}" + echo ' "'$DOMAIN'": { + "IP": "'$IP'", + "TPL": "'$TPL'", + "TTL": "'$TTL'", + "EXP": "'$EXP'", + "SOA": "'$SOA'", + "SERIAL": "'$SERIAL'", + "SRC": "'$SRC'", + "RECORDS": "'$RECORDS'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell function -shell_list_domain() { - line=$(grep "DOMAIN='$domain'" $conf) +# SHELL list function +shell_list() { + echo "DOMAIN: $DOMAIN" + echo "IP: $IP" + echo "TEMPLATE: $TPL" + echo "TTL: $TTL" + echo "EXP: $EXP" + echo "SOA: $SOA" + echo "SERIAL: $SERIAL" + echo "RECORDS: $RECORDS" + echo "SUSPENDED: $SUSPENDED" + echo "TIME: $TIME" + echo "DATE: $DATE" +} - # Parsing key=value - eval $line - # Print result line - for field in $fields; do - eval key="$field" - echo "${field//$/}: $key " - done +# PLAIN list function +plain_list() { + echo -ne "$DOMAIN\t$IP\t$TPL\t$TTL\t$EXP\t$SOA\t$SERIAL\t$RECORDS\t" + echo -e "$SUSPENDED\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo "DOMAIN,IP,TPL,TTL,EXP,SOA,SERIAL,RECORDS,SUSPENDED,TIME,DATE" + echo -n "$DOMAIN,$IP,$TPL,$TTL,$EXP,$SOA,$SERIAL,$RECORDS,$SUSPENDED," + echo "$TIME,$DATE" } @@ -77,6 +71,7 @@ shell_list_domain() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" @@ -85,16 +80,15 @@ is_object_valid 'dns' 'DOMAIN' "$domain" # Action # #----------------------------------------------------------# -# Defining config and fields to select -conf=$USER_DATA/dns.conf -fields='$DOMAIN $IP $TPL $TTL $EXP $SOA $RECORDS $SUSPENDED $TIME $DATE' +# Parsing domain +eval $(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) -# Listing domains -case $format in - json) json_list_domain ;; - plain) nohead=1; shell_list_domain ;; - shell) shell_list_domain |column -t ;; - *) check_args '2' '0' 'USER DOMAIN [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-dns-domains b/bin/v-list-dns-domains index e26452892..337760e39 100755 --- a/bin/v-list-dns-domains +++ b/bin/v-list-dns-domains @@ -9,20 +9,85 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep DOMAIN $USER_DATA/dns.conf |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$DOMAIN'": { + "IP": "'$IP'", + "TPL": "'$TPL'", + "TTL": "'$TTL'", + "EXP": "'$EXP'", + "SOA": "'$SOA'", + "SERIAL": "'$SERIAL'", + "SRC": "'$SRC'", + "RECORDS": "'$RECORDS'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $USER_DATA/dns.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "DOMAIN IP TPL TTL REC SPND DATE" + echo "------ -- --- --- --- ---- ----" + while read str; do + eval $str + echo "$DOMAIN $IP $TPL $TTL $RECORDS $SUSPENDED $DATE" + done < <(cat $USER_DATA/dns.conf) +} + + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$DOMAIN\t$IP\t$TPL\t$TTL\t$EXP\t$SOA\t$SERIAL\t" + echo -e "$SRC\t$RECORDS\t$SUSPENDED\t$TIME\t$DATE" + done < <(cat $USER_DATA/dns.conf) +} + + +# CSV list function +csv_list() { + IFS=$'\n' + echo "DOMAIN,IP,TPL,TTL,EXP,SOA,SERIAL,SRC,RECORDS,SUSPENDED,TIME,DATE" + while read str; do + eval $str + echo -n "$DOMAIN,$IP,$TPL,$TTL,$EXP,$SOA,$SERIAL," + echo "$SRC,$RECORDS,$SUSPENDED,$TIME,$DATE" + done < <(cat $USER_DATA/dns.conf) +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -30,17 +95,12 @@ is_object_valid 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Defining config and fields -conf=$USER_DATA/dns.conf -fields='$DOMAIN $IP $TPL $TTL $EXP $SOA $SRC $RECORDS $SUSPENDED $TIME $DATE' - -# Listing domains -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$DOMAIN $IP $TPL $EXP $DATE'; - shell_list| column -t ;; - *) check_args '1' '0' 'USER [FORMAT]';; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-dns-records b/bin/v-list-dns-records index 46e4da141..d23634d6b 100755 --- a/bin/v-list-dns-records +++ b/bin/v-list-dns-records @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 format=${3-shell} @@ -17,56 +17,67 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json func -json_list_dns() { - echo '{' - fileds_count=$(echo $fields| wc -w ) - while read line; do - IFS=$'\n' - eval $line - if [ -n "$data" ]; then - echo -e ' },' +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep ID $USER_DATA/dns/$domain.conf |wc -l) + echo "{" + while read str; do + eval $str + VALUE=$(echo "$VALUE" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g") + echo -n ' "'$ID'": { + "RECORD": "'$RECORD'", + "TYPE": "'$TYPE'", + "PRIORITY": "'$PRIORITY'", + "VALUE": "'$VALUE'", + "ID": "'$ID'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo fi - i=1 - IFS=' ' - for field in $fields; do - eval value=\"$field\" - value=$(echo "$value" | sed -e 's/"/\\"/g' -e "s/%quote%/'/g") - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - data=1 - fi - fi - done - done < $conf - if [ -n "$data" ]; then - echo -e ' }' - fi - echo -e '}' + ((i++)) + done < <(cat $USER_DATA/dns/$domain.conf) + echo '}' } -# Shell function -shell_list_dns() { +# SHELL list function +shell_list() { + IFS=$'\n' + echo "ID^RECORD^TYPE^VALUE^DATE" + echo "--^------^----^-----^----" + while read str; do + eval $str + echo "$ID^$RECORD^$TYPE^${VALUE:0:30}^$DATE" + done < <(cat $USER_DATA/dns/$domain.conf) +} - if [ -z "$nohead" ] ; then - echo "${fields//$/}" - for a in $fields; do - echo -e "------ \c" - done - echo - fi - while read line ; do - IFS=$'\n' - eval $line - eval echo "$fields" | sed "s/%quote%/'/g" - done < $conf +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + VALUE=$(echo "$VALUE" |sed -e "s/%quote%/\\'/g") + echo -ne "$ID\t$RECORD\t$TYPE\t$PRIORITY\t$VALUE\t" + echo -e "$SUSPENDED\t$TIME\t$DATE" + done < <(cat $USER_DATA/dns/$domain.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "ID,RECORD,TYPE,PRIORITY,VALUE,SUSPENDED,TIME,DATE" + while read str; do + eval $str + VALUE=$(echo "$VALUE" |sed -e "s/%quote%/\\'/g") + echo -n "$ID,$RECORD,$TYPE,$PRIORITY,\"$VALUE\"," + echo "$SUSPENDED,$TIME,$DATE" + done < <(cat $USER_DATA/dns/$domain.conf) } @@ -75,7 +86,7 @@ shell_list_dns() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" @@ -84,17 +95,12 @@ is_object_valid 'dns' 'DOMAIN' "$domain" # Action # #----------------------------------------------------------# -# Defining config and fields -conf=$USER_DATA/dns/$domain.conf -fields='$ID $RECORD $TYPE $PRIORITY $VALUE $ID $SUSPENDED $TIME $DATE' - -# Listing domains -case $format in - json) json_list_dns ;; - plain) nohead=1; shell_list_dns ;; - shell) fields='$ID $RECORD $TYPE $VALUE'; - shell_list_dns | column -t ;; - *) check_args '2' '0' 'USER DOMAIN [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t -s '^';; esac diff --git a/bin/v-list-dns-template b/bin/v-list-dns-template index 348153e63..2697c1750 100755 --- a/bin/v-list-dns-template +++ b/bin/v-list-dns-template @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition template=$1 format=${2-shell} @@ -17,55 +17,62 @@ format=${2-shell} source $VESTA/func/main.sh source $VESTA/func/domain.sh -# Json func -json_list_dns() { - echo '{' - fileds_count=$(echo $fields| wc -w ) - while read line; do - IFS=$'\n' - eval $line - if [ -n "$data" ]; then - echo -e ' },' +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep ID $DNSTPL/$template.tpl |wc -l) + echo "{" + while read str; do + eval $str + VALUE=$(echo "$VALUE" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g") + echo -n ' "'$ID'": { + "RECORD": "'$RECORD'", + "TYPE": "'$TYPE'", + "PRIORITY": "'$PRIORITY'", + "VALUE": "'$VALUE'", + "ID": "'$ID'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo fi - i=1 - IFS=' ' - for field in $fields; do - eval value=\"$field\" - value=$(echo "$value" | sed -e 's/"/\\"/g' -e "s/%quote%/'/g") - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - data=1 - fi - fi - done - done < $conf - if [ -n "$data" ]; then - echo -e ' }' - fi - echo -e '}' + ((i++)) + done < <(cat $DNSTPL/$template.tpl) + echo '}' } -# Shell function -shell_list_dns() { - if [ -z "$nohead" ] ; then - echo "${fields//$/}" - for a in $fields; do - echo -e "------ \c" - done - echo - fi +# SHELL list function +shell_list() { + IFS=$'\n' + echo "ID^RECORD^TYPE^VALUE" + echo "--^------^----^-----" + while read str; do + eval $str + echo "$ID^$RECORD^$TYPE^$VALUE" + done < <(cat $DNSTPL/$template.tpl) +} - while read line ; do - eval $line - eval echo "$fields" | sed "s/%quote%/'/g" - done < $conf +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + VALUE=$(echo "$VALUE" |sed -e "s/%quote%/\\'/g") + echo -e "$ID\t$RECORD\t$TYPE\t$PRIORITY\t$VALUE" + done < <(cat $DNSTPL/$template.tpl) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "ID,RECORD,TYPE,PRIORITY,VALUE" + while read str; do + eval $str + VALUE=$(echo "$VALUE" |sed -e "s/%quote%/\\'/g") + echo "$ID,$RECORD,$TYPE,$PRIORITY,\"$VALUE\"" + done < <(cat $DNSTPL/$template.tpl) } @@ -74,24 +81,20 @@ shell_list_dns() { #----------------------------------------------------------# check_args '1' "$#" 'TEMPLATE [FORMAT]' -validate_format 'template' -is_dns_template_valid +is_format_valid 'template' +is_dns_template_valid "$template" #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Defining config and fields -conf=$DNSTPL/$template.tpl -fields='$RECORD $TYPE $PRIORITY $VALUE' - -# Listing templates -case $format in - json) json_list_dns ;; - plain) nohead=1; shell_list_dns ;; - shell) shell_list_dns | column -t ;; - *) check_args '1' '0' 'TEMPLATE [FORMAT]';; +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t -s '^';; esac diff --git a/bin/v-list-dns-templates b/bin/v-list-dns-templates index 18090b52b..dffdf482c 100755 --- a/bin/v-list-dns-templates +++ b/bin/v-list-dns-templates @@ -9,36 +9,47 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_dnstpl() { - templates=$(ls -t $DNSTPL |grep '\.tpl' |cut -f 1 -d '.') - t_counter=$(echo "$templates" | wc -w) +# JSON list function +json_list() { + objects=$(echo "$templates" |wc -l) i=1 - echo '[' + echo "[" for template in $templates; do - if [ "$i" -lt "$t_counter" ]; then - echo -e "\t\"$template\"," + echo -n ' "'$template'"' + if [ "$i" -lt "$objects" ]; then + echo ',' else - echo -e "\t\"$template\"" + echo fi - (( ++i)) + ((i++)) done echo "]" + } -# Shell function -shell_list_dnstpl() { - templates=$(ls -t $DNSTPL |grep '\.tpl' |cut -f 1 -d '.') - if [ -z "$nohead" ]; then - echo "Templates" - echo "----------" - fi +# SHELL list function +shell_list() { + echo "TEMPLATE" + echo "--------" + ls -t $DNSTPL |grep '\.tpl' |cut -f 1 -d '.' +} + +# PLAIN list function +plain_list() { + for template in $templates; do + echo "$template" + done +} + +# CSV list function +csv_list() { + echo "TEMPLATE" for template in $templates; do echo "$template" done @@ -49,12 +60,15 @@ shell_list_dnstpl() { # Action # #----------------------------------------------------------# -# Listing domains -case $format in - json) json_list_dnstpl;; - plain) nohead=1; shell_list_dnstpl ;; - shell) shell_list_dnstpl ;; - *) check_args '1' '0' '[FORMAT] [LIMIT] [OFFSET]';; +# Defining template list +templates=$(ls -t $DNSTPL |grep '\.tpl' |cut -f 1 -d '.') + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; esac diff --git a/bin/v-list-firewall b/bin/v-list-firewall index c841f34e7..5b0537c12 100755 --- a/bin/v-list-firewall +++ b/bin/v-list-firewall @@ -9,31 +9,83 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep RULE $VESTA/data/firewall/rules.conf |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$RULE'": { + "ACTION": "'$ACTION'", + "PROTOCOL": "'$PROTOCOL'", + "PORT": "'$PORT'", + "IP": "'$IP'", + "COMMENT": "'$COMMENT'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $VESTA/data/firewall/rules.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "RULE^ACTION^PROTO^PORT^IP^SPND^DATE" + echo "----^------^-----^----^--^----^----" + while read str; do + eval $str + echo "$RULE^$ACTION^$PROTOCOL^$PORT^$IP^$SUSPENDED^$DATE" + done < <(cat $VESTA/data/firewall/rules.conf) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$RULE\t$ACTION\t$PROTOCOL\t$PORT\t$IP\t$COMMENT\t" + echo -e "$SUSPENDED\t$TIME\t$DATE" + done < <(cat $VESTA/data/firewall/rules.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "RULE,ACTION,PROTOCOL,PORT,IP,COMMENT,SUSPENDED,TIME,DATE" + while read str; do + eval $str + echo -n "$RULE,$ACTION,$PROTOCOL,$PORT,$IP,\"$COMMENT\"," + echo "$SUSPENDED,$TIME,$DATE" + done < <(cat $VESTA/data/firewall/rules.conf) +} + #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Defining config -conf=$VESTA/data/firewall/rules.conf - -# Defining fileds to select -fields="\$RULE \$ACTION \$PROTOCOL \$PORT \$IP \$COMMENT" -fields="$fields \$RULE \$SUSPENDED \$TIME \$DATE" - -# Listing domains -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields="\$ACTION \$PROTOCOL \$PORT \$IP"; - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t -s '^' ;; esac diff --git a/bin/v-list-firewall-ban b/bin/v-list-firewall-ban index d34570295..62a081201 100755 --- a/bin/v-list-firewall-ban +++ b/bin/v-list-firewall-ban @@ -9,30 +9,77 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep IP $VESTA/data/firewall/banlist.conf |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$IP'": { + "IP": "'$IP'", + "CHAIN": "'$CHAIN'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $VESTA/data/firewall/banlist.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "IP CHAIN TIME DATE" + echo "-- ----- ---- ----" + while read str; do + eval $str + echo "$IP $CHAIN $TIME $DATE" + done < <(cat $VESTA/data/firewall/banlist.conf) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -e "$IP\t$CHAIN\t$TIME\t$DATE" + done < <(cat $VESTA/data/firewall/banlist.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "IP,CHAIN,TIME,DATE" + while read str; do + eval $str + echo "$IP,$CHAIN,$TIME,$DATE" + done < <(cat $VESTA/data/firewall/banlist.conf) +} + #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Defining config -conf=$VESTA/data/firewall/banlist.conf - -# Defining fileds to select -fields="\$IP:\$CHAIN \$TIME \$DATE" - -# Listing domains +# Listing data case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$IP $CHAIN $TIME $DATE'; - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-firewall-rule b/bin/v-list-firewall-rule index ab9cfa4a5..e7c7f6b1a 100755 --- a/bin/v-list-firewall-rule +++ b/bin/v-list-firewall-rule @@ -9,50 +9,50 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition rule=$1 format=${2-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_fw_rule() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - line=$(grep "RULE='$rule'" $conf) +json_list() { echo '{' - eval $line - for field in $fields; do - eval value=$field - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$fileds_count" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"$value\"" - else - echo -e "\t\t\"${field//$/}\": \"$value\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e ' }' - fi - echo -e "}" + echo ' "'$RULE'": { + "ACTION": "'$ACTION'", + "PROTOCOL": "'$PROTOCOL'", + "PORT": "'$PORT'", + "IP": "'$IP'", + "COMMENT": "'$COMMENT'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell function -shell_list_fw_rule() { - line=$(grep "RULE='$rule'" $conf) - eval $line - for field in $fields; do - eval key="$field" - if [ -z "$key" ]; then - key=NULL - fi - echo "${field//$/}: $key " - done +# SHELL list function +shell_list() { + echo "ACTION: $ACTION" + echo "PROTOCOL: $PROTOCOL" + echo "PORT: $PORT" + echo "IP: $IP" + echo "COMMENT: $COMMENT" + echo "SUSPENDED: $SUSPENDED" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -ne "$RULE\t$ACTION\t$PROTOCOL\t$PORT\t$IP\t$COMMENT\t" + echo -e "$SUSPENDED\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo "RULE,ACTION,PROTOCOL,PORT,IP,COMMENT,SUSPENDED,TIME,DATE" + echo "$RULE,$ACTION,$PROTOCOL,$PORT,$IP,$COMMENT,$SUSPENDED,$TIME,$DATE" } @@ -61,6 +61,7 @@ shell_list_fw_rule() { #----------------------------------------------------------# check_args '1' "$#" 'RULE [FORMAT]' +is_number_format_valid "$rule" "rule id" is_object_valid '../../data/firewall/rules' 'RULE' "$rule" @@ -68,17 +69,15 @@ is_object_valid '../../data/firewall/rules' 'RULE' "$rule" # Action # #----------------------------------------------------------# -# Defining config and fields to select -conf=$VESTA/data/firewall/rules.conf -fields="\$RULE \$ACTION \$PROTOCOL \$PORT \$IP \$COMMENT" -fields="$fields \$RULE \$SUSPENDED \$TIME \$DATE" +# Parsing rules +eval $(grep "RULE='$rule'" $VESTA/data/firewall/rules.conf) -# Listing fw rule -case $format in - json) json_list_fw_rule ;; - plain) nohead=1; shell_list_fw_rule ;; - shell) shell_list_fw_rule |column -t ;; - *) check_args '2' '0' 'RULE [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-fs-directory b/bin/v-list-fs-directory index f183d6a82..57a2c7c32 100755 --- a/bin/v-list-fs-directory +++ b/bin/v-list-fs-directory @@ -1,5 +1,8 @@ #!/bin/bash -# File list wrapper +# info: list directory +# options: USER DIRECTORY +# +# The function lists directory on the file system user=$1 path=$2 @@ -10,30 +13,33 @@ if [ -z "$user" ]; then exit 1 fi -# Checking users +# Checking vesta user if [ ! -e "$VESTA/data/users/$user" ]; then - exit 1 + echo "Error: vesta user $user doesn't exist" + exit 3 fi -# Checking homedir +# Checking user homedir homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) if [ -z $homedir ]; then - exit 1 + echo "Error: user home directory doesn't exist" + exit 12 fi # Checking path if [ ! -z "$path" ]; then - # Validating absolute path rpath=$(readlink -f "$path") if [ -z "$(echo $rpath |grep $homedir)" ]; then - exit 1 + echo "Error: invalid path $dst_dir" + exit 2 fi else path=$homedir fi -# Listing files -find "$path" -maxdepth 1 -printf "%y|%m|%TY-%Tm-%Td|%TH:%TM:%TS|%u|%g|%s|%P\n" +# Listing directory +sudo -u $user find "$path" -maxdepth 1 \ + -printf "%y|%m|%TY-%Tm-%Td|%TH:%TM|%u|%g|%s|%P\n" 2>/dev/null - -exit +# Exiting +exit $? diff --git a/bin/v-list-letsencrypt-user b/bin/v-list-letsencrypt-user new file mode 100755 index 000000000..f6e2c774d --- /dev/null +++ b/bin/v-list-letsencrypt-user @@ -0,0 +1,85 @@ +#!/bin/bash +# info: list letsencrypt key +# options: USER [FORMAT] +# +# The function for obtaining the letsencrypt key thumbprint + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +format=${2-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{' + echo ' "'$user'": { + "EMAIL": "'$EMAIL'", + "EXPONENT": "'$EXPONENT'", + "MODULUS": "'$MODULUS'", + "THUMB": "'$THUMB'", + "KID": "'$KID'" + }' + echo '}' +} + +# SHELL list function +shell_list() { + echo "USER: $user" + echo "EMAIL: $EMAIL" + echo "THUMB: $THUMB" + echo "EXPONENT: $EXPONENT" + echo "MODULUS: $MODULUS" + echo "KID: $KID" +} + +# PLAIN list function +plain_list() { + echo -e "$user\t$EMAIL\t$EXPONENT\t$MODULUS\t$THUMB\t$KID" +} + +# CSV list function +csv_list() { + echo "USER,EMAIL,EXPONENT,MODULUS,THUMB,KID" + echo "$user,$EMAIL,$EXPONENT,$MODULUS,$THUMB,$KID" +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '1' "$#" 'USER [FORMAT]' +is_format_valid 'user' +is_object_valid 'user' 'USER' "$user" +if [ ! -e "$USER_DATA/ssl/le.conf" ]; then + check_result $E_NOTEXIST "LetsEncrypt user account doesn't exist" +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +source $USER_DATA/ssl/le.conf + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-mail-account b/bin/v-list-mail-account index 94a441a3b..65cc5b907 100755 --- a/bin/v-list-mail-account +++ b/bin/v-list-mail-account @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 account=$3 @@ -18,43 +18,49 @@ format=${4-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_account() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - line=$(grep "ACCOUNT='$account'" $conf) +# JSON list function +json_list() { echo '{' - eval $line - for field in $fields; do - eval value=$field - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$fileds_count" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"$value\"" - else - echo -e "\t\t\"${field//$/}\": \"$value\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e ' }' - fi - echo -e "}" + echo ' "'$account'": { + "ALIAS": "'$ALIAS'", + "FWD": "'$FWD'", + "FWD_ONLY": "'$FWD_ONLY'", + "AUTOREPLY": "'$AUTOREPLY'", + "QUOTA": "'$QUOTA'", + "U_DISK": "'$U_DISK'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell function -shell_list_account() { - line=$(grep "ACCOUNT='$account'" $conf) - eval $line - for field in $fields; do - eval key="$field" - if [ -z "$key" ]; then - key=NULL - fi - echo "${field//$/}: $key " - done +# SHELL list function +shell_list() { + echo "ACCOUNT: $account" + echo "ALIAS: $ALIAS" + echo "FORWARD: $FWD" + echo "FORWARD_ONLY: $FWD_ONLY" + echo "AUTOREPLY: $AUTOREPLY" + echo "QUOTA: $QUOTA" + echo "DISK: $U_DISK" + echo "SUSPENDED: $SUSPENDED" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -ne "$account\t$ALIAS\t$FWD\t$FWD_ONLY\t$AUTOREPLY\t$QUOTA\t" + echo -e "$U_DISK\t$SUSPENDED\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo -n "ACCOUNT,ALIAS,FWD,FWD_ONLY,AUTOREPLY,QUOTA,U_DISK" + echo "SUSPENDED,TIME,DATE" + echo -n "$ACCOUNT,\"$ALIAS\",\"$FWD\",$FWD_ONLY,$AUTOREPLY,$QUOTA," + echo "$U_DISK,$SUSPENDED,$TIME,$DATE" } @@ -63,6 +69,7 @@ shell_list_account() { #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ACCOUNT [FORMAT]' +is_format_valid 'user' 'domain' 'account' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" is_object_valid "mail/$domain" 'ACCOUNT' "$account" @@ -73,17 +80,15 @@ is_object_valid "mail/$domain" 'ACCOUNT' "$account" # Action # #----------------------------------------------------------# -# Defining config and fields to select -conf=$USER_DATA/mail/$domain.conf -fields="\$ACCOUNT \$ALIAS \$FWD \$FWD_ONLY \$QUOTA \$AUTOREPLY \$U_DISK" -fields="$fields \$SUSPENDED \$TIME \$DATE" +# Parsing mail account +eval $(grep "ACCOUNT='$account'" $USER_DATA/mail/$domain.conf) -# Listing domains -case $format in - json) json_list_account ;; - plain) nohead=1; shell_list_account ;; - shell) shell_list_account |column -t ;; - *) check_args '2' '0' 'USER DOMAIN ACCOUNT [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-mail-account-autoreply b/bin/v-list-mail-account-autoreply index 367f7e602..4d5b17cab 100755 --- a/bin/v-list-mail-account-autoreply +++ b/bin/v-list-mail-account-autoreply @@ -2,14 +2,14 @@ # info: list mail account autoreply # options: USER DOMAIN ACCOUNT [FORMAT] # -# The function of obtainin mail account autoreply message. +# The function of obtaining mail account autoreply message. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 account=$3 @@ -18,8 +18,10 @@ format=${4-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_msg() { +# JSON list function +json_list() { + TO_ESCAPE='\\'; + msg=$(echo "$msg" |sed -e "s|${TO_ESCAPE}|${TO_ESCAPE}${TO_ESCAPE}|g" -e 's/"/\\"/g' -e "s/%quote%/'/g") i='1' # iterator echo '{' echo -e "\t\"$account\": {" @@ -27,11 +29,20 @@ json_list_msg() { echo -e "\t}\n}" } -# Shell function -shell_list_msg() { - if [ ! -z "$msg" ]; then - echo -e "$msg" - fi +# SHELL list function +shell_list() { + echo "$msg" +} + +# PLAIN list function +plain_list() { + echo "$msg" +} + +# CSV list function +csv_list() { + echo "MSG" + echo "$msg" } @@ -39,7 +50,8 @@ shell_list_msg() { # Verifications # #----------------------------------------------------------# -check_args '2' "$#" 'USER DOMAIN [FORMAT]' +check_args '3' "$#" 'USER DOMAIN ACCOUNT [FORMAT]' +is_format_valid 'user' 'domain' 'account' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" is_object_unsuspended 'mail' 'DOMAIN' "$domain" @@ -56,12 +68,12 @@ if [ -e "$USER_DATA/mail/$account@$domain.msg" ]; then sed ':a;N;$!ba;s/\n/\\n/g' ) fi -# Listing domains +# Listing data case $format in - json) json_list_msg ;; - plain) nohead=1; shell_list_msg ;; - shell) shell_list_msg ;; - *) check_args '1' '0' '[FORMAT]' + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-mail-accounts b/bin/v-list-mail-accounts index 9c1f399b6..9d4ef41b9 100755 --- a/bin/v-list-mail-accounts +++ b/bin/v-list-mail-accounts @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 format=${3-shell} @@ -17,13 +17,90 @@ format=${3-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep ACCOUNT $USER_DATA/mail/$domain.conf |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$ACCOUNT'": { + "ALIAS": "'$ALIAS'", + "FWD": "'$FWD'", + "FWD_ONLY": "'$FWD_ONLY'", + "AUTOREPLY": "'$AUTOREPLY'", + "QUOTA": "'$QUOTA'", + "U_DISK": "'$U_DISK'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $USER_DATA/mail/$domain.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "ACCOUNT ALIAS FWD DISK DATE" + echo "------- ----- --- ---- ----" + while read str; do + eval $str + if [ -z "$ALIAS" ]; then + ALIAS='no' + else + if [ "${#ALIAS}" -gt 12 ]; then + ALIAS="${ALIAS:0:12}..." + fi + fi + if [ -z "$FWD" ]; then + FWD='no' + else + if [ "${#FWD}" -gt 20 ]; then + FWD="${FWD:0:20}..." + fi + fi + echo "$ACCOUNT $ALIAS $FWD $U_DISK $DATE" + done < <(cat $USER_DATA/mail/$domain.conf) +} + + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$ACCOUNT\t$ALIAS\t$FWD\t$FWD_ONLY\t$AUTOREPLY\t" + echo -e "$QUOTA\t$U_DISK\t$SUSPENDED\t$TIME\t$DATE" + done < <(cat $USER_DATA/mail/$domain.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo -n "ACCOUNT,ALIAS,FWD,FWD_ONLY,AUTOREPLY,QUOTA,U_DISK," + echo "SUSPENDED,TIME,DATE" + while read str; do + eval $str + echo -n "$ACCOUNT,\"$ALIAS\",\"$FWD\",$FWD_ONLY,$AUTOREPLY," + echo "$QUOTA,$U_DISK,$SUSPENDED,$TIME,$DATE" + done < <(cat $USER_DATA/mail/$domain.conf) +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" @@ -32,18 +109,12 @@ is_object_valid 'mail' 'DOMAIN' "$domain" # Action # #----------------------------------------------------------# -# Defining fileds to select -conf=$USER_DATA/mail/$domain.conf -fields="\$ACCOUNT \$ALIAS \$FWD \$FWD_ONLY \$QUOTA \$AUTOREPLY \$U_DISK" -fields="$fields \$SUSPENDED \$TIME \$DATE" - -# Listing domain accounts -case $format in - json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$ACCOUNT $AUTOREPLY $QUOTA $U_DISK $SUSPENDED $TIME $DATE'; - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-mail-domain b/bin/v-list-mail-domain index fae895279..25dab90c2 100755 --- a/bin/v-list-mail-domain +++ b/bin/v-list-mail-domain @@ -1,16 +1,15 @@ #!/bin/bash -# info: list web domain +# info: list mail domain # options: USER DOMAIN [FORMAT] # -# The function of obtaining the list of domain parameters. This call, just as -# all v_list_* calls, supports 3 formats - json, shell and plain. +# The function of obtaining the list of domain parameters. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 format=${3-shell} @@ -18,41 +17,50 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_domain() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - line=$(grep "DOMAIN='$domain'" $conf) +# JSON list function +json_list() { + eval $(grep "DOMAIN='$domain'" $USER_DATA/mail.conf) echo '{' - eval $line - for field in $fields; do - eval value=$field - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$fileds_count" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"$value\"" - else - echo -e "\t\t\"${field//$/}\": \"$value\"," - fi - fi - (( ++i)) - done - - if [ -n "$value" ]; then - echo -e ' }' - fi - echo -e "}" + echo ' "'$DOMAIN'": { + "ANTIVIRUS": "'$ANTIVIRUS'", + "ANTISPAM": "'$ANTISPAM'", + "DKIM": "'$DKIM'", + "CATCHALL": "'$CATCHALL'", + "ACCOUNTS": "'$ACCOUNTS'", + "U_DISK": "'$U_DISK'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell function -shell_list_domain() { - line=$(grep "DOMAIN='$domain'" $conf) - eval $line - for field in $fields; do - eval key="$field" - echo "${field//$/}: $key " - done +# SHELL list function +shell_list() { + echo "DOMAIN: $DOMAIN" + echo "ANTIVIRUS: $ANTIVIRUS" + echo "ANTISPAM: $ANTISPAM" + echo "DKIM: $DKIM" + echo "CATCHALL: $CATCHALL" + echo "ACCOUNTS: $ACCOUNTS" + echo "DISK: $U_DISK" + echo "SUSPENDED: $SUSPENDED" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -ne "$DOMAIN\t$ANTIVIRUS\t$ANTISPAM\t$DKIM\t$CATCHALL\t" + echo -e "$ACCOUNTS\t$U_DISK\t$SUSPENDED\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo -n "DOMAIN,ANTIVIRUS,ANTISPAM,DKIM,CATCHALL,ACCOUNTS,U_DISK," + echo "SUSPENDED,TIME,DATE" + echo -n "$DOMAIN,$ANTIVIRUS,$ANTISPAM,$DKIM,$CATCHALL,$ACCOUNTS,$U_DISK" + echo "$SUSPENDED,$TIME,$DATE" } @@ -61,6 +69,7 @@ shell_list_domain() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" @@ -69,17 +78,15 @@ is_object_valid 'mail' 'DOMAIN' "$domain" # Action # #----------------------------------------------------------# -# Defining fileds to select -conf=$USER_DATA/mail.conf -fields='$DOMAIN $ANTIVIRUS $ANTISPAM $DKIM $ACCOUNTS $U_DISK $CATCHALL -$SUSPENDED $TIME $DATE' +# Parsing mail domain +eval $(grep "DOMAIN='$domain'" $USER_DATA/mail.conf) -# Listing domains -case $format in - json) json_list_domain ;; - plain) nohead=1; shell_list_domain ;; - shell) shell_list_domain |column -t ;; - *) check_args '2' '0' 'USER DOMAIN [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-mail-domain-dkim b/bin/v-list-mail-domain-dkim index 72ba40093..37088ee0b 100755 --- a/bin/v-list-mail-domain-dkim +++ b/bin/v-list-mail-domain-dkim @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 format=${3-shell} @@ -17,8 +17,8 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_ssl() { +# JSON list function +json_list() { echo '{' echo -e "\t\"$domain\": {" echo " \"PEM\": \"$pem\"," @@ -26,14 +26,21 @@ json_list_ssl() { echo -e "\t}\n}" } -# Shell function -shell_list_ssl() { - if [ ! -z "$pem" ]; then - echo -e "$pem" - fi - if [ ! -z "$pub" ]; then - echo -e "\n$pub" - fi +# SHELL list function +shell_list() { + echo -e "$pem" + echo -e "\n$pub" +} + +# PLAIN list function +plain_list() { + echo "$pem\t$pub" +} + +# CSV list function +csv_list() { + echo "PEM,PUB" + echo "\"$pem\",\"$pub\"" } @@ -42,6 +49,7 @@ shell_list_ssl() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" @@ -49,20 +57,22 @@ is_object_valid 'mail' 'DOMAIN' "$domain" #----------------------------------------------------------# # Action # #----------------------------------------------------------# + +# Parsing domain keys if [ -e "$USER_DATA/mail/$domain.pem" ]; then - pem=$(cat $USER_DATA/mail/$domain.pem | sed ':a;N;$!ba;s/\n/\\n/g') + pem=$(cat $USER_DATA/mail/$domain.pem |sed ':a;N;$!ba;s/\n/\\n/g') fi if [ -e "$USER_DATA/mail/$domain.pub" ]; then - pub=$(cat $USER_DATA/mail/$domain.pub | sed ':a;N;$!ba;s/\n/\\n/g') + pub=$(cat $USER_DATA/mail/$domain.pub |sed ':a;N;$!ba;s/\n/\\n/g') fi -# Listing domains +# Listing data case $format in - json) json_list_ssl ;; - plain) nohead=1; shell_list_ssl ;; - shell) shell_list_ssl ;; - *) check_args '1' '0' '[FORMAT]' + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-mail-domain-dkim-dns b/bin/v-list-mail-domain-dkim-dns index b3c8c4887..d9f9d5bac 100755 --- a/bin/v-list-mail-domain-dkim-dns +++ b/bin/v-list-mail-domain-dkim-dns @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 format=${3-shell} @@ -17,24 +17,38 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_dkim_dns() { +# JSON list function +json_list() { echo '{' echo -e "\t\"_domainkey\": {" - echo " \"TTL\": \"3600\"," - echo " \"TXT\": \"'t=y; o=~;'\"" + echo " \"TTL\": \"3600\"," + echo " \"TXT\": \"'t=y; o=~;'\"" echo -e "\t}," echo -e "\n\t\"mail._domainkey\": {" - echo " \"TTL\": \"3600\"," - echo " \"TXT\": \"'$pub'\"" + echo " \"TTL\": \"3600\"," + echo " \"TXT\": \"\\\"$pub\\\"\"" echo -e "\t}\n}" - } -# Shell function -shell_list_dkim_dns() { - echo "_domainkey 3600 IN TXT \"t=y; o=~;\"" - echo "mail._domainkey 3600 IN TXT \"k=rsa; p=$pub\"" +# SHELL list function +shell_list() { + echo "RECORD TTL TYPE VALUE" + echo "------ --- ---- -----" + echo "_domainkey 3600 IN TXT \"t=y; o=~;\"" + echo "mail._domainkey 3600 IN TXT \"k=rsa; p=$pub\"" +} + +# PLAIN list function +plain_list() { + echo -e "_domainkey\t3600\tIN\tTXT\t\"t=y; o=~;\"" + echo -e "mail._domainkey\t3600\tIN\tTXT\t\"k=rsa; p=$pub\"" +} + +# CSV list function +csv_list() { + echo "RECORD,TTL,IN,TYPE,VALUE" + echo "_domainkey,3600,IN,TXT,\"\"t=y; o=~;\"\"" + echo "mail._domainkey,3600,IN,TXT,\"\"k=rsa; p=$pub\"\"" } @@ -43,6 +57,7 @@ shell_list_dkim_dns() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" @@ -51,19 +66,20 @@ is_object_valid 'mail' 'DOMAIN' "$domain" # Action # #----------------------------------------------------------# -# Check pub key +# Parsing domain keys if [ -e "$USER_DATA/mail/$domain.pub" ]; then - pub=$(cat $USER_DATA/mail/$domain.pub | sed ':a;N;$!ba;s/\n/\\n/g') + pub=$(cat $USER_DATA/mail/$domain.pub |grep -v "KEY-----" |tr -d "\n\r") + pub=$(echo "$pub" |sed ':a;N;$!ba;s/\n/\\n/g') else pub="DKIM-SUPPORT-IS-NOT-ACTIVATED" fi -# Listing domains +# Listing data case $format in - json) json_list_dkim_dns ;; - plain) shell_list_dkim_dns ;; - shell) shell_list_dkim_dns ;; - *) check_args '1' '0' '[FORMAT]' + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t -s '^';; esac diff --git a/bin/v-list-mail-domains b/bin/v-list-mail-domains index e9daa34d6..f6a803b93 100755 --- a/bin/v-list-mail-domains +++ b/bin/v-list-mail-domains @@ -9,20 +9,84 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep DOMAIN $USER_DATA/mail.conf |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$DOMAIN'": { + "ANTIVIRUS": "'$ANTIVIRUS'", + "ANTISPAM": "'$ANTISPAM'", + "DKIM": "'$DKIM'", + "CATCHALL": "'$CATCHALL'", + "ACCOUNTS": "'$ACCOUNTS'", + "U_DISK": "'$U_DISK'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $USER_DATA/mail.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "DOMAIN ANTIVIRUS ANTISPAM DKIM ACC DISK SPND DATE" + echo "------ --------- -------- ---- --- ---- --- ----" + while read str; do + eval $str + echo -n "$DOMAIN $ANTIVIRUS $ANTISPAM $DKIM $ACCOUNTS $U_DISK " + echo "$SUSPENDED $DATE" + done < <(cat $USER_DATA/mail.conf) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$DOMAIN\t$ANTIVIRUS\t$ANTISPAM\t$DKIM\t$CATCHALL\t" + echo -e "$ACCOUNTS\t$U_DISK\t$SUSPENDED\t$TIME\t$DATE" + done < <(cat $USER_DATA/mail.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo -n "DOMAIN,ANTIVIRUS,ANTISPAM,DKIM,CATCHALL,ACCOUNTS,U_DISK," + echo "SUSPENDED,TIME,DATE" + while read str; do + eval $str + echo -n "$DOMAIN,$ANTIVIRUS,$ANTISPAM,$DKIM,$CATCHALL,$ACCOUNTS," + echo "'$U_DISK,$SUSPENDED,$TIME,$DATE" + echo + done < <(cat $USER_DATA/mail.conf) +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -30,18 +94,12 @@ is_object_valid 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Defining fileds to select -conf=$USER_DATA/mail.conf -fields="\$DOMAIN \$ANTIVIRUS \$ANTISPAM \$DKIM \$ACCOUNTS \$U_DISK \$CATCHALL" -fields="$fields \$SUSPENDED \$TIME \$DATE" - -# Listing domains -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$DOMAIN $ANTIVIRUS $ANTISPAM $DKIM $ACCOUNTS $U_DISK $DATE'; - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-remote-dns-hosts b/bin/v-list-remote-dns-hosts index 00d265fdc..63249af23 100755 --- a/bin/v-list-remote-dns-hosts +++ b/bin/v-list-remote-dns-hosts @@ -9,36 +9,90 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep HOST $VESTA/conf/dns-cluster.conf |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$HOST'": { + "PORT": "'$PORT'", + "TYPE": "'$TYPE'", + "USER": "'$USER'", + "DNS_USER": "'$DNS_USER'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $VESTA/conf/dns-cluster.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "HOST PORT TYPE USER DNS_USER SPND DATE" + echo "---- ---- ---- ---- -------- ---- ----" + while read str; do + eval $str + echo "$HOST $PORT $TYPE $USER $DNS_USER $SUSPENDED $DATE" + done < <(cat $VESTA/conf/dns-cluster.conf) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$HOST\t$PORT\t$TYPE\t$USER\t$DNS_USER\t" + echo -e "$SUSPENDED\t$TIME\t$DATE" + done < <(cat $VESTA/conf/dns-cluster.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "HOST,PORT,TYPE,USER,DNS_USER,SUSPENDED,TIME,DATE" + while read str; do + eval $str + echo "$HOST,$PORT,$TYPE,$USER,$DNS_USER,$SUSPENDED,$TIME,$DATE" + done < <(cat $VESTA/conf/dns-cluster.conf) +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# +if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then + exit +fi + #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Check config -conf=$VESTA/conf/dns-cluster.conf -if [ ! -e "$conf" ]; then - exit -fi - -# Defining fileds to select -fields='$HOST $USER $DNS_USER $SUSPENDED $TIME $DATE' - +# Listing data case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) shell_list| column -t ;; - *) check_args '1' '0' 'USER [FORMAT]';; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-sys-clamd-config b/bin/v-list-sys-clamd-config new file mode 100755 index 000000000..1bb614b96 --- /dev/null +++ b/bin/v-list-sys-clamd-config @@ -0,0 +1,73 @@ +#!/bin/bash +# info: list clamd config parameters +# options: [FORMAT] +# +# The function for obtaining the list of clamd config parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{ + "CONFIG": { + "config_path": "'$config_path'" + } +}' +} + +# SHELL list function +shell_list() { + echo "config_path: $config_path" +} + +# PLAIN list function +plain_list() { + echo "$config_path" +} + +# CSV list function +csv_list() { + echo "config_path" + echo "$config_path" +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining config path +if [ -e '/etc/clamav/clamd.conf' ]; then + config_path='/etc/clamav/clamd.conf' +else + if [ -e '/etc/clamd.conf' ]; then + config_path='/etc/clamd.conf' + fi + if [ -e '/etc/clamd.d/clamd.conf' ]; then + config_path='/etc/clamav/clamd.conf' + fi +fi + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-config b/bin/v-list-sys-config index 740290294..7764af29c 100755 --- a/bin/v-list-sys-config +++ b/bin/v-list-sys-config @@ -1,5 +1,5 @@ #!/bin/bash -# info: list system config +# info: list system configuration # options: [FORMAT] # # The function for obtaining the list of system parameters. @@ -9,36 +9,185 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} -# Json function -json_list_conf() { - lines=$(wc -l $VESTA/conf/vesta.conf | cut -f 1 -d ' ') - i='0' - IFS=$'\n' - echo -e "{\n\t\"config\": {" - for str in $(cat $VESTA/conf/vesta.conf); do - (( ++i)) - key=${str%%=*} - value=${str#*=} - if [ "$i" -lt "$lines" ]; then - echo -e "\t\t\"$key\": \"${value//\'/}\"," - else - echo -e "\t\t\"$key\": \"${value//\'/}\"" - fi - done - echo -e "\t}\n}" +source $VESTA/conf/vesta.conf + +# JSON list function +json_list() { + echo '{ + "config": { + "WEB_SYSTEM": "'$WEB_SYSTEM'", + "WEB_RGROUPS": "'$WEB_RGROUPS'", + "WEB_PORT": "'$WEB_PORT'", + "WEB_SSL": "'$WEB_SSL'", + "WEB_SSL_PORT": "'$WEB_SSL_PORT'", + "WEB_BACKEND": "'$WEB_BACKEND'", + "PROXY_SYSTEM": "'$PROXY_SYSTEM'", + "PROXY_PORT": "'$PROXY_PORT'", + "PROXY_SSL_PORT": "'$PROXY_SSL_PORT'", + "FTP_SYSTEM": "'$FTP_SYSTEM'", + "MAIL_SYSTEM": "'$MAIL_SYSTEM'", + "IMAP_SYSTEM": "'$IMAP_SYSTEM'", + "ANTIVIRUS_SYSTEM": "'$ANTIVIRUS_SYSTEM'", + "ANTISPAM_SYSTEM": "'$ANTISPAM_SYSTEM'", + "DB_SYSTEM": "'$DB_SYSTEM'", + "DNS_SYSTEM": "'$DNS_SYSTEM'", + "DNS_CLUSTER": "'$DNS_CLUSTER'", + "STATS_SYSTEM": "'$STATS_SYSTEM'", + "BACKUP_SYSTEM": "'$BACKUP_SYSTEM'", + "CRON_SYSTEM": "'$CRON_SYSTEM'", + "DISK_QUOTA": "'$DISK_QUOTA'", + "FIREWALL_SYSTEM": "'$FIREWALL_SYSTEM'", + "FIREWALL_EXTENSION": "'$FIREWALL_EXTENSION'", + "FILEMANAGER_KEY": "'$FILEMANAGER_KEY'", + "SFTPJAIL_KEY": "'$SFTPJAIL_KEY'", + "REPOSITORY": "'$REPOSITORY'", + "VERSION": "'$VERSION'", + "LANGUAGE": "'$LANGUAGE'", + "BACKUP_GZIP": "'$BACKUP_GZIP'", + "BACKUP": "'$BACKUP'", + "MAIL_URL": "'$MAIL_URL'", + "DB_PMA_URL": "'$DB_PMA_URL'", + "DB_PGA_URL": "'$DB_PGA_URL'", + "SOFTACULOUS": "'$SOFTACULOUS'", + "MAIL_CERTIFICATE": "'$MAIL_CERTIFICATE'", + "VESTA_CERTIFICATE": "'$VESTA_CERTIFICATE'" + } +}' } -# Shell function -shell_list_conf() { - IFS=$'\n' - for str in $(cat $VESTA/conf/vesta.conf); do - key=${str%%=*} - value=${str#*=} - echo "$key: ${value//\'/}" - done +# Shell list +shell_list() { + if [ ! -z "$WEB_SYSTEM" ]; then + echo "WEB Server: $WEB_SYSTEM:$WEB_PORT ($WEB_RGROUPS)" + echo "SSL Support: $WEB_SSL:$WEB_SSL_PORT" + fi + if [ ! -z "$WEB_BACKEND" ]; then + echo "WEB Backend: $WEB_BACKEND" + fi + if [ ! -z "$PROXY_SYSTEM" ]; then + echo "Proxy Server: $PROXY_SYSTEM:$PROXY_PORT" + echo "Proxy SSL: $PROXY_SYSTEM:$PROXY_SSL_PORT" + fi + if [ ! -z "$STATS_SYSTEM" ]; then + echo "Web Stats: ${STATS_SYSTEM//,/, }" + fi + if [ ! -z "$FTP_SYSTEM" ]; then + echo "FTP Server: $FTP_SYSTEM" + fi + if [ ! -z "$MAIL_SYSTEM" ]; then + echo -n "Mail Server: $MAIL_SYSTEM" + if [ ! -z "$IMAP_SYSTEM" ]; then + echo -n " + $IMAP_SYSTEM" + fi + if [ ! -z "$ANTIVIRUS_SYSTEM" ]; then + echo -n " + $ANTIVIRUS_SYSTEM" + fi + if [ ! -z "$ANTISPAM_SYSTEM" ]; then + echo -n " + $ANTISPAM_SYSTEM" + fi + echo + if [ ! -z "$MAIL_URL" ]; then + echo "Web Mail: hostname + $MAIL_URL" + fi + fi + if [ ! -z "$DB_SYSTEM" ]; then + echo "Database: ${DB_SYSTEM//,/, }" + if [ ! -z "$DB_PMA_URL" ]; then + echo "PMA URL: $DB_PMA_URL" + fi + if [ ! -z "$DB_PGA_URL" ]; then + echo "PGA URL: $DB_PGA_URL" + fi + fi + if [ ! -z "$DNS_SYSTEM" ]; then + echo -n "DNS server: $DNS_SYSTEM" + if [ ! -z "$DNS_CLUSTER" ]; then + echo -n " (cluster)" + fi + echo + fi + if [ ! -z "$CRON_SYSTEM" ]; then + echo "CRON: $CRON_SYSTEM" + fi + if [ ! -z "$FIREWALL_SYSTEM" ]; then + echo -n "Firewall: $FIREWALL_SYSTEM" + if [ ! -z "$FIREWALL_EXTENSION" ]; then + echo -n "+ $FIREWALL_EXTENSION" + fi + echo + fi + if [ ! -z "$BACKUP_SYSTEM" ]; then + echo "Backups: ${BACKUP_SYSTEM//,/, }" + if [ ! -z "$BACKUP" ]; then + echo "Backup Dir: $BACKUP" + fi + fi + if [ ! -z "$DISK_QUOTA" ]; then + echo "Disk Quota: $DISK_QUOTA" + fi + if [ ! -z "$FILEMANAGER_KEY" ]; then + echo "FileManager: $FILEMANAGER_KEY" + fi + if [ ! -z "$SFTPJAIL_KEY" ]; then + echo "SFTP Chroot: $SFTPJAIL_KEY" + fi + if [ ! -z "$SOFTACULOUS" ]; then + echo "Softaculous: $SOFTACULOUS" + fi + if [ ! -z "$LANGUAGE" ] && [ "$LANGUAGE" != 'en' ]; then + echo "Language: $LANGUAGE" + fi + if [ ! -z "$MAIL_CERTIFICATE" ]; then + echo "Mail SSL: $MAIL_CERTIFICATE" + fi + if [ ! -z "$VESTA_CERTIFICATE" ]; then + echo "Vesta SSL: $VESTA_CERTIFICATE" + fi + echo "Version: $VERSION" +} + +# PLAIN list function +plain_list() { + echo -ne "$WEB_SYSTEM\t$WEB_RGROUPS\t$WEB_PORT\t$WEB_SSL\t" + echo -ne "$WEB_SSL_PORT\t$WEB_BACKEND\t$PROXY_SYSTEM\t$PROXY_PORT\t" + echo -ne "$PROXY_SSL_PORT\t$FTP_SYSTEM\t$MAIL_SYSTEM\t$IMAP_SYSTEM\t" + echo -ne "$ANTIVIRUS_SYSTEM\t$ANTISPAM_SYSTEM\t$DB_SYSTEM\t" + echo -ne "$DNS_SYSTEM\t$DNS_CLUSTER\t$STATS_SYSTEM\t$BACKUP_SYSTEM\t" + echo -ne "$CRON_SYSTEM\t$DISK_QUOTA\t$FIREWALL_SYSTEM\t" + echo -ne "$FIREWALL_EXTENSION\t$FILEMANAGER_KEY\t$SFTPJAIL_KEY\t" + echo -ne "$REPOSITORY\t$VERSION\t$LANGUAGE\t$BACKUP_GZIP\t$BACKUP\t" + echo -ne "$MAIL_URL\t$DB_PMA_URL\t$DB_PGA_URL\t$MAIL_CERTIFICATE\t" + echo -e "$VESTA_CERTIFICATE" +} + + +# CSV list +csv_list() { + echo -n "'WEB_SYSTEM','WEB_RGROUPS','WEB_PORT','WEB_SSL'," + echo -n "'WEB_SSL_PORT','WEB_BACKEND','PROXY_SYSTEM','PROXY_PORT'," + echo -n "'PROXY_SSL_PORT','FTP_SYSTEM','MAIL_SYSTEM','IMAP_SYSTEM'," + echo -n "'ANTIVIRUS_SYSTEM','ANTISPAM_SYSTEM','DB_SYSTEM'," + echo -n "'DNS_SYSTEM','DNS_CLUSTER','STATS_SYSTEM','BACKUP_SYSTEM'," + echo -n "'CRON_SYSTEM','DISK_QUOTA','FIREWALL_SYSTEM'," + echo -n "'FIREWALL_EXTENSION','FILEMANAGER_KEY','SFTPJAIL_KEY'," + echo -n "'REPOSITORY','VERSION','LANGUAGE','BACKUP_GZIP','BACKUP'," + echo -n "'MAIL_URL','DB_PMA_URL','DB_PGA_URL', 'SOFTACULOUS'," + echo -n "'MAIL_CERTIFICATE','VESTA_CERTIFICATE'" + echo + echo -n "'$WEB_SYSTEM','$WEB_RGROUPS','$WEB_PORT','$WEB_SSL'," + echo -n "'$WEB_SSL_PORT','$WEB_BACKEND','$PROXY_SYSTEM','$PROXY_PORT'," + echo -n "'$PROXY_SSL_PORT','$FTP_SYSTEM','$MAIL_SYSTEM','$IMAP_SYSTEM'," + echo -n "'$ANTIVIRUS_SYSTEM','$ANTISPAM_SYSTEM','$DB_SYSTEM'," + echo -n "'$DNS_SYSTEM','$DNS_CLUSTER','$STATS_SYSTEM','$BACKUP_SYSTEM'," + echo -n "'$CRON_SYSTEM','$DISK_QUOTA','$FIREWALL_SYSTEM'," + echo -n "'$FIREWALL_EXTENSION','$FILEMANAGER_KEY','$SFTPJAIL_KEY'," + echo -n "'$REPOSITORY','$VERSION','$LANGUAGE','$BACKUP_GZIP','$BACKUP'," + echo -n "'$MAIL_URL','$DB_PMA_URL','$DB_PGA_URL', '$SOFTACULOUS'" + echo -n "'$MAIL_CERTIFICATE','$VESTA_CERTIFICATE'" + echo } @@ -46,11 +195,12 @@ shell_list_conf() { # Action # #----------------------------------------------------------# -# Listing system config -case $format in - json) json_list_conf ;; - plain) shell_list_conf ;; - shell) shell_list_conf | column -t ;; +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-sys-cpu-status b/bin/v-list-sys-cpu-status new file mode 100755 index 000000000..290ad5b24 --- /dev/null +++ b/bin/v-list-sys-cpu-status @@ -0,0 +1,42 @@ +#!/bin/bash +# info: list system cpu info +# options: [FORMAT] +# +# The function lists cpu information + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +#format=${1-shell} + +# Includes +#source $VESTA/func/main.sh + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Displaying top 30 +top -b -n1 | head -n 37 +echo -en "\n-------------------------------------" +echo -en "-------------------------------------\n\n" + +# Displaying process tree +pstree -s +echo -en "\n-------------------------------------" +echo -en "-------------------------------------\n\n" + +# Displaying CPU information +grep 'model name' /proc/cpuinfo|cut -f 2 -d : | sed "s/ //" +echo +lscpu 2>/dev/null + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-db-status b/bin/v-list-sys-db-status new file mode 100755 index 000000000..d3dbe2f7b --- /dev/null +++ b/bin/v-list-sys-db-status @@ -0,0 +1,83 @@ +#!/bin/bash +# info: list db status +# options: [FORMAT] +# +# The function lists db server status + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +#format=${1-shell} + +# Includes +#source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking db system +if [ -z "$DB_SYSTEM" ]; then + exit +fi + +# Checking supported database systems +for db in $(echo $DB_SYSTEM| tr ',' '\n'); do + OLD_IFS="$IFS" + IFS=$'\n' + + # Checking database config + if [ -e "$VESTA/conf/$db.conf" ]; then + + # Checking server status + for host_str in $(cat $VESTA/conf/$db.conf); do + eval $host_str + + # Checking MySQL + if [ "$db" = 'mysql' ]; then + mycnf="$VESTA/conf/.mysql.$HOST" + if [ ! -e "$mycnf" ]; then + echo "[client]">$mycnf + echo "host='$HOST'" >> $mycnf + echo "user='$USER'" >> $mycnf + echo "password='$PASSWORD'" >> $mycnf + chmod 600 $mycnf + else + mypw=$(grep password $mycnf|cut -f 2 -d \') + if [ "$mypw" != "$PASSWORD" ]; then + echo "[client]">$mycnf + echo "host='$HOST'" >> $mycnf + echo "user='$USER'" >> $mycnf + echo "password='$PASSWORD'" >> $mycnf + chmod 660 $mycnf + fi + fi + echo "MySQL $HOST status" + mysqladmin --defaults-file=$mycnf status |sed -e "s/ /\n/g" + echo + mysqladmin --defaults-file=$mycnf processlist + echo -en "\n-------------------------------------" + echo -en "-------------------------------------\n\n" + fi + + # Checking PostgreSQL + if [ "$db" = 'pgsql' ] && [ ! -z "$(which psql)" ]; then + echo "PostgreSQL $HOST status" + export PGPASSWORD="$PASSWORD" + psql -h $HOST -U $USER -c "SELECT * FROM pg_stat_activity" + fi + done + fi + IFS="$OLD_IFS" +done + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-disk-status b/bin/v-list-sys-disk-status new file mode 100755 index 000000000..5596a449c --- /dev/null +++ b/bin/v-list-sys-disk-status @@ -0,0 +1,40 @@ +#!/bin/bash +# info: list disk information +# options: [FORMAT] +# +# The function lists disk information + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +#format=${1-shell} + +# Includes +#source $VESTA/func/main.sh + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Displaying disk usage +df -h +echo -en "\n-------------------------------------" +echo -en "-------------------------------------\n\n" + +# Displaying I/O usage +iostat -m +echo -en "\n-------------------------------------" +echo -en "-------------------------------------\n\n" + +# Displaying disk information +fdisk -l + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-dns-status b/bin/v-list-sys-dns-status new file mode 100755 index 000000000..b657bc891 --- /dev/null +++ b/bin/v-list-sys-dns-status @@ -0,0 +1,75 @@ +#!/bin/bash +# info: list dns status +# options: [FORMAT] +# +# The function lists dns server status + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +#format=${1-shell} + +# Includes +#source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking dns system +if [ -z "$DNS_SYSTEM" ]; then + exit +fi + +# Checking statistics-file on RHEL/CentOS +if [ -e "/etc/named/named.conf" ]; then + conf="/etc/named/named.conf" + dump_file='/var/named/data/named_stats.txt' + dump_option=" dump-file \"$dump_file\";" + opt_check=$(grep $dump_file $conf |grep -v //) + if [ -z "$opt_check" ]; then + sed -i "s|options {|options {\n$dump_option|" $conf + service named restart >/dev/null 2>&1 + fi +fi +if [ -e "/etc/named.conf" ]; then + conf="/etc/named.conf" + dump_file='/var/named/data/named_stats.txt' + dump_option=" dump-file \"$dump_file\";" + opt_check=$(grep $dump_file $conf |grep -v //) + if [ -z "$opt_check" ]; then + sed -i "s|options {|options {\n$dump_option|" $conf + service named restart >/dev/null 2>&1 + fi +fi + +# Checking statistics-file on Debian/Ubuntu +if [ -e "/etc/bind/named.conf" ]; then + conf="/etc/bind/named.conf.options" + dump_file='/var/cache/bind/named.stats' + #dump_option=" dump-file \"$dump_file\";" + #opt_check=$(grep $dump_file $conf |grep -v //) + #if [ -z "$opt_check" ]; then + # sed -i "s|options {|options {\n$dump_option|" $conf + # service named restart >/dev/null 2>&1 + #fi +fi + +# Generating dns stats +rm -f $dump_file 2>/dev/null +/usr/sbin/rndc stats 2>/dev/null + +# Displaying dns status +if [ -e "$dump_file" ]; then + cat $dump_file +fi + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-dovecot-config b/bin/v-list-sys-dovecot-config new file mode 100755 index 000000000..873755866 --- /dev/null +++ b/bin/v-list-sys-dovecot-config @@ -0,0 +1,103 @@ +#!/bin/bash +# info: list dovecot config parameters +# options: [FORMAT] +# +# The function for obtaining the list of dovecot config parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{ + "CONFIG": { + "config_path": "'$config_path'", + "config_path1": "'$config_path1'", + "config_path2": "'$config_path2'", + "config_path3": "'$config_path3'", + "config_path4": "'$config_path4'", + "config_path5": "'$config_path5'", + "config_path6": "'$config_path6'", + "config_path7": "'$config_path7'", + "config_path8": "'$config_path8'" + } +}' +} + +# SHELL list function +shell_list() { + echo "config_path: $config_path" + echo "config_path1: $config_path1" + echo "config_path2: $config_path2" + echo "config_path3: $config_path3" + echo "config_path4: $config_path4" + echo "config_path5: $config_path5" + echo "config_path6: $config_path6" + echo "config_path7: $config_path7" + echo "config_path8: $config_path8" +} + +# PLAIN list function +plain_list() { + echo -en "$config_path\t" + echo -en "$config_path1\t" + echo -en "$config_path2\t" + echo -en "$config_path3\t" + echo -en "$config_path4\t" + echo -en "$config_path5\t" + echo -en "$config_path6\t" + echo -en "$config_path7\t" + echo -e "$config_path8\t" +} + +# CSV list function +csv_list() { + echo -n "config_path,config_path1,config_path2,config_path3," + echo "config_path4,config_path5,config_path6,config_path7,config_path8" + echo -n "$config_path,$config_path1,$config_path2,$config_path3," + echo -n "$config_path4,$config_path5,$config_path6,$config_path7," + echo "$config_path8" +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining config path +if [ -e '/etc/dovecot.conf' ]; then + config_path='/etc/dovecot.conf' +else + config_path='/etc/dovecot/dovecot.conf' + config_path1='/etc/dovecot/conf.d/10-auth.conf' + config_path2='/etc/dovecot/conf.d/10-logging.conf' + config_path3='/etc/dovecot/conf.d/10-mail.conf' + config_path4='/etc/dovecot/conf.d/10-master.conf' + config_path5='/etc/dovecot/conf.d/10-ssl.conf' + config_path6='/etc/dovecot/conf.d/20-imap.conf' + config_path7='/etc/dovecot/conf.d/20-pop3.conf' + config_path8='/etc/dovecot/conf.d/auth-passwdfile.conf.ext' +fi + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-info b/bin/v-list-sys-info index 4a32679d5..0072b82b7 100755 --- a/bin/v-list-sys-info +++ b/bin/v-list-sys-info @@ -9,12 +9,44 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + echo '{' + echo ' "sysinfo": { + "HOSTNAME": "'$HOSTNAME'", + "OS": "'$OS'", + "VERSION": "'$VERSION'", + "ARCH": "'$ARCH'", + "UPTIME": "'$UPTIME'", + "LOADAVERAGE": "'$LOADAVERAGE'" + }' + echo '}' +} + +# SHELL list function +shell_list() { + echo "HOSTNAME OS VER ARCH UPTIME LA" + echo "-------- -- --- ---- ------ --" + echo "$HOSTNAME $OS $VERSION $ARCH $UPTIME $LOADAVERAGE" +} + +# PLAIN list function +plain_list() { + echo -e "$HOSTNAME\t$OS\t$VERSION\t$ARCH\t$UPTIME\t$LOADAVERAGE" +} + +# CSV list function +csv_list() { + echo "HOSTNAME,OS,VERSION,ARCH,UPTIME,LOADAVERAGE" + echo "$HOSTNAME,$OS,$VERSION,$ARCH,$UPTIME,$LOADAVERAGE" +} + #----------------------------------------------------------# # Action # @@ -24,19 +56,20 @@ source $VESTA/func/main.sh HOSTNAME=$(hostname) # Check OS/Release -if [ -e '/etc/redhat-release' ]; then - if [ ! -z "$(grep CentOS /etc/redhat-release)" ]; then +if [ -d '/etc/sysconfig' ]; then + if [ -e '/etc/redhat-release' ]; then OS='CentOS' + VERSION=$(cat /etc/redhat-release |tr ' ' '\n' |grep [0-9]) else - OS="RHEL" + OS="Amazon" + VERSION=$(cat /etc/issue |tr ' ' '\n' |grep [0-9]) fi - VERSION=$(cat /etc/redhat-release | tr ' ' '\n' |grep [0-9]) else - if [ -e '/etc/lsb-release' ] && [ -e '/etc/debian_version' ]; then + if [ "$(lsb_release -si)" == "Ubuntu" ] && [ -e '/etc/debian_version' ]; then OS="Ubuntu" - VERSION=$(grep DISTRIB_RELEASE /etc/lsb-release| cut -f 2 -d '=') + VERSION=$(grep DISTRIB_RELEASE /etc/lsb-release |cut -f 2 -d '=') else - distro=$(head -n1 /etc/issue | cut -f 1 -d ' ') + distro=$(head -n1 /etc/issue |cut -f 1 -d ' ') if [ "$distro" = 'Debian' ]; then OS="Debian" VERSION=$(cat /etc/debian_version) @@ -52,36 +85,19 @@ ARCH=$(arch) # Check uptime UPTIME=$(cat /proc/uptime |cut -f 1 -d ' '|cut -f 1 -d .) -UPTIME="$(echo $UPTIME / 60 | bc)" +UPTIME="$(echo $UPTIME / 60 |bc)" # Check LoadAverage LOADAVERAGE=$(cat /proc/loadavg |cut -f 1 -d ' ') -# Create tmp file -tmp_file=$(mktemp) - -# Define key/value pairs -str="SYS='sysinfo' HOSTNAME='$HOSTNAME' OS='$OS' VERSION='$VERSION'" -str="$str ARCH='$ARCH' UPTIME='$UPTIME' LOADAVERAGE='$LOADAVERAGE'" - -# Defining config -echo -e "$str" > $tmp_file -conf=$tmp_file - -# Defining fileds to select -fields="\$SYS \$HOSTNAME \$OS \$VERSION \$ARCH \$UPTIME \$LOADAVERAGE" - -# Listing services +# Listing data case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields="\$HOSTNAME \$OS \$VERSION \$ARCH \$UPTIME \$LOADAVERAGE" - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac -rm -f $tmp_file - #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# diff --git a/bin/v-list-sys-interfaces b/bin/v-list-sys-interfaces index 3bc8be1ef..990d9cfd8 100755 --- a/bin/v-list-sys-interfaces +++ b/bin/v-list-sys-interfaces @@ -9,37 +9,49 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_iface() { - dev=$(cat /proc/net/dev |grep : |cut -f 1 -d : |tr -d ' ' |grep -v lo) - int_counter=$(echo "$dev" | wc -l) +# JSON list function +json_list() { + objects=$(echo "$interfaces" |wc -l) i=1 echo '[' - for interface in $dev; do - if [ "$i" -lt "$int_counter" ]; then - echo -e "\t\"$interface\"," + for interface in $interfaces; do + echo -n ' "'$interface'"' + if [ "$i" -lt "$objects" ]; then + echo ',' else - echo -e "\t\"$interface\"" + echo fi - (( ++i)) + ((i++)) done - echo "]" + echo ']' } -# Shell function -shell_list_iface() { - dev=$(cat /proc/net/dev |grep : |cut -f 1 -d : |tr -d ' ' |grep -v lo) - if [ -z "$nohead" ]; then - echo "INTERFACES" - echo "----------" - fi - for interface in $dev; do +# SHELL list function +shell_list() { + echo "INTERFACE" + echo "---------" + for interface in $interfaces; do + echo "$interface" + done +} + +# PLAIN list function +plain_list() { + for interface in $interfaces; do + echo "$interface" + done +} + +# CSV list function +csv_list() { + echo "INTERFACE" + for interface in $interfaces; do echo "$interface" done } @@ -49,12 +61,15 @@ shell_list_iface() { # Action # #----------------------------------------------------------# -# Listing domains -case $format in - json) json_list_iface ;; - plain) nohead=1; shell_list_iface ;; - shell) shell_list_iface ;; - *) check_args '1' '0' '[FORMAT]' ;; +# Defining interface list +interfaces=$(cat /proc/net/dev |grep : |cut -f 1 -d : |tr -d ' ' |grep -v lo) + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; esac diff --git a/bin/v-list-sys-ip b/bin/v-list-sys-ip index fac7d358d..3a7658c5a 100755 --- a/bin/v-list-sys-ip +++ b/bin/v-list-sys-ip @@ -9,52 +9,59 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition ip=$1 -IP=$ip format=${2-shell} # Includes source $VESTA/func/main.sh source $VESTA/func/ip.sh -# Json function -json_list_ip() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - ip_data=$(cat $VESTA/data/ips/$IP) +# JSON list function +json_list() { echo '{' - eval $ip_data - for field in $fields; do - eval value=$field - if [ $i -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ $fileds_count -eq $i ]; then - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e ' }' - fi - echo -e '}' + echo ' "'$ip'": { + "OWNER": "'$OWNER'", + "STATUS": "'$STATUS'", + "NAME": "'$NAME'", + "U_SYS_USERS": "'$U_SYS_USERS'", + "U_WEB_DOMAINS": "'$U_WEB_DOMAINS'", + "INTERFACE": "'$INTERFACE'", + "NETMASK": "'$NETMASK'", + "NAT": "'$NAT'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell function -shell_list_ip() { - line=$(cat $VESTA/data/ips/$IP) - eval $line - for field in $fields; do - eval key="$field" - if [ -z "$key" ]; then - key='NULL' - fi - echo "${field//$/}: $key " - done +# SHELL list function +shell_list() { + echo "IP: $ip" + echo "NETMASK: $NETMASK" + echo "INTERFACE: $INTERFACE" + echo "NAT: $NAT" + echo "OWNER: $OWNER" + echo "STATUS: $STATUS" + echo "NAME: $NAME" + echo "USERS: $U_SYS_USERS" + echo "DOMAINS: $U_WEB_DOMAINS" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -ne "$IP\t$OWNER\t$STATUS\t$NAME\t$U_SYS_USERS\t$U_WEB_DOMAINS\t" + echo -e "$INTERFACE\t$NETMASK\t$NAT\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo -n "IP,OWNER,STATUS,NAME,U_SYS_USERS,U_WEB_DOMAINS,INTERFACE" + echo "NETMASK,NAT,TIME,DATE" + echo -n "$IP,$OWNER,$STATUS,$NAME,\"$U_SYS_USERS\",$U_WEB_DOMAINS," + echo "$INTERFACE, $NETMASK,$NAT,$TIME,$DATE" } @@ -62,26 +69,26 @@ shell_list_ip() { # Verifications # #----------------------------------------------------------# -# Checking args check_args '1' "$#" 'IP [FORMAT]' -validate_format 'ip' -is_ip_valid +is_format_valid 'ip' +if [ ! -e "$VESTA/data/ips/$ip" ]; then + check_result $E_NOTEXIST "ip $ip doesn't exist" +fi + #----------------------------------------------------------# # Action # #----------------------------------------------------------# -conf=$VESTA/data/ips/$IP -# Defining fileds to select -fields='$IP $OWNER $STATUS $NAME $U_SYS_USERS $U_WEB_DOMAINS $INTERFACE - $NETMASK $NAT $TIME $DATE' +# Parsing ip +source $VESTA/data/ips/$ip -# Listing ip -case $format in - json) json_list_ip ;; - plain) shell_list_ip ;; - shell) shell_list_ip | column -t ;; - *) check_args '1' '0' 'IP [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-sys-ips b/bin/v-list-sys-ips index 85b5635e0..c4f3a8c0c 100755 --- a/bin/v-list-sys-ips +++ b/bin/v-list-sys-ips @@ -2,75 +2,79 @@ # info: list system ips # options: [FORMAT] # -# The function for obtaining the list of system ip's. +# The function for obtaining the list of system ip adresses. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_ips() { +# JSON list function +json_list() { echo '{' - ip_list=$(ls $VESTA/data/ips/) - fileds_count=$(echo "$fields" | wc -w) - for IP in $ip_list; do - ip_data=$(cat $VESTA/data/ips/$IP) - eval $ip_data - if [ -n "$data" ]; then - echo -e ' },' + ip_count=$(ls $VESTA/data/ips/ |wc -l) + i=1 + while read IP; do + source $VESTA/data/ips/$IP + echo -n ' "'$IP'": { + "OWNER": "'$OWNER'", + "STATUS": "'$STATUS'", + "NAME": "'$NAME'", + "U_SYS_USERS": "'$U_SYS_USERS'", + "U_WEB_DOMAINS": "'$U_WEB_DOMAINS'", + "INTERFACE": "'$INTERFACE'", + "NETMASK": "'$NETMASK'", + "NAT": "'$NAT'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$ip_count" ]; then + echo ',' + else + echo fi - i=1 - for field in $fields; do - eval value=$field - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"$value\"," - else - echo -e "\t\t\"${field//$/}\": \"$value\"" - data=1 - fi - fi - done - done - if [ -n "$data" ]; then - echo -e ' }' - fi - echo -e '}' + ((i++)) + done < <(ls $VESTA/data/ips/) + echo '}' } -# Shell function -shell_list_ips() { - ip_list=$(ls $VESTA/data/ips/) - if [ -z "$nohead" ]; then - echo "${fields//$/}" - for a in $fields; do - echo -e "--------- \c" - done - echo - fi - - for IP in $ip_list; do +# SHELL list function +shell_list() { + echo "IP MASK NAT STATUS WEB DATE" + echo "-- ---- --- ------ --- ----" + while read IP; do source $VESTA/data/ips/$IP - for field in $fields; do - eval value=$field - if [ -z "$value" ]; then - value='NULL' - fi - echo -n "$value " - done - echo - done + if [ -z "$NAT" ]; then + NAT='no' + fi + echo "$IP $NETMASK $NAT $STATUS $U_WEB_DOMAINS $DATE" + done < <(ls $VESTA/data/ips/) +} + +# PLAIN list function +plain_list() { + while read IP; do + source $VESTA/data/ips/$IP + echo -ne "$IP\t$OWNER\t$STATUS\t$NAME\t$U_SYS_USERS\t$U_WEB_DOMAINS\t" + echo -e "$INTERFACE\t$NETMASK\t$NAT\t$TIME\t$DATE" + done < <(ls $VESTA/data/ips/) +} + +# CSV list function +csv_list() { + echo -n "IP,OWNER,STATUS,NAME,U_SYS_USERS,U_WEB_DOMAINS,INTERFACE" + echo "NETMASK,NAT,TIME,DATE" + while read IP; do + source $VESTA/data/ips/$IP + echo -n "$IP,$OWNER,$STATUS,$NAME,\"$U_SYS_USERS\",$U_WEB_DOMAINS," + echo "$INTERFACE, $NETMASK,$NAT,$TIME,$DATE" + done < <(ls $VESTA/data/ips/) } @@ -78,18 +82,12 @@ shell_list_ips() { # Action # #----------------------------------------------------------# -# Defining fileds to select -conf=$VESTA/data/ips/* -fields="\$IP \$OWNER \$STATUS \$NAME \$U_SYS_USERS \$U_WEB_DOMAINS" -fields="$fields \$INTERFACE \$NETMASK \$NAT \$TIME \$DATE" - -# Listing ip addresses -case $format in - json) json_list_ips ;; - plain) nohead=1; shell_list_ips ;; - shell) fields='$IP $NETMASK $NAT $OWNER $U_WEB_DOMAINS'; - shell_list_ips | column -t ;; - *) check_args '1' '0' '[FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-sys-languages b/bin/v-list-sys-languages index 685bafc3f..041bc1236 100755 --- a/bin/v-list-sys-languages +++ b/bin/v-list-sys-languages @@ -10,19 +10,19 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_lang() { - int_counter=$(echo "$languages" | wc -l) +# JSON list function +json_list() { + objects=$(echo "$languages" |wc -l) i=1 echo '[' for lang in $languages; do - if [ "$i" -lt "$int_counter" ]; then + if [ "$i" -lt "$objects" ]; then echo -e "\t\"$lang\"," else echo -e "\t\"$lang\"" @@ -32,12 +32,25 @@ json_list_lang() { echo "]" } -# Shell function -shell_list_lang() { - if [ -z "$nohead" ]; then - echo "LANGUAGES" - echo "----------" - fi +# SHELL list function +shell_list() { + echo "LANGUAGE" + echo "--------" + for lang in $languages; do + echo "$lang" + done +} + +# PLAIN list function +plain_list() { + for lang in $languages; do + echo "$lang" + done +} + +# CSV list function +csv_list() { + echo "LANGUAGE" for lang in $languages; do echo "$lang" done @@ -48,15 +61,15 @@ shell_list_lang() { # Action # #----------------------------------------------------------# -# Check languages -languages=$(ls $VESTA/web/inc/i18n/|cut -f 1 -d .) +# Defining language list +languages=$(ls $VESTA/web/inc/i18n/ |cut -f 1 -d .) -# Listing domains +# Listing data case $format in - json) json_list_lang ;; - plain) nohead=1; shell_list_lang ;; - shell) shell_list_lang ;; - *) check_args '1' '0' '[FORMAT]' ;; + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; esac diff --git a/bin/v-list-sys-mail-ssl b/bin/v-list-sys-mail-ssl new file mode 100755 index 000000000..5da74e080 --- /dev/null +++ b/bin/v-list-sys-mail-ssl @@ -0,0 +1,135 @@ +#!/bin/bash +# info: list mail ssl certificate +# options: [FORMAT] +# +# The function of obtaining mail ssl files. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{' + echo -e "\t\"MAIL\": {" + echo " \"CRT\": \"$crt\"," + echo " \"KEY\": \"$key\"," + echo " \"CA\": \"$ca\"," + echo " \"SUBJECT\": \"$subj\"," + echo " \"ALIASES\": \"$alt_dns\"," + echo " \"NOT_BEFORE\": \"$before\"," + echo " \"NOT_AFTER\": \"$after\"," + echo " \"SIGNATURE\": \"$signature\"," + echo " \"PUB_KEY\": \"$pub_key\"," + echo " \"ISSUER\": \"$issuer\"" + echo -e "\t}\n}" +} + +# SHELL list function +shell_list() { + if [ ! -z "$crt" ]; then + echo -e "$crt" + fi + if [ ! -z "$key" ]; then + echo -e "\n$key" + fi + if [ ! -z "$crt" ]; then + echo + echo + echo "SUBJECT: $subj" + if [ ! -z "$alt_dns" ]; then + echo "ALIASES: ${alt_dns//,/ }" + fi + echo "VALID FROM: $before" + echo "VALID TIL: $after" + echo "SIGNATURE: $signature" + echo "PUB_KEY: $pub_key" + echo "ISSUER: $issuer" + fi +} + +# PLAIN list function +plain_list() { + if [ ! -z "$crt" ]; then + echo -e "$crt" + fi + if [ ! -z "$key" ]; then + echo -e "\n$key" + fi + if [ ! -z "$ca" ]; then + echo -e "\n$ca" + fi + if [ ! -z "$crt" ]; then + echo "$subj" + echo "${alt_dns//,/ }" + echo "$before" + echo "$after" + echo "$signature" + echo "$pub_key" + echo "$issuer" + fi + +} + +# CSV list function +csv_list() { + echo -n "CRT,KEY,CA,SUBJECT,ALIASES,NOT_BEFORE,NOT_AFTER,SIGNATURE," + echo "PUB_KEY,ISSUER" + echo -n "\"$crt\",\"$key\",\"$ca\",\"$subj\",\"${alt_dns//,/ }\"," + echo "\"$before\",\"$after\",\"$signature\",\"$pub_key\",\"$issuer\"" +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Parsing SSL certificate +if [ ! -e "$VESTA/ssl/mail.crt" ] || [ ! -e "$VESTA/ssl/mail.key" ]; then + exit +fi + +crt=$(cat $VESTA/ssl/mail.crt |sed ':a;N;$!ba;s/\n/\\n/g') +key=$(cat $VESTA/ssl/mail.key |sed ':a;N;$!ba;s/\n/\\n/g') + + +# Parsing SSL certificate details without CA +info=$(openssl x509 -text -in $VESTA/ssl/mail.crt) +subj=$(echo "$info" |grep Subject: |cut -f 2 -d =) +before=$(echo "$info" |grep Before: |sed -e "s/.*Before: //") +after=$(echo "$info" |grep "After :" |sed -e "s/.*After : //") +signature=$(echo "$info" |grep "Algorithm:" |head -n1 ) +signature=$(echo "$signature"| sed -e "s/.*Algorithm: //") +pub_key=$(echo "$info" |grep Public-Key: |cut -f2 -d \( | tr -d \)) +issuer=$(echo "$info" |grep Issuer: |sed -e "s/.*Issuer: //") +alt_dns=$(echo "$info" |grep DNS |sed -e 's/DNS:/\n/g' |tr -d ',') +alt_dns=$(echo "$alt_dns" |tr -d ' ' |sed -e "/^$/d") +alt_dns=$(echo "$alt_dns" |sed -e ':a;N;$!ba;s/\n/,/g') + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-mail-status b/bin/v-list-sys-mail-status new file mode 100755 index 000000000..fcf5fbc4b --- /dev/null +++ b/bin/v-list-sys-mail-status @@ -0,0 +1,46 @@ +#!/bin/bash +# info: list mail status +# options: [FORMAT] +# +# The function lists mail server status + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +#format=${1-shell} + +# Includes +#source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking mail system +if [ -z "$MAIL_SYSTEM" ]; then + exit +fi + +# Displaying exim queue status +echo "Exim queue status" +exim -bp +echo -en "\n-------------------------------------" +echo -en "-------------------------------------\n\n" + +# Displaying exim stats +if [ -e "/var/log/exim4/mainlog" ]; then + eximstats /var/log/exim4/mainlog 2>/dev/null +else + eximstats /var/log/exim/main.log 2>/dev/null +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-memory-status b/bin/v-list-sys-memory-status new file mode 100755 index 000000000..25b7ebff6 --- /dev/null +++ b/bin/v-list-sys-memory-status @@ -0,0 +1,40 @@ +#!/bin/bash +# info: list virtual memory info +# options: [FORMAT] +# +# The function lists virtual memory information + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +#format=${1-shell} + +# Includes +#source $VESTA/func/main.sh + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Displaying memory and swap usage +free -t -m +echo -en "\n-------------------------------------" +echo -en "-------------------------------------\n\n" + +# Displaying memory stats +vmstat -S m -s +echo -en "\n-------------------------------------" +echo -en "-------------------------------------\n\n" + +# Displaying ram information +dmidecode -t 17 2>/dev/null + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-mysql-config b/bin/v-list-sys-mysql-config new file mode 100755 index 000000000..bf297aab0 --- /dev/null +++ b/bin/v-list-sys-mysql-config @@ -0,0 +1,82 @@ +#!/bin/bash +# info: list mysql config parameters +# options: [FORMAT] +# +# The function for obtaining the list of mysql config parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +# JSON list function +json_list() { + eval $(echo "$config"|egrep "$keys"|\ + sed -e "s/[ ]*=/=/" -e "s/=[ ]*/=\'/" -e "s/$/'/") + echo '{ + "CONFIG": { + "max_user_connections": "'$max_user_connections'", + "max_connections": "'$max_connections'", + "wait_timeout": "'$wait_timeout'", + "interactive_timeout": "'$interactive_timeout'", + "max_allowed_packet": "'$max_allowed_packet'", + "config_path": "'$config_path'" + } +}' +} + +# SHELL list function +shell_list() { + echo "$config" |egrep "$keys" |tr '=' ' ' + echo "config_path $config_path" +} + +# PLAIN list function +plain_list() { + echo "$config" |egrep "$keys" |tr '=' ' ' + echo "config_path $config_path" +} + +# CSV list function +csv_list() { + echo "$keys" |sed "s/|/,/g" + echo "$config" |egrep "$keys" |tr '=' ' ' |awk '{print $2}' |tr '\n' ',' + echo +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining config path +config_path=$(find /etc/my* -name my.cnf) + +# Defining keys +keys="max_user_connections|max_connections|wait_timeout|interactive_timeout" +keys="${keys}|max_allowed_packet" + +# Reading config +config=$(cat $config_path|grep -v "^;") + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-network-status b/bin/v-list-sys-network-status new file mode 100755 index 000000000..8414f8009 --- /dev/null +++ b/bin/v-list-sys-network-status @@ -0,0 +1,40 @@ +#!/bin/bash +# info: list system network status +# options: [FORMAT] +# +# The function lists network status + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +#format=${1-shell} + +# Includes +#source $VESTA/func/main.sh + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Displaying network stats +ss -s +echo -en "\n-------------------------------------" +echo -en "-------------------------------------\n\n" + +# Displaying network usage +lsof -itcp -n -P +echo -en "\n-------------------------------------" +echo -en "-------------------------------------\n\n" + +# Displaying network interfaces +ifconfig + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-nginx-config b/bin/v-list-sys-nginx-config new file mode 100755 index 000000000..c365caa78 --- /dev/null +++ b/bin/v-list-sys-nginx-config @@ -0,0 +1,88 @@ +#!/bin/bash +# info: list nginx config parameters +# options: [FORMAT] +# +# The function for obtaining the list of nginx config parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + eval $(echo "$config" |egrep "$keys" |tr -d ';'| awk '{print $1"="$2}') + echo '{ + "CONFIG": { + "worker_processes": "'$worker_processes'", + "worker_connections": "'$worker_connections'", + "send_timeout": "'$send_timeout'", + "proxy_connect_timeout": "'$proxy_connect_timeout'", + "proxy_send_timeout": "'$proxy_send_timeout'", + "proxy_read_timeout": "'$proxy_read_timeout'", + "client_max_body_size": "'$client_max_body_size'", + "gzip": "'$gzip'", + "gzip_comp_level": "'$gzip_comp_level'", + "charset": "'$charset'", + "config_path": "'$config_path'" + } +}' +} + +# SHELL list function +shell_list() { + echo "$config" |egrep "$keys" |tr -d ';' + echo "config_path $config_path" +} + +# PLAIN list function +plain_list() { + echo "$config" |egrep "$keys" |tr -d ';' + echo "config_path $config_path" +} + +# CSV list function +csv_list() { + echo "$keys" |sed "s/ |/,/g" + echo "$config" |egrep "$keys" |awk '{print $2}' |tr -d ';' |tr '\n' ',' + echo +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining config path +config_path='/etc/nginx/nginx.conf' + +# Defining keys +keys="worker_processes |worker_connections |send_timeout" +keys="$keys |proxy_connect_timeout |proxy_send_timeout" +keys="$keys |proxy_read_timeout |client_max_body_size" +keys="$keys |gzip |gzip_comp_level |charset " + + +# Reading nginx config +config=$(cat $config_path) + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-pgsql-config b/bin/v-list-sys-pgsql-config new file mode 100755 index 000000000..f568f1079 --- /dev/null +++ b/bin/v-list-sys-pgsql-config @@ -0,0 +1,70 @@ +#!/bin/bash +# info: list postgresql config parameters +# options: [FORMAT] +# +# The function for obtaining the list of postgresql config parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{ + "CONFIG": { + "pg_hba_path": "'$pg_hba_path'", + "config_path": "'$config_path'" + } +}' +} + +# SHELL list function +shell_list() { + echo "config_path: $config_path" + echo "pg_hba_path: $pg_hba_path" +} + +# PLAIN list function +plain_list() { + echo -e "$config_path\t$pg_hba_path" +} + +# CSV list function +csv_list() { + echo "config_path,pg_hba_path" + echo "$config_path,$pg_hba_path" +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining config path +config_path=$(find /etc/postgresql /var/lib/pgsql/data -name \ + postgresql.conf 2>/dev/null) +pg_hba_path=$(find /etc/postgresql /var/lib/pgsql/data -name \ + pg_hba.conf 2>/dev/null) + + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-php-config b/bin/v-list-sys-php-config new file mode 100755 index 000000000..b00902719 --- /dev/null +++ b/bin/v-list-sys-php-config @@ -0,0 +1,94 @@ +#!/bin/bash +# info: list php config parameters +# options: [FORMAT] +# +# The function for obtaining the list of php config parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +# JSON list function +json_list() { + eval $(echo "$config"|egrep "$keys"|\ + sed -e "s/[ ]*=/=/" -e "s/=[ ]*/=\'/" -e "s/$/'/") + echo '{ + "CONFIG": { + "memory_limit": "'$memory_limit'", + "max_execution_time": "'$max_execution_time'", + "max_input_time": "'$max_input_time'", + "upload_max_filesize": "'$upload_max_filesize'", + "post_max_size": "'$post_max_size'", + "display_errors": "'$display_errors'", + "error_reporting": "'$error_reporting'", + "config_path": "'$config_path'" + } +}' +} + +# SHELL list function +shell_list() { + echo "$config" |egrep "$keys" |tr -d '=' + echo "config_path $config_path" +} + +# PLAIN list function +plain_list() { + echo "$config" |egrep "$keys" |tr -d '=' + echo "config_path $config_path" +} + +# CSV list function +csv_list() { + echo "$keys" |sed "s/ |/,/g" + echo "$config" |egrep "$keys" |tr -d '=' |awk '{print $2}' |tr '\n' ',' + echo +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining config path +config_path=$(find /etc/php* -name php.ini) +config_count=$(echo "$config_path" |wc -l) +if [ "$config_count" -gt 1 ]; then + if [ "$WEB_SYSTEM" = "nginx" ]; then + config_path=$(echo "$config_path"| grep fpm) + else + config_path=$(echo "$config_path"| grep apache) + fi +fi + + +# Defining keys +keys="memory_limit |max_execution_time |max_input_time" +keys="$keys |upload_max_filesize |post_max_size" +keys="$keys |display_errors |error_reporting " + +# Reading config +config=$(cat $config_path|grep -v "^;") + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-proftpd-config b/bin/v-list-sys-proftpd-config new file mode 100755 index 000000000..f0b35502f --- /dev/null +++ b/bin/v-list-sys-proftpd-config @@ -0,0 +1,64 @@ +#!/bin/bash +# info: list proftpd config parameters +# options: [FORMAT] +# +# The function for obtaining the list of proftpd config parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{ + "CONFIG": { + "config_path": "'$config_path'" + } +}' +} + +# SHELL list function +shell_list() { + echo "config_path: $config_path" +} + +# PLAIN list function +plain_list() { + echo "$config_path" +} + +# CSV list function +csv_list() { + echo "config_path" + echo "$config_path" +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining config path +config_path=$(find /etc/proftpd* -name proftpd.conf 2>/dev/null) + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-rrd b/bin/v-list-sys-rrd index 2dc026b91..d746896c4 100755 --- a/bin/v-list-sys-rrd +++ b/bin/v-list-sys-rrd @@ -15,10 +15,16 @@ format=${1-shell} source $VESTA/func/main.sh source $VESTA/conf/vesta.conf -# Define json function -json_list_rrd() { +# JSON list function +json_list() { i=1 echo "{" + + # Generating timestamp + time_n_date=$(date +'%T %F') + TIME=$(echo "$time_n_date" |cut -f 1 -d \ ) + DATE=$(echo "$time_n_date" |cut -f 2 -d \ ) + for type in $rrd_types; do for rrd in $(ls $RRD/$type |grep rrd$ |sed "s/\.rrd$//g"); do if [ "$i" -ne 1 ]; then @@ -61,12 +67,37 @@ json_list_rrd() { echo "}" } -# Define jshell function -shell_list_rrd() { - if [ -z "$nohead" ]; then - echo "PATH" - echo "---------" - fi +# SHELL list function +shell_list() { + echo "TYPE VAL_1 VAL_2 VAL_3 TIME DATE" + echo "---- ----- ----- ----- ---- ----" + for type in $rrd_types; do + for rrd in $(ls $RRD/$type |grep rrd$ |sed "s/\.rrd$//g"); do + rrd_type=$(echo "$rrd" |tr '[:lower:]' '[:upper:]') + rrd_data=$(rrdtool fetch "$RRD/$type/$rrd.rrd" AVERAGE -e 0 -s 0) + rrd_data=$(echo "$rrd_data" |tail -n 1) + rrd_timestamp=$(echo "$rrd_data" |cut -f 1 -d :) + rrd_time=$(date -d "@$rrd_timestamp" +%F) + rrd_date=$(date -d "@$rrd_timestamp" +%T) + rrd_val1=$(echo "$rrd_data" |awk '{print $2}' |cut -d. -f1) + rrd_val2=$(echo "$rrd_data" |awk '{print $3}' |cut -d. -f1) + rrd_val3=$(echo "$rrd_data" |awk '{print $4}' |cut -d. -f1) + if [ -z "$rrd_val1" ]; then + rrd_val1="-nan" + fi + if [ -z "$rrd_val2" ]; then + rrd_val2="-nan" + fi + if [ -z "$rrd_val3" ]; then + rrd_val3="-nan" + fi + echo "$rrd_type $rrd_val1 $rrd_val2 $rrd_val3 $rrd_time $rrd_date" + done + done +} + +# PLAIN list function +plain_list() { for type in $rrd_types; do for rrd in $(ls $RRD/$type |grep rrd$ |sed "s/\.rrd$//g"); do echo "$RRD/$type/$rrd.rrd" @@ -74,39 +105,53 @@ shell_list_rrd() { done } +# CSV list function +csv_list() { + for type in $rrd_types; do + echo "RRD" + for rrd in $(ls $RRD/$type |grep rrd$ |sed "s/\.rrd$//g"); do + echo "$RRD/$type/$rrd.rrd" + done + done +} #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Checking enabled systems +# Definng rrd charts rrd_types="la mem net" -if [ -n "$WEB_SYSTEM" ] && [ "$WEB_SYSTEM" != 'no' ]; then +# Checking web system +if [ ! -z "$WEB_SYSTEM" ]; then rrd_types="$rrd_types web" fi -if [ -n "$MAIL_SYSTEM" ] && [ "$MAIL_SYSTEM" != 'no' ]; then +# Checking mail system +if [ ! -z "$MAIL_SYSTEM" ]; then rrd_types="$rrd_types mail" fi -if [ -n "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'no' ]; then +# Checking db system +if [ ! -z "$DB_SYSTEM" ]; then rrd_types="$rrd_types db" fi -if [ -n "$FTP_SYSTEM" ] && [ "$FTP_SYSTEM" != 'no' ]; then +# Checking ftp system +if [ ! -z "$FTP_SYSTEM" ]; then rrd_types="$rrd_types ftp" fi +# Adding ssh rrd_types="$rrd_types ssh" - -# Listing domains +# Listing data case $format in - json) json_list_rrd ;; - plain) nohead=1; shell_list_rrd ;; - shell) shell_list_rrd | column -t ;; + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-sys-services b/bin/v-list-sys-services index 2adaa7d6e..3718c1719 100755 --- a/bin/v-list-sys-services +++ b/bin/v-list-sys-services @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes @@ -18,37 +18,113 @@ source $VESTA/conf/vesta.conf export PATH=$PATH:/sbin +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(echo -e "$data" |grep NAME |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$NAME'": { + "SYSTEM": "'$SYSTEM'", + "STATE": "'$STATE'", + "CPU": "'$CPU'", + "MEM": "'$MEM'", + "RTIME": "'$RTIME'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(echo -e "$data" |grep NAME) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "NAME STATE CPU MEM UPTIME" + echo "---- ----- --- --- ------" + while read str; do + eval $str + echo "$NAME $STATE $CPU $MEM $RTIME" + done < <(echo -e "$data" |grep NAME) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -e "$NAME\t$SYSTEM\t$STATE\t$CPU\t$MEM\t$RTIME" + done < <(echo -e "$data" |grep NAME) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "NAME,SYSTEM,STATE,CPU,MEM,RTIME" + while read str; do + eval $str + echo "$NAME,\"$SYSTEM\",$STATE,$CPU,$MEM,$RTIME" + done < <(echo -e "$data" |grep NAME) +} + +# Get service state function get_srv_state() { srv=$1 - proc_name=${2-$1} + name=${2-$1} + state='running' - # Check service status - status=$(service $srv status 2>/dev/null) - rc=$? - stopped=$(echo $status| grep stop) + # Searching related pids + if [ -z $3 ]; then + pids=$(pidof $name |tr ' ' '|') + else + pids=$(pidof -x $name |tr ' ' '|') + fi + if [ -z "$pids" ] && [ "$name" != 'nginx' ]; then + pids=$(pgrep $name |tr '\n' '|') + fi - if [ "$rc" -eq 0 ] && [ -z "$stopped" ]; then - state='running' + # Checking pid + if [ ! -z "$pids" ]; then + pid=$(echo "$pids" |cut -f 1 -d '|') + pids=$(egrep "$pids" $tmp_file) - # Calculate cpu and memory usage - cpu=0 - mem=0 - for pid in $(pidof $proc_name); do - pid_mem=$(pmap -x $pid | tail -n1 | awk '{print $3}') - pid_cpu=$(grep "^$pid " $tmp_file | cut -f 2 -d ' '|sed "s/^0//") - cpu=$((cpu + pid_cpu)) - mem=$((mem + pid_mem)) - done - mem=$((mem / 1024)) + # Calculating CPU usage + cpu=$(echo "$pids" |awk '{ sum += $2} END {print sum}') - # Get pid date - if [ ! -z $pid ] && [ -e "/proc/$pid" ]; then - mtime=$(stat -c "%Y" /proc/$pid) + # Calculating memory usage + mem=$(echo "$pids" |awk '{sum += $3} END {print sum/1024 }') + mem=$(echo "${mem%%.*}") + + # Searching pid file + pid_file='' + if [ -e "/var/run/$srv.pid" ]; then + pid_file="/var/run/$srv.pid" + fi + if [ -z "$pid_file" ] && [ -e "/var/run/$srv/$srv.pid" ]; then + pid_file="/var/run/$srv/$srv.pid" + fi + if [ -z "$pid_file" ] && [ -e "/var/run/$name/$name.pid" ]; then + pid_file="/var/run/$name/$name.pid" + fi + if [ -z "$pid_file" ] && [ -e "/proc/$pid" ]; then + pid_file="/proc/$pid" + fi + + # Calculating uptime + if [ ! -z "$pid_file" ]; then + mtime=$(stat -c "%Y" $pid_file) rtime=$((ctime - mtime)) rtime=$((rtime / 60)) + else + rtime=0 fi else - # Service is stopped state='stopped' mem=0 cpu=0 @@ -61,170 +137,154 @@ get_srv_state() { # Action # #----------------------------------------------------------# -# Save current proccess list +# Saving current proccess list tmp_file=$(mktemp) -if [ "$format" = 'json' ]; then - ps aux | awk '{print $2" "$3}' | tr -d '.' > $tmp_file -else - ps aux | awk '{print $2" "$3}' | cut -f 1 -d '.' > $tmp_file -fi +ps -eo pid,pcpu,size > $tmp_file -# Get current time +# Checking current time ctime=$(date +%s) -# Proxy -service=$PROXY_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - get_srv_state $service - str="NAME='$service' SYSTEM='reverse proxy' STATE='$state' CPU='$cpu'" - str="$str MEM='$mem' RTIME='$rtime'" +# Checking WEB system +if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB_SYSTEM" != 'remote' ]; then + get_srv_state $WEB_SYSTEM + data="NAME='$WEB_SYSTEM' SYSTEM='web server' STATE='$state' CPU='$cpu'" + data="$data MEM='$mem' RTIME='$rtime'" fi -# Web -service=$WEB_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - if [ "$service" == 'apache' ]; then - service='httpd' - fi - get_srv_state $service - str="$str\nNAME='$service' SYSTEM='web server' STATE='$state' CPU='$cpu'" - str="$str MEM='$mem' RTIME='$rtime'" +# Checking WEB Backend +if [ ! -z "$WEB_BACKEND" ] && [ "$WEB_BACKEND" != 'remote' ]; then + proc_name=$(ls /usr/sbin/php*fpm* | rev | cut -d'/' -f 1 | rev) + get_srv_state $proc_name + data="$data\nNAME='$WEB_BACKEND' SYSTEM='backend server' STATE='$state'" + data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'" +fi +# Checking WEB Proxy +if [ ! -z "$PROXY_SYSTEM" ] && [ "$PROXY_SYSTEM" != 'remote' ]; then + get_srv_state $PROXY_SYSTEM + data="$data\nNAME='$PROXY_SYSTEM' SYSTEM='reverse proxy' STATE='$state'" + data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'" fi # DNS service=$DNS_SYSTEM if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - if [ "$service" == 'bind' ]; then - service='named' - fi - get_srv_state $service - str="$str\nNAME='$service' SYSTEM='dns server' STATE='$state' CPU='$cpu'" - str="$str MEM='$mem' RTIME='$rtime'" + proc_name='named' + get_srv_state $service $proc_name + data="$data\nNAME='$service' SYSTEM='dns server' STATE='$state'" + data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'" fi -# MAIL -service=$MAIL_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - get_srv_state $service - str="$str\nNAME='$service' SYSTEM='mail server' STATE='$state' CPU='$cpu'" - str="$str MEM='$mem' RTIME='$rtime'" +# Checking MAIL system +if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL_SYSTEM" != 'remote' ]; then + get_srv_state $MAIL_SYSTEM + data="$data\nNAME='$MAIL_SYSTEM' SYSTEM='mail server' STATE='$state'" + data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'" fi -# IMAP -service=$IMAP_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - get_srv_state $service - str="$str\nNAME='$service' SYSTEM='pop/imap server' STATE='$state'" - str="$str CPU='$cpu' MEM='$mem' RTIME='$rtime'" +# Checking MAIL IMAP +if [ ! -z "$IMAP_SYSTEM" ] && [ "$IMAP_SYSTEM" != 'remote' ]; then + get_srv_state $IMAP_SYSTEM + data="$data\nNAME='$IMAP_SYSTEM' SYSTEM='pop/imap server' STATE='$state'" + data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'" fi -# ANTIVIRUS -service=$ANTIVIRUS_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - if [ -e "/etc/redhat-release" ]; then - if [ "$ANTIVIRUS_SYSTEM" = 'clamav' ];then - service='clamd' +# Checking MAIL ANTIVIRUS +if [ ! -z "$ANTIVIRUS_SYSTEM" ] && [ "$ANTIVIRUS_SYSTEM" != 'remote' ]; then + if [ -d "/etc/sysconfig" ]; then + if [ "$ANTIVIRUS_SYSTEM" == 'clamav' ];then + ANTIVIRUS_SYSTEM='clamd' fi - get_srv_state $service + get_srv_state $ANTIVIRUS_SYSTEM else - if [ "$ANTIVIRUS_SYSTEM" = 'clamav-daemon' ];then - clam_proc_name='clamd' + if [ "$ANTIVIRUS_SYSTEM" == 'clamav-daemon' ];then + proc_name='clamd' fi - get_srv_state $service $clam_proc_name + get_srv_state $ANTIVIRUS_SYSTEM $proc_name fi - str="$str\nNAME='$service' SYSTEM='email antivirus' STATE='$state'" - str="$str CPU='$cpu' MEM='$mem' RTIME='$rtime'" + data="$data\nNAME='$ANTIVIRUS_SYSTEM' SYSTEM='email antivirus'" + data="$data STATE='$state' CPU='$cpu' MEM='$mem' RTIME='$rtime'" + proc_name='' fi -# ANTISPAM -service=$ANTISPAM_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - get_srv_state $service spamd - str="$str\nNAME='$service' SYSTEM='email antispam' STATE='$state'" - str="$str CPU='$cpu' MEM='$mem' RTIME='$rtime'" +# Checking MAIL ANTISPAM +if [ ! -z "$ANTISPAM_SYSTEM" ] && [ "$ANTISPAM_SYSTEM" != 'remote' ]; then + get_srv_state $ANTISPAM_SYSTEM spamd + data="$data\nNAME='$ANTISPAM_SYSTEM' SYSTEM='email antispam'" + data="$data STATE='$state' CPU='$cpu' MEM='$mem' RTIME='$rtime'" fi -# DB -service=$DB_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then +# Checking DB system +if [ ! -z "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'remote' ]; then for db in ${DB_SYSTEM//,/ }; do + proc_name='' service="$db" - if [ "$service" == 'mysql' ]; then - if [ ! -e "/etc/init.d/$service" ]; then + if [ "$service" = 'mysql' ]; then + if [ -d "/etc/sysconfig" ]; then service='mysqld' - fi - if [ ! -e "/etc/redhat-release" ]; then - db_proc_name='mysqld' + proc_name='mysqld' + if [ -e "/usr/lib/systemd/system/mariadb.service" ]; then + service='mariadb' + fi fi fi if [ "$service" == 'pgsql' ]; then service='postgresql' - db_proc_name='postmaster' - if [ ! -e "/etc/redhat-release" ]; then - db_proc_name='postgres' + proc_name='postmaster' + if [ ! -d "/etc/sysconfig" ]; then + proc_name='postgres' + fi + if [ ! -e '/etc/init.d/postgresql' ]; then + proc_name='postgres' fi fi - get_srv_state $service $db_proc_name - str="$str\nNAME='$service' SYSTEM='database server' STATE='$state'" - str="$str CPU='$cpu' MEM='$mem' RTIME='$rtime'" + get_srv_state $service $proc_name + data="$data\nNAME='$service' SYSTEM='database server' STATE='$state'" + data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'" + proc_name='' done fi -# FTP -service=$FTP_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - get_srv_state $service - str="$str\nNAME='$service' SYSTEM='ftp server' STATE='$state' CPU='$cpu'" - str="$str MEM='$mem' RTIME='$rtime'" +# Checking FTP system +if [ ! -z "$FTP_SYSTEM" ] && [ "$FTP_SYSTEM" != 'remote' ]; then + get_srv_state $FTP_SYSTEM + data="$data\nNAME='$FTP_SYSTEM' SYSTEM='ftp server' STATE='$state'" + data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'" fi -# CRON -service=$CRON_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - get_srv_state $service - str="$str\nNAME='$service' SYSTEM='job scheduler' STATE='$state'" - str="$str CPU='$cpu' MEM='$mem' RTIME='$rtime'" +# Checking CRON system +if [ ! -z "$CRON_SYSTEM" ] && [ "$CRON_SYSTEM" != 'remote' ]; then + get_srv_state $CRON_SYSTEM + data="$data\nNAME='$CRON_SYSTEM' SYSTEM='job scheduler' STATE='$state'" + data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'" fi -# FIREWALL -service=$FIREWALL_SYSTEM -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then +# Checking FIREWALL system +if [ ! -z "$FIREWALL_SYSTEM" ] && [ "$FIREWALL_SYSTEM" != 'remote' ]; then state="stopped" /sbin/iptables -L vesta >/dev/null 2>&1 if [ "$?" -eq 0 ]; then state="running" fi - str="$str\nNAME='$FIREWALL_SYSTEM' SYSTEM='firewall'" - str="$str STATE='$state' CPU='0' MEM='0' RTIME='0'" + data="$data\nNAME='$FIREWALL_SYSTEM' SYSTEM='firewall'" + data="$data STATE='$state' CPU='0' MEM='0' RTIME='0'" fi -# Fail2ban -service=$FIREWALL_EXTENSION -if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then - get_srv_state $service - str="$str\nNAME='$service' SYSTEM='job scheduler' STATE='$state'" - str="$str CPU='$cpu' MEM='$mem' RTIME='$rtime'" +# Checking FIREWALL Fail2ban extention +if [ ! -z "$FIREWALL_EXTENSION" ]; then + get_srv_state $FIREWALL_EXTENSION fail2ban-server script + data="$data\nNAME='$FIREWALL_EXTENSION' SYSTEM='brute-force monitor'" + data="$data STATE='$state' CPU='$cpu' MEM='$mem' RTIME='$rtime'" fi - -# Defining config -echo -e "$str" > $tmp_file -conf=$tmp_file - -# Defining fileds to select -fields="\$NAME \$SYSTEM \$STATE \$CPU \$MEM \$RTIME" - -# Listing services -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$NAME $STATE $CPU $MEM $RTIME' - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac -rm -f $tmp_file #----------------------------------------------------------# # Vesta # diff --git a/bin/v-list-sys-shells b/bin/v-list-sys-shells index 091e7d8e8..dec180f5c 100755 --- a/bin/v-list-sys-shells +++ b/bin/v-list-sys-shells @@ -9,20 +9,18 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_sh() { - shells=$(grep -v '#' /etc/shells) +# JSON list function +json_list() { sh_counter=$(echo "$shells" | wc -l) i=1 echo '[' for shell in $shells; do - shell=$(basename $shell) if [ "$i" -lt "$sh_counter" ]; then echo -e "\t\"$shell\"," else @@ -33,15 +31,26 @@ json_list_sh() { echo "]" } -# Shell function -shell_list_sh() { - shells=$(grep -v '#' /etc/shells) - if [ -z "$nohead" ]; then - echo "SHELLS" - echo "----------" - fi +# SHELL list function +shell_list() { + echo "SHELL" + echo "-----" + for shell in $shells; do + echo "$shell" + done +} + +# PLAIN list function +plain_list() { + for shell in $shells; do + echo "$shell" + done +} + +# CSV list function +csv_list() { + echo "SHELL" for shell in $shells; do - shell=$(basename $shell) echo "$shell" done } @@ -51,12 +60,15 @@ shell_list_sh() { # Action # #----------------------------------------------------------# -# Listing domains -case $format in - json) json_list_sh ;; - plain) nohead=1; shell_list_sh ;; - shell) shell_list_sh ;; - *) check_args '1' '0' '[FORMAT]' ;; +# Defining system shells +shells=$(grep -v '#' /etc/shells |awk -F '/' '{print $NF}' |sort -u) + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-sys-spamd-config b/bin/v-list-sys-spamd-config new file mode 100755 index 000000000..04d82c731 --- /dev/null +++ b/bin/v-list-sys-spamd-config @@ -0,0 +1,64 @@ +#!/bin/bash +# info: list spamassassin config parameters +# options: [FORMAT] +# +# The function for obtaining the list of spamassassin config parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{ + "CONFIG": { + "config_path": "'$config_path'" + } +}' +} + +# SHELL list function +shell_list() { + echo "config_path: $config_path" +} + +# PLAIN list function +plain_list() { + echo "$config_path" +} + +# CSV list function +csv_list() { + echo "config_path" + echo "$config_path" +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining config path +config_path=$(find /etc/spamassassin /etc/mail -name local.cf 2>/dev/null) + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-users b/bin/v-list-sys-users index 3bae74183..cd297338b 100755 --- a/bin/v-list-sys-users +++ b/bin/v-list-sys-users @@ -10,38 +10,50 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_users() { - users=$(grep @ /etc/passwd|cut -f 1 -d :) - int_counter=$(echo "$users" | wc -l) +# JSON list function +json_list() { + objects=$(grep @ /etc/passwd |wc -l) i=1 echo '[' - for user in $users; do - if [ "$i" -lt "$int_counter" ]; then + while read user; do + if [ "$i" -lt "$objects" ]; then echo -e "\t\"$user\"," else echo -e "\t\"$user\"" fi (( ++i)) - done + done < <(grep @ /etc/passwd |cut -f 1 -d :) echo "]" } -# Shell function -shell_list_users() { - if [ -z "$nohead" ]; then - echo "USERS" - echo "----------" - fi - for user in $(grep @ /etc/passwd|cut -f 1 -d :); do +# SHELL list function +shell_list() { + echo "USER" + echo "----" + while read user; do echo "$user" - done + done < <(grep @ /etc/passwd |cut -f 1 -d :) +} + +# PLAIN list function +plain_list() { + while read user; do + echo "$user" + done < <(grep @ /etc/passwd |cut -f 1 -d :) +} + +# CSV list function +csv_list() { + echo "USER" + while read user; do + echo "$user" + done < <(grep @ /etc/passwd |cut -f 1 -d :) } @@ -49,12 +61,12 @@ shell_list_users() { # Action # #----------------------------------------------------------# -# Listing domains +# Listing data case $format in - json) json_list_users ;; - plain) nohead=1; shell_list_users ;; - shell) shell_list_users ;; - *) check_args '1' '0' '[FORMAT]' ;; + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-sys-vesta-autoupdate b/bin/v-list-sys-vesta-autoupdate index ca64646c2..f94570180 100755 --- a/bin/v-list-sys-vesta-autoupdate +++ b/bin/v-list-sys-vesta-autoupdate @@ -1,6 +1,6 @@ #!/bin/bash # info: list vesta autoupdate settings -# options: NONE +# options: [FORMAT] # # The function for obtaining autoupdate setings. @@ -9,15 +9,15 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user='admin' format=${1-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_autoupdate() { +# JSON list function +json_list() { echo '[' if [ -z "$check_cron" ]; then echo -e "\t\"Disabled\"," @@ -27,12 +27,28 @@ json_list_autoupdate() { echo "]" } -# Shell function -shell_list_autoupdate() { - if [ -z "$nohead" ]; then - echo "AUTOUPDATE" - echo "----------" +# SHELL list function +shell_list() { + echo -n "AUTOUPDATE: " + if [ -z "$check_cron" ]; then + echo "Disabled" + else + echo "Enabled" fi +} + +# PLAIN list function +plain_list() { + if [ -z "$check_cron" ]; then + echo "Disabled" + else + echo "Enabled" + fi +} + +# CSV list function +csv_list() { + echo "AUTOUPDATE" if [ -z "$check_cron" ]; then echo "Disabled" else @@ -48,15 +64,16 @@ shell_list_autoupdate() { # Check cron tab check_cron=$(grep 'v-update-sys-vesta-all' $USER_DATA/cron.conf) -# Listing domains -case $format in - json) json_list_autoupdate ;; - plain) nohead=1; shell_list_autoupdate ;; - shell) shell_list_autoupdate ;; - *) check_args '1' '0' '[FORMAT]' ;; +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; esac + #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# diff --git a/bin/v-list-sys-vesta-ssl b/bin/v-list-sys-vesta-ssl new file mode 100755 index 000000000..fe6eea474 --- /dev/null +++ b/bin/v-list-sys-vesta-ssl @@ -0,0 +1,130 @@ +#!/bin/bash +# info: list vesta ssl certificate +# options: [FORMAT] +# +# The function of obtaining vesta ssl files. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{' + echo -e "\t\"VESTA\": {" + echo " \"CRT\": \"$crt\"," + echo " \"KEY\": \"$key\"," + echo " \"CA\": \"$ca\"," + echo " \"SUBJECT\": \"$subj\"," + echo " \"ALIASES\": \"$alt_dns\"," + echo " \"NOT_BEFORE\": \"$before\"," + echo " \"NOT_AFTER\": \"$after\"," + echo " \"SIGNATURE\": \"$signature\"," + echo " \"PUB_KEY\": \"$pub_key\"," + echo " \"ISSUER\": \"$issuer\"" + echo -e "\t}\n}" +} + +# SHELL list function +shell_list() { + if [ ! -z "$crt" ]; then + echo -e "$crt" + fi + if [ ! -z "$key" ]; then + echo -e "\n$key" + fi + if [ ! -z "$crt" ]; then + echo + echo + echo "SUBJECT: $subj" + if [ ! -z "$alt_dns" ]; then + echo "ALIASES: ${alt_dns//,/ }" + fi + echo "VALID FROM: $before" + echo "VALID TIL: $after" + echo "SIGNATURE: $signature" + echo "PUB_KEY: $pub_key" + echo "ISSUER: $issuer" + fi +} + +# PLAIN list function +plain_list() { + if [ ! -z "$crt" ]; then + echo -e "$crt" + fi + if [ ! -z "$key" ]; then + echo -e "\n$key" + fi + if [ ! -z "$ca" ]; then + echo -e "\n$ca" + fi + if [ ! -z "$crt" ]; then + echo "$subj" + echo "${alt_dns//,/ }" + echo "$before" + echo "$after" + echo "$signature" + echo "$pub_key" + echo "$issuer" + fi + +} + +# CSV list function +csv_list() { + echo -n "CRT,KEY,CA,SUBJECT,ALIASES,NOT_BEFORE,NOT_AFTER,SIGNATURE," + echo "PUB_KEY,ISSUER" + echo -n "\"$crt\",\"$key\",\"$ca\",\"$subj\",\"${alt_dns//,/ }\"," + echo "\"$before\",\"$after\",\"$signature\",\"$pub_key\",\"$issuer\"" +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Parsing SSL certificate +crt=$(cat $VESTA/ssl/certificate.crt |sed ':a;N;$!ba;s/\n/\\n/g') +key=$(cat $VESTA/ssl/certificate.key |sed ':a;N;$!ba;s/\n/\\n/g') + +# Parsing SSL certificate details without CA +info=$(openssl x509 -text -in $VESTA/ssl/certificate.crt) +subj=$(echo "$info" |grep Subject: |cut -f 2 -d =) +before=$(echo "$info" |grep Before: |sed -e "s/.*Before: //") +after=$(echo "$info" |grep "After :" |sed -e "s/.*After : //") +signature=$(echo "$info" |grep "Algorithm:" |head -n1 ) +signature=$(echo "$signature"| sed -e "s/.*Algorithm: //") +pub_key=$(echo "$info" |grep Public-Key: |cut -f2 -d \( | tr -d \)) +issuer=$(echo "$info" |grep Issuer: |sed -e "s/.*Issuer: //") +alt_dns=$(echo "$info" |grep DNS |sed -e 's/DNS:/\n/g' |tr -d ',') +alt_dns=$(echo "$alt_dns" |tr -d ' ' |sed -e "/^$/d") +alt_dns=$(echo "$alt_dns" |sed -e ':a;N;$!ba;s/\n/,/g') + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-vesta-updates b/bin/v-list-sys-vesta-updates index 12db31ac0..adcd6a1a5 100755 --- a/bin/v-list-sys-vesta-updates +++ b/bin/v-list-sys-vesta-updates @@ -9,28 +9,62 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf +fields="\$NAME \$VERSION \$RELEASE \$ARCH \$UPDATED \$DESCR \$TIME \$DATE" + +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(echo -e "$data" |grep NAME |wc -l) + echo "{" + for str in $(echo -e "$data"); do + eval $str + echo -n ' "'$NAME'": { + "VERSION": "'$VERSION'", + "RELEASE": "'$RELEASE'", + "ARCH": "'$ARCH'", + "UPDATED": "'$UPDATED'", + "DESCR": "'$DESCR'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "PKG VER REL ARCH UPDT DATE" + echo "--- --- --- ---- ---- ----" + for str in $(echo -e "$data"); do + eval $str + echo "$NAME $VERSION $RELEASE $ARCH $UPDATED $DATE" + done +} #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Remove upd_flag -rm -f $VESTA/web/.update +# Checking official latest version +latest=$(wget -q -T 1 -t 1 http://c.vestacp.com/latest.txt -O -) -# Create tmp file -tmp_file=$(mktemp) - -# Check latest version -wget -q -T 1 -t 1 http://c.vestacp.com/latest.txt -O $tmp_file - -# Check vesta version -if [ -e "/etc/redhat-release" ]; then +# Checking installed vesta version +if [ -d "/etc/sysconfig" ]; then rpm_format="VERSION='%{VERSION}'" rpm_format="$rpm_format RELEASE='%{RELEASE}'" rpm_format="$rpm_format ARCH='%{ARCH}'" @@ -41,23 +75,21 @@ if [ -e "/etc/redhat-release" ]; then else dpkg_data=$(dpkg-query -s vesta) pkg_date=$(stat -c "%Y" /var/lib/dpkg/info/vesta.list) - ARCH=$(echo "$dpkg_data"|grep Architecture | cut -f 2 -d ' ') - VERSION=$(echo "$dpkg_data"|grep Version |cut -f 2 -d ' '|cut -f 1 -d \-) - RELEASE=$(echo "$dpkg_data"|grep Version |cut -f 2 -d ' '|cut -f 2 -d \-) + ARCH=$(echo "$dpkg_data"|grep Architecture |cut -f 2 -d ' ') + VERSION=$(echo "$dpkg_data"|grep ^Version |cut -f 2 -d ' '|cut -f 1 -d \-) + RELEASE=$(echo "$dpkg_data"|grep ^Version |cut -f 2 -d ' '|cut -f 2 -d \-) DATE=$(date -d @$pkg_date +"%F") TIME=$(date -d @$pkg_date +"%T") fi -latest=$(grep vesta $tmp_file) UPDATED='yes' -if [ ! -z "$latest" ] && [ "$latest" != "vesta-$VERSION-$RELEASE" ]; then +if [ ! -z "$latest" ] && [ "$latest" \> "vesta-$VERSION-$RELEASE" ]; then UPDATED='no' - set_upd_flag='yes' fi -str="NAME='vesta' VERSION='$VERSION' RELEASE='$RELEASE' ARCH='$ARCH'" -str="$str UPDATED='$UPDATED' DESCR='core package' TIME='$TIME' DATE='$DATE'" +data="NAME='vesta' VERSION='$VERSION' RELEASE='$RELEASE' ARCH='$ARCH'" +data="$data UPDATED='$UPDATED' DESCR='core package' TIME='$TIME' DATE='$DATE'" -# Check vesta-php version -if [ -e "/etc/redhat-release" ]; then +# Checking installed vesta-php version +if [ -d "/etc/sysconfig" ]; then eval $(rpm --queryformat="$rpm_format" -q vesta-php) DATE=$(date -d @$UTIME +%F) TIME=$(date -d @$UTIME +%T) @@ -65,23 +97,17 @@ else dpkg_data=$(dpkg-query -s vesta-php) pkg_date=$(stat -c "%Y" /var/lib/dpkg/info/vesta-php.list) ARCH=$(echo "$dpkg_data"|grep Architecture | cut -f 2 -d ' ') - VERSION=$(echo "$dpkg_data"|grep Version |cut -f 2 -d ' '|cut -f 1 -d \-) - RELEASE=$(echo "$dpkg_data"|grep Version |cut -f 2 -d ' '|cut -f 2 -d \-) + VERSION=$(echo "$dpkg_data"|grep ^Version |cut -f 2 -d ' '|cut -f 1 -d \-) + RELEASE=$(echo "$dpkg_data"|grep ^Version |cut -f 2 -d ' '|cut -f 2 -d \-) DATE=$(date -d @$pkg_date +"%F") TIME=$(date -d @$pkg_date +"%T") fi -latest=$(grep php $tmp_file) -UPDATED='yes' -if [ ! -z "$latest" ] && [ "$latest" != "php-$VERSION-$RELEASE" ]; then - UPDATED='no' - set_upd_flag='yes' -fi -str="$str\nNAME='vesta-php' VERSION='$VERSION' RELEASE='$RELEASE' ARCH='$ARCH'" -str="$str UPDATED='$UPDATED' DESCR='php interpreter' TIME='$TIME'" -str="$str DATE='$DATE'" +data="$data\nNAME='vesta-php' VERSION='$VERSION' RELEASE='$RELEASE'" +data="$data ARCH='$ARCH' UPDATED='$UPDATED' DESCR='php interpreter'" +data="$data TIME='$TIME' DATE='$DATE'" -# Check vesta-nginx version -if [ -e "/etc/redhat-release" ]; then +# Checking installed vesta-nginx version +if [ -d "/etc/sysconfig" ]; then eval $(rpm --queryformat="$rpm_format" -q vesta-nginx) DATE=$(date -d @$UTIME +%F) TIME=$(date -d @$UTIME +%T) @@ -89,44 +115,64 @@ else dpkg_data=$(dpkg-query -s vesta-nginx) pkg_date=$(stat -c "%Y" /var/lib/dpkg/info/vesta-nginx.list) ARCH=$(echo "$dpkg_data"|grep Architecture | cut -f 2 -d ' ') - VERSION=$(echo "$dpkg_data"|grep Version |cut -f 2 -d ' '|cut -f 1 -d \-) - RELEASE=$(echo "$dpkg_data"|grep Version |cut -f 2 -d ' '|cut -f 2 -d \-) + VERSION=$(echo "$dpkg_data"|grep ^Version |cut -f 2 -d ' '|cut -f 1 -d \-) + RELEASE=$(echo "$dpkg_data"|grep ^Version |cut -f 2 -d ' '|cut -f 2 -d \-) DATE=$(date -d @$pkg_date +"%F") TIME=$(date -d @$pkg_date +"%T") fi -latest=$(grep nginx $tmp_file) -UPDATED='yes' -if [ ! -z "$latest" ] && [ "$latest" != "nginx-$VERSION-$RELEASE" ]; then - UPDATED='no' - set_upd_flag='yes' -fi -str="$str\nNAME='vesta-nginx' VERSION='$VERSION' RELEASE='$RELEASE'" -str="$str ARCH='$ARCH' UPDATED='$UPDATED' DESCR='internal web server'" -str="$str TIME='$TIME' DATE='$DATE'" +data="$data\nNAME='vesta-nginx' VERSION='$VERSION' RELEASE='$RELEASE'" +data="$data ARCH='$ARCH' UPDATED='$UPDATED' DESCR='internal web server'" +data="$data TIME='$TIME' DATE='$DATE'" -# Create flag if updates avaiable -if [ "$set_upd_flag" == 'yes' ]; then - touch $VESTA/web/.update - chmod a+r $VESTA/web/.update +# Checking installed vesta-ioncube version +if [ "$SOFTACULOUS" = 'yes' ]; then + if [ -d "/etc/sysconfig" ]; then + eval $(rpm --queryformat="$rpm_format" -q vesta-ioncube) + DATE=$(date -d @$UTIME +%F) + TIME=$(date -d @$UTIME +%T) + else + dpkg_data=$(dpkg-query -s vesta-ioncube) + pkg_date=$(stat -c "%Y" /var/lib/dpkg/info/vesta-php.list) + ARCH=$(echo "$dpkg_data"|grep Architecture | cut -f 2 -d ' ') + VERSION=$(echo "$dpkg_data"|grep ^Vers |cut -f2 -d ' '|cut -f1 -d \-) + RELEASE=$(echo "$dpkg_data"|grep ^Vers |cut -f2 -d ' '|cut -f2 -d \-) + DATE=$(date -d @$pkg_date +"%F") + TIME=$(date -d @$pkg_date +"%T") + fi + data="$data\nNAME='vesta-ioncube' VERSION='$VERSION' RELEASE='$RELEASE'" + data="$data ARCH='$ARCH' UPDATED='$UPDATED' DESCR='php encoder'" + data="$data TIME='$TIME' DATE='$DATE'" fi -# Defining config -echo -e "$str" > $tmp_file -conf=$tmp_file +# Checking installed vesta-softaculous version +if [ "$SOFTACULOUS" = 'yes' ]; then + if [ -d "/etc/sysconfig" ]; then + eval $(rpm --queryformat="$rpm_format" -q vesta-softaculous) + DATE=$(date -d @$UTIME +%F) + TIME=$(date -d @$UTIME +%T) + else + dpkg_data=$(dpkg-query -s vesta-softaculous) + pkg_date=$(stat -c "%Y" /var/lib/dpkg/info/vesta-php.list) + ARCH=$(echo "$dpkg_data"|grep Architecture | cut -f 2 -d ' ') + VERSION=$(echo "$dpkg_data"|grep ^Vers |cut -f2 -d ' '|cut -f1 -d \-) + RELEASE=$(echo "$dpkg_data"|grep ^Vers |cut -f2 -d ' '|cut -f2 -d \-) + DATE=$(date -d @$pkg_date +"%F") + TIME=$(date -d @$pkg_date +"%T") + fi + data="$data\nNAME='vesta-softaculous' VERSION='$VERSION' RELEASE='$RELEASE'" + data="$data ARCH='$ARCH' UPDATED='$UPDATED' DESCR='app installer'" + data="$data TIME='$TIME' DATE='$DATE'" +fi -# Defining fileds to select -fields="\$NAME \$VERSION \$RELEASE \$ARCH \$UPDATED \$DESCR \$TIME \$DATE" -# Listing services +# Listing data case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$NAME $VERSION $RELEASE $ARCH $UPDATED $TIME $DATE' - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t;; esac -rm -f $tmp_file #----------------------------------------------------------# # Vesta # diff --git a/bin/v-list-sys-vsftpd-config b/bin/v-list-sys-vsftpd-config new file mode 100755 index 000000000..060d88422 --- /dev/null +++ b/bin/v-list-sys-vsftpd-config @@ -0,0 +1,64 @@ +#!/bin/bash +# info: list vsftpd config parameters +# options: [FORMAT] +# +# The function for obtaining the list of vsftpd config parameters. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{ + "CONFIG": { + "config_path": "'$config_path'" + } +}' +} + +# SHELL list function +shell_list() { + echo "config_path: $config_path" +} + +# PLAIN list function +plain_list() { + echo "$config_path" +} + +# CSV list function +csv_list() { + echo "config_path" + echo "$config_path" +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining config path +config_path=$(find /etc/vsftpd* -name vsftpd.conf 2>/dev/null) + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-sys-web-status b/bin/v-list-sys-web-status new file mode 100755 index 000000000..eb58c81ce --- /dev/null +++ b/bin/v-list-sys-web-status @@ -0,0 +1,49 @@ +#!/bin/bash +# info: list web status +# options: [FORMAT] +# +# The function lists web server status + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +#format=${1-shell} + +# Includes +#source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Checking web system +if [ -z "$WEB_SYSTEM" ]; then + exit +fi + +# Displaying proxy status +if [ "$PROXY_SYSTEM" = 'nginx' ]; then + echo "

$PROXY_SYSTEM STATUS

"| tr '[:lower:]' '[:upper:]' + wget -qO- http://localhost:8084/ + echo "


" +fi + +# Displaying web server status +echo "

$WEB_SYSTEM STATUS

"| tr '[:lower:]' '[:upper:]' +if [ "$WEB_SYSTEM" != 'nginx' ]; then + wget -qO- http://localhost:8081/server-status/ |\ + egrep -v "html|DOCTYPE|h1>|title|head" +else + wget -qO- http://localhost:8084/ +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-user b/bin/v-list-user index 817fb8422..57b48bb3a 100755 --- a/bin/v-list-user +++ b/bin/v-list-user @@ -1,57 +1,151 @@ #!/bin/bash -# info: list system user +# info: list user parameters # options: USER [FORMAT] # -# The function for obtainig the list of all user's parameters. +# The function to obtain user parameters. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# +# Argument definition +user=$1 +format=${2-shell} + # Includes source $VESTA/func/main.sh -# Argument defenition -user=$1 -USER="$user" -format=${2-shell} - -# Json function -json_list_user() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - source $VESTA/data/users/$user/user.conf - echo '{' - for field in $fields; do - eval value=$field - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$fileds_count" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e ' }' - fi - echo -e "}" +# JSON list function +json_list() { + echo '{ + "'$USER'": { + "FNAME": "'$FNAME'", + "LNAME": "'$LNAME'", + "PACKAGE": "'$PACKAGE'", + "WEB_TEMPLATE": "'$WEB_TEMPLATE'", + "BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'", + "PROXY_TEMPLATE": "'$PROXY_TEMPLATE'", + "DNS_TEMPLATE": "'$DNS_TEMPLATE'", + "WEB_DOMAINS": "'$WEB_DOMAINS'", + "WEB_ALIASES": "'$WEB_ALIASES'", + "DNS_DOMAINS": "'$DNS_DOMAINS'", + "DNS_RECORDS": "'$DNS_RECORDS'", + "MAIL_DOMAINS": "'$MAIL_DOMAINS'", + "MAIL_ACCOUNTS": "'$MAIL_ACCOUNTS'", + "DATABASES": "'$DATABASES'", + "CRON_JOBS": "'$CRON_JOBS'", + "DISK_QUOTA": "'$DISK_QUOTA'", + "BANDWIDTH": "'$BANDWIDTH'", + "HOME": "'$HOME'", + "NS": "'$NS'", + "SHELL": "'$SHELL'", + "BACKUPS": "'$BACKUPS'", + "CONTACT": "'$CONTACT'", + "CRON_REPORTS": "'$CRON_REPORTS'", + "RKEY": "'$RKEY'", + "SUSPENDED": "'$SUSPENDED'", + "SUSPENDED_USERS": "'$SUSPENDED_USERS'", + "SUSPENDED_WEB": "'$SUSPENDED_WEB'", + "SUSPENDED_DNS": "'$SUSPENDED_DNS'", + "SUSPENDED_MAIL": "'$SUSPENDED_MAIL'", + "SUSPENDED_DB": "'$SUSPENDED_DB'", + "SUSPENDED_CRON": "'$SUSPENDED_CRON'", + "IP_AVAIL": "'$IP_AVAIL'", + "IP_OWNED": "'$IP_OWNED'", + "U_USERS": "'$U_USERS'", + "U_DISK": "'$U_DISK'", + "U_DISK_DIRS": "'$U_DISK_DIRS'", + "U_DISK_WEB": "'$U_DISK_WEB'", + "U_DISK_MAIL": "'$U_DISK_MAIL'", + "U_DISK_DB": "'$U_DISK_DB'", + "U_BANDWIDTH": "'$U_BANDWIDTH'", + "U_WEB_DOMAINS": "'$U_WEB_DOMAINS'", + "U_WEB_SSL": "'$U_WEB_SSL'", + "U_WEB_ALIASES": "'$U_WEB_ALIASES'", + "U_DNS_DOMAINS": "'$U_DNS_DOMAINS'", + "U_DNS_RECORDS": "'$U_DNS_RECORDS'", + "U_MAIL_DOMAINS": "'$U_MAIL_DOMAINS'", + "U_MAIL_DKIM": "'$U_MAIL_DKIM'", + "U_MAIL_ACCOUNTS": "'$U_MAIL_ACCOUNTS'", + "U_DATABASES": "'$U_DATABASES'", + "U_CRON_JOBS": "'$U_CRON_JOBS'", + "U_BACKUPS": "'$U_BACKUPS'", + "LANGUAGE": "'$LANGUAGE'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + } +}' } -# Shell function -shell_list_user() { - source $VESTA/data/users/$user/user.conf - for field in $fields; do - eval key="$field" - if [ -z "$key" ]; then - key='NULL' - fi - echo "${field//$/}: $key " - done +# SHELL list function +shell_list() { + echo "USERNAME: $USER" + echo "FULL NAME: $FNAME $LNAME" + echo "EMAIL: $CONTACT" + echo "LANGUAGE: $LANGUAGE" + echo "SUSPENDED: $SUSPENDED" + echo "PACKAGE: $PACKAGE" + echo "SHELL: $SHELL" + echo "WEB DOMAINS: $U_WEB_DOMAINS/$WEB_DOMAINS" + echo "WEB ALIASES: $U_WEB_ALIASES/$WEB_ALIASES" + echo "DNS DOMAINS: $U_DNS_DOMAINS/$DNS_DOMAINS" + echo "DNS RECORDS: $U_DNS_RECORDS/$DNS_RECORDS" + echo "MAIL DOMAINS: $U_MAIL_DOMAINS/$MAIL_DOMAINS" + echo "MAIL ACCOUNTS: $U_MAIL_ACCOUNTS/$MAIL_ACCOUNTS" + echo "BACKUPS: $U_BACKUPS/$BACKUPS" + echo "DATABASES: $U_DATABASES/$DATABASES" + echo "CRON_JOBS: $U_CRON_JOBS/$CRON_JOBS" + echo "DISK: $U_DISK/$DISK_QUOTA" + echo "BANDWIDTH: $U_BANDWIDTH/$BANDWIDTH" + echo "IP ADDRESSES $IP_AVAIL/$IP_OWNED" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -ne "$USER\t$FNAME\t$LNAME\t$PACKAGE\t$WEB_TEMPLATE\t" + echo -ne "$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t" + echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t" + echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t" + echo -ne "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$HOME\t$SHELL\t$BACKUPS\t" + echo -ne "$CONTACT\t$CRON_REPORTS\t$RKEY\t$SUSPENDED\t" + echo -ne "$SUSPENDED_USERS\t$SUSPENDED_WEB\t$SUSPENDED_DNS\t" + echo -ne "$SUSPENDED_MAIL\t$SUSPENDED_DB\t$SUSPENDED_CRON\t" + echo -ne "$IP_AVAIL\t$IP_OWNED\t$U_USERS\t$U_DISK\t$U_DISK_DIRS\t" + echo -ne "$U_DISK_WEB\t$U_DISK_MAIL\t$U_DISK_DB\t$U_BANDWIDTH\t" + echo -ne "$U_WEB_DOMAINS\t$U_WEB_SSL\t$U_WEB_ALIASES\t" + echo -ne "$U_DNS_DOMAINS\t$U_DNS_RECORDS\t$U_MAIL_DOMAINS\t" + echo -ne "$U_MAIL_DKIM\t$U_MAIL_ACCOUNTS\t$U_DATABASES\t" + echo -e "'$U_CRON_JOBS\t$U_BACKUPS\t$LANGUAGE\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo -n "USER,FNAME,LNAME,PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE," + echo -n "PROXY_TEMPLATE,DNS_TEMPLATE,WEB_DOMAINS,WEB_ALIASES," + echo -n "DNS_DOMAINS,DNS_RECORDS,MAIL_DOMAINS,MAIL_ACCOUNTS," + echo -n "DATABASES,CRON_JOBS,DISK_QUOTA,BANDWIDTH,NS,HOME,SHELL," + echo -n "BACKUPS,CONTACT,CRON_REPORTS,RKEY,SUSPENDED,SUSPENDED_USERS," + echo -n "SUSPENDED_WEB,SUSPENDED_DNS,SUSPENDED_MAIL,SUSPENDED_DB," + echo -n "SUSPENDED_CRON,IP_AVAIL,IP_OWNED,U_USERS,U_DISK,U_DISK_DIRS," + echo -n "U_DISK_WEB,U_DISK_MAIL,U_DISK_DB,U_BANDWIDTH,U_WEB_DOMAINS," + echo -n "U_WEB_SSL,U_WEB_ALIASES,U_DNS_DOMAINS,U_DNS_RECORDS," + echo -n "U_MAIL_DOMAINS,U_MAIL_DKIM,U_MAIL_ACCOUNTS,U_DATABASES" + echo "U_CRON_JOBS,U_BACKUPS,LANGUAGE,TIME,DATE" + echo -n "$USER,\"$FNAME\",\"$LNAME\",$PACKAGE,$WEB_TEMPLATE," + echo -n "$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,$WEB_DOMAINS," + echo -n "$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS,$MAIL_DOMAINS," + echo -n "$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS,$DISK_QUOTA,$BANDWIDTH," + echo -n "\"$NS\",$HOME,$SHELL,$BACKUPS,$CONTACT,$CRON_REPORTS,\"$RKEY\"," + echo -n "$SUSPENDED,$SUSPENDED_USERS,$SUSPENDED_WEB,$SUSPENDED_DNS," + echo -n "$SUSPENDED_MAIL,$SUSPENDED_DB,$SUSPENDED_CRON,$IP_AVAIL," + echo -n "$IP_OWNED,$U_USERS,$U_DISK,$U_DISK_DIRS,$U_DISK_WEB," + echo -n "$U_DISK_MAIL,$U_DISK_DB,$U_BANDWIDTH,$U_WEB_DOMAINS,$U_WEB_SSL," + echo -n "$U_WEB_ALIASES,$U_DNS_DOMAINS,$U_DNS_RECORDS,$U_MAIL_DOMAINS," + echo -n "$U_MAIL_DKIM,$U_MAIL_ACCOUNTS,$U_DATABASES,$U_CRON_JOBS," + echo "$U_BACKUPS,$LANGUAGE,$TIME,$DATE" } @@ -60,7 +154,7 @@ shell_list_user() { #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -69,26 +163,16 @@ is_object_valid 'user' 'USER' "$user" #----------------------------------------------------------# # Defining config -conf=$USER_DATA/user.conf +USER=$user HOME=$HOMEDIR/$user +source $VESTA/data/users/$user/user.conf -# Defining fileds to select -fields='$USER $FNAME $LNAME $PACKAGE $WEB_TEMPLATE $PROXY_TEMPLATE - $DNS_TEMPLATE $WEB_DOMAINS $WEB_ALIASES $DNS_DOMAINS $DNS_RECORDS - $MAIL_DOMAINS $MAIL_ACCOUNTS $DATABASES $CRON_JOBS $DISK_QUOTA $BANDWIDTH - $NS $SHELL $BACKUPS $CONTACT $CRON_REPORTS $RKEY $SUSPENDED - $SUSPENDED_USERS $SUSPENDED_WEB $SUSPENDED_DNS $SUSPENDED_MAIL - $SUSPENDED_DB $SUSPENDED_CRON $IP_AVAIL $IP_OWNED $U_USERS $U_DISK - $U_DISK_DIRS $U_DISK_WEB $U_DISK_MAIL $U_DISK_DB $U_BANDWIDTH - $U_WEB_DOMAINS $U_WEB_SSL $U_WEB_ALIASES $U_DNS_DOMAINS $U_DNS_RECORDS - $U_MAIL_DOMAINS $U_MAIL_DKIM $U_MAIL_ACCOUNTS $U_DATABASES $U_CRON_JOBS - $U_BACKUPS $LANGUAGE $HOME $TIME $DATE' - -# Listing user -case $format in - json) json_list_user ;; - plain) nohead=1; shell_list_user ;; - shell) shell_list_user | column -t ;; +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-user-backup b/bin/v-list-user-backup index 6fa99af65..8ee8a41b5 100755 --- a/bin/v-list-user-backup +++ b/bin/v-list-user-backup @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 backup=$2 format=${3-shell} @@ -18,57 +18,55 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_backup() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - line=$(grep "BACKUP='$backup'" $conf) +fields="\$BACKUP \$TYPE \$SIZE \$WEB \$DNS \$DB \$MAIL \$CRON \$UDIR" +fields="$fields \$RUNTIME \$TIME \$DATE" - # Print top bracket +# JSON list function +json_list() { echo '{' - - # Assing key=value - eval $line - - # Starting output loop - for field in $fields; do - # Parsing key=value - eval value=$field - - # Checking first field - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$fileds_count" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"$value\"" - else - echo -e "\t\t\"${field//$/}\": \"$value\"," - fi - fi - # Updating iterator - (( ++i)) - done - - # If there was any output - if [ -n "$value" ]; then - echo -e ' }' - fi - # Printing bottom json bracket - echo -e "}" + echo ' "'$BACKUP'": { + "TYPE": "'$TYPE'", + "SIZE": "'$SIZE'", + "WEB": "'$WEB'", + "DNS": "'$DNS'", + "MAIL": "'$MAIL'", + "DB": "'$DB'", + "CRON": "'$CRON'", + "UDIR": "'$UDIR'", + "RUNTIME": "'$RUNTIME'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell function -shell_list_backup() { - line=$(grep "BACKUP='$backup'" $conf) +# SHELL list function +shell_list() { + echo "BACKUP: $BACKUP" + echo "TYPE: $TYPE" + echo "SIZE: $SIZE mb" + echo "RUNTIME: $RUNTIME min" + echo "WEB: ${WEB//,/ }" + echo "DNS: ${DNS//,/ }" + echo "MAIL: ${MAIL//,/ }" + echo "DB: ${DB//,/ }" + echo "CRON: $CRON" + echo "UDIR: ${UDIR//,/ }" + echo "TIME: $TIME" + echo "DATE: $DATE" +} - # Parsing key=value - eval $line +# PLAIN list function +plain_list() { + echo -ne "$BACKUP\t$TYPE\t$SIZE\t$WEB\t$DNS\t$MAIL\t$DB\t$CRON\t" + echo -e "$UDIR\t$RUNTIME\t$TIME\t$DATE" +} - # Print result line - for field in $fields; do - eval key="$field" - echo "${field//$/}: $key " - done +# CSV list function +csv_list() { + echo "BACKUP,TYPE,SIZE,WEB,DNS,MAIL,DB,CRON,UDIR,RUNTIME,TIME,DATE" + echo -n "$BACKUP,$TYPE,$SIZE,\"$WEB\",\"$DNS\",\"$MAIL\",\"$DB\"," + echo "\"$CRON\",\"$UDIR\",$RUNTIME,$TIME,$DATE" } @@ -77,6 +75,7 @@ shell_list_backup() { #----------------------------------------------------------# check_args '2' "$#" 'USER BACKUP [FORMAT]' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" is_object_valid 'backup' 'BACKUP' "$backup" @@ -85,18 +84,15 @@ is_object_valid 'backup' 'BACKUP' "$backup" # Action # #----------------------------------------------------------# -# Defining config and fields to select -conf=$USER_DATA/backup.conf +# Parsing backup config +eval $(grep "BACKUP='$backup'" $USER_DATA/backup.conf) -fields="\$BACKUP \$TYPE \$SIZE \$WEB \$DNS \$DB \$MAIL \$CRON \$UDIR" -fields="$fields \$RUNTIME \$TIME \$DATE" - -# Listing backup -case $format in - json) json_list_backup ;; - plain) nohead=1; shell_list_backup ;; - shell) shell_list_backup |column -t ;; - *) check_args '2' '0' 'USER BACKUP [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-user-backup-exclusions b/bin/v-list-user-backup-exclusions index cef78a033..4ef75bf77 100755 --- a/bin/v-list-user-backup-exclusions +++ b/bin/v-list-user-backup-exclusions @@ -9,55 +9,138 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} -USER='' # Includes source $VESTA/func/main.sh -# Json function -json_list_backup_xld() { +# JSON list function +json_list() { set -f - echo '{' - fields_count=$(echo "$fields" | wc -w) i=1 - source $USER_DATA/backup-excludes.conf - for field in $fields; do - eval value=$field + echo '{' + echo ' "WEB": {' + objects=$(echo "${WEB//,/ }" |wc -w) + for object in $(echo "${WEB//,/ }"); do j=1 - echo -e "\t\"${field//$/}\": {" - for exlcude in ${value//,/ }; do - exlcude_obj=$(echo $exlcude |cut -f 1 -d:) - exclude_param=$(echo $exlcude |sed -e "s/$exlcude_obj://") - if [ "$exlcude_obj" = "$exclude_param" ]; then - exclude_param='' - fi - if [ $j -lt "$(echo ${value//,/ } |wc -w)" ]; then - echo -e "\t\t\"$exlcude_obj\": \"$exclude_param\"," + object_keys=$(echo ${object//:/ } |wc -w) + for key in $(echo "${object/:/ }"); do + if [ "$j" -eq 1 ]; then + echo -n " \"${key}\": " + if [ "$object_keys" -eq 1 ]; then + echo -n '""' + fi else - echo -e "\t\t\"$exlcude_obj\": \"$exclude_param\"" + echo -n "\"${key//:/,}\"" fi - (( ++j)) + ((j++)) done - if [ $i -lt $fields_count ]; then - echo -e "\t}," + if [ "$i" -lt "$objects" ]; then + echo ',' else - echo -e "\t}" + echo fi - (( ++i)) + ((i++)) done + echo ' },' + i=1 + echo ' "MAIL": {' + objects=$(echo "${MAIL//,/ }" |wc -w) + for object in $(echo "${MAIL//,/ }"); do + j=1 + object_keys=$(echo ${object//:/ } |wc -w) + for key in $(echo "${object/:/ }"); do + if [ "$j" -eq 1 ]; then + echo -n " \"$key\": " + if [ "$object_keys" -eq 1 ]; then + echo -n '""' + fi + else + echo -n "\"${key//:/,}\"" + fi + ((j++)) + done + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done + echo ' },' + i=1 + echo ' "DB": {' + objects=$(echo "${DB//,/ }" |wc -w) + for object in $(echo "${DB//,/ }"); do + j=1 + object_keys=$(echo ${object//:/ } |wc -w) + for key in $(echo "${object/:/ }"); do + if [ "$j" -eq 1 ]; then + echo -n " \"$key\": " + if [ "$object_keys" -eq 1 ]; then + echo -n '""' + fi + else + echo -n "\"${key//:/,}\"" + fi + ((j++)) + done + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done + echo ' },' + i=1 + echo ' "USER": {' + objects=$(echo "${USER//,/ }" |wc -w) + for object in $(echo "${USER//,/ }"); do + j=1 + object_keys=$(echo ${object//:/ } |wc -w) + for key in $(echo "${object/:/ }"); do + if [ "$j" -eq 1 ]; then + echo -n " \"$key\": " + if [ "$object_keys" -eq 1 ]; then + echo -n '""' + fi + else + echo -n "\"${key//:/,}\"" + fi + ((j++)) + done + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done + echo ' }' echo '}' + } -# Shell function -shell_list_backup_xld() { - source $USER_DATA/backup-excludes.conf - for field in $fields; do - eval value=$field - echo -e "${field//$/}: $value" - done +# SHELL list function +shell_list() { + echo "WEB: $WEB" + echo "MAIL: $MAIL" + echo "DB: $DB" + echo "USER DIRS: $USER" +} + +# PLAIN list function +plain_list() { + echo "$WEB\t$MAIL\t$DB\t$USER" +} + +# CSV list function +csv_list() { + echo "WEB,MAIL,DB,USER" + echo "\"$WEB\",\"$MAIL\",\"$DB\",\"$USER\"" } @@ -66,7 +149,7 @@ shell_list_backup_xld() { #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -74,16 +157,23 @@ is_object_valid 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Defining fileds to select -touch $USER_DATA/backup-excludes.conf -fields="\$WEB \$DNS \$MAIL \$DB \$CRON \$USER" +# Flushing variables +WEB='' +MAIL='' +DB='' +USER='' -# Listing backup exclusions +# Parsing backup exclusion list +if [ -e "$USER_DATA/backup-excludes.conf" ]; then + source $USER_DATA/backup-excludes.conf +fi + +# Listing data case $format in - json) json_list_backup_xld ;; - plain) nohead=1; shell_list_backup_xld ;; - shell) shell_list_backup_xld;; - *) check_args '1' '0' '[FORMAT]' + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-user-backups b/bin/v-list-user-backups index 80ed675be..7e7e284e3 100755 --- a/bin/v-list-user-backups +++ b/bin/v-list-user-backups @@ -2,26 +2,90 @@ # info: list user backups # options: USER [FORMAT] # -# The function for obtainig the list of available user backups. +# The function for obtaining the list of available user backups. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep BACKUP $USER_DATA/backup.conf |wc -l) + echo "{" + while read -r str; do + eval $str + echo -n ' "'$BACKUP'": { + "TYPE": "'$TYPE'", + "SIZE": "'$SIZE'", + "WEB": "'$WEB'", + "DNS": "'$DNS'", + "MAIL": "'$MAIL'", + "DB": "'$DB'", + "CRON": "'$CRON'", + "UDIR": "'$UDIR'", + "RUNTIME": "'$RUNTIME'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $USER_DATA/backup.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "BACKUP TYPE SIZE TIME DATE" + echo "------ ---- --- ---- ----" + while read str; do + eval $str + echo "$BACKUP $TYPE $SIZE $RUNTIME $DATE" + done < <(cat $USER_DATA/backup.conf) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$BACKUP\t$TYPE\t$SIZE\t$WEB\t$DNS\t$MAIL\t$CRON\t$UDIR\t" + echo -e "$RUNTIME\t$TIME\t$DATE" + done < <(cat $USER_DATA/backup.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "BACKUP,TYPE,SIZE,WEB,DNS,MAIL,CRON,UDIR,RUNTIME,TIME,DATE" + while read str; do + eval $str + echo -n "$BACKUP,$TYPE,$SIZE,\"$WEB\",\"$DNS\",\"$MAIL\",\"$CRON\"," + echo "\"$UDIR\",$RUNTIME,$TIME,$DATE" + done < <(cat $USER_DATA/backup.conf) +} + + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -35,17 +99,12 @@ if [ ! -e "$conf" ]; then touch $conf fi -# Defining fileds to select -fields="\$BACKUP \$TYPE \$SIZE \$WEB \$DNS \$DB \$MAIL \$CRON \$UDIR" -fields="$fields \$RUNTIME \$TIME \$DATE" - -# Listing domains -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$BACKUP $TYPE $SIZE $RUNTIME $TIME $DATE'; - shell_list |column -t;; - *) check_args '1' '0' '[FORMAT]' ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-user-favourites b/bin/v-list-user-favourites new file mode 100755 index 000000000..ceb2ba2c8 --- /dev/null +++ b/bin/v-list-user-favourites @@ -0,0 +1,117 @@ +#!/bin/bash +# info: list user favourites +# options: USER [FORMAT] +# +# The function for getting the list of favourite user objects + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +format=${2-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{' + echo ' "Favourites": { + "USER": "'$USER'", + "WEB": "'$WEB'", + "DNS": "'$DN'", + "DNS_REC": "'$DNS_REC'", + "MAIL": "'$MAIL'", + "MAIL_ACC": "'$MAIL_ACC'", + "DB": "'$DB'", + "CRON": "'$CRON'", + "BACKUP": "'$BACKUP'", + "IP": "'$IP'", + "PACKAGE": "'$PACKAGE'", + "FIREWALL": "'$FIREWALL'" + }' + echo '}' +} + +# SHELL list function +shell_list() { + echo "USER: $USER" + echo "WEB: $WEB" + echo "DNS: $DNS" + echo "DNS RECORD: $DNS_REC" + echo "MAIL: $MAIL" + echo "MAIL USER: $MAIL_ACC" + echo "DATABASE: $DB" + echo "CRON: $CRON" + echo "BACKUP: $BACKUP" + echo "IP: $IP" + echo "PACKAGE: $PACKAGE" + echo "FIREWALL: $FIREWALL" +} + +# PLAIN list function +plain_list() { + echo -ne "$USER\t$WEB\t$DNS\t$DNS_REC\t$MAIL\t$MAIL_ACC\t$DB\t$CRON\t" + echo -e "$BACKUP\t$IP\t$PACKAGE\t$FIREWALL" +} + +# CSV list function +csv_list() { + echo -n "USER,WEB,DNS,DNS_REC,MAIL,MAIL_ACC,DB,CRON,BACKUP,IP," + echo "PACKAGE,FIREWALL" + echo -n "\"$USER\",\"$WEB\",\"$DNS\",\"$DNS_REC\",\"$MAIL\"," + echo -n "\"$MAIL_ACC\",\"$DB\",\"$CRON\",\"$BACKUP\",\"$IP\"," + echo "\"$PACKAGE\",\"$FIREWALL\"" +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +# Checking args +check_args '1' "$#" 'USER [FORMAT]' +is_format_valid 'user' +is_object_valid 'user' 'USER' "$user" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Flushing vars +USER='' +WEB='' +DNS='' +DNS_REC='' +MAIL='' +MAIL_ACC='' +DB='' +CRON='' +BACKUP='' +IP='' +PACKAGE='' +FIREWALL='' + +# Parsing user favourites +if [ -e "$VESTA/data/users/$user/favourites.conf" ]; then + source $VESTA/data/users/$user/favourites.conf +fi + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-user-ips b/bin/v-list-user-ips index ec29f00bd..dad6f6f8c 100755 --- a/bin/v-list-user-ips +++ b/bin/v-list-user-ips @@ -2,103 +2,73 @@ # info: list user ips # options: USER [FORMAT] # -# The function for obtainig the list of available ip addresses. +# The function for obtaining the list of available ip addresses. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_user_ips() { +# JSON list function +json_list() { echo '{' - fileds_count=$(echo "$fields" | wc -w) - for IP in $(ls $VESTA/data/ips/); do + ip_count=$(echo "$ips" |wc -l) + i=1 + for IP in $ips; do source $VESTA/data/ips/$IP - if [ "$OWNER" = "$user" ]; then - if [ -n "$data" ]; then - echo -e ' },' - fi - i=1 - for field in $fields; do - eval value=$field - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - data=1 - fi - fi - done + echo -n ' "'$IP'": { + "OWNER": "'$OWNER'", + "STATUS": "'$STATUS'", + "NAME": "'$NAME'", + "NAT": "'$NAT'" + }' + if [ "$i" -lt "$ip_count" ]; then + echo ',' else - if [ "$OWNER" = 'admin' ] && [ "$STATUS" = 'shared' ]; then - if [ -n "$data" ]; then - echo -e ' },' - fi - i=1 - - for field in $fields; do - eval value=$field - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - data=1 - fi - fi - done - fi + echo fi + ((i++)) done - if [ -n "$data" ]; then - echo -e ' }' - fi - echo -e '}' - + echo '}' } -# Shell function -shell_list_user_ips() { - for IP in $(ls $VESTA/data/ips/); do +# SHELL list function +shell_list() { + echo "IP NAT OWNER STATUS NAME" + echo "-- --- ----- ------ ---" + for IP in $ips; do source $VESTA/data/ips/$IP - if [ "$OWNER" = "$user" ]; then - for field in $fields; do - eval value=$field - if [ -z "$value" ]; then - value='NULL' - fi - echo -n "$value " - done - echo - else - if [ "$OWNER" = 'admin' ] && [ "$STATUS" = 'shared' ]; then - for field in $fields; do - eval value=$field - if [ -z "$value" ]; then - value='NULL' - fi - echo -n "$value " - done - echo - fi + if [ -z "$NAT" ]; then + NAT='no' fi + if [ -z "$NAME" ]; then + NAME='no' + fi + echo "$IP $NAT $OWNER $STATUS $NAME" + done +} + +# PLAIN list function +plain_list() { + for IP in $ips; do + source $VESTA/data/ips/$IP + echo -e "$IP\t$OWNER\t$STATUS\t$NAME\t$NAT" + done +} + +# CSV list function +csv_list() { + echo "IP,OWNER,STATUS,NAME,NAT" + for IP in $ips; do + source $VESTA/data/ips/$IP + echo "$IP,$OWNER,$STATUS,$NAME,$NAT" done } @@ -108,7 +78,7 @@ shell_list_user_ips() { #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -117,14 +87,21 @@ is_object_valid 'user' 'USER' "$user" #----------------------------------------------------------# # Defining fileds to select +owner='admin' +owner_ips=$(grep -A 1 -H "OWNER='$owner'" $VESTA/data/ips/*) +owner_ips=$(echo "$owner_ips" |grep "STATUS='shared'") +owner_ips=$(echo "$owner_ips" |cut -f 7 -d / |cut -f 1 -d -) +user_ips=$(grep -H "OWNER='$user'" $VESTA/data/ips/*) +user_ips=$(echo "$user_ips" |cut -f 7 -d / |cut -f 1 -d :) +ips=$(echo -e "$user_ips\n$owner_ips" |sort -u |sed "/^$/d") fields='$IP $OWNER $STATUS $NAME $NAT' -# Listing ips +# Listing data case $format in - json) json_list_user_ips ;; - plain) nohead=1; shell_list_user_ips ;; - shell) shell_list_user_ips | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' ;; + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-user-log b/bin/v-list-user-log index c5fdcc1f7..ca317f7d6 100755 --- a/bin/v-list-user-log +++ b/bin/v-list-user-log @@ -9,55 +9,82 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh -# Json func -json_list_history() { - echo '{' - fileds_count=$(echo $fields| wc -w ) - while read line; do - IFS=$'\n' - eval $line - if [ -n "$data" ]; then - echo -e ' },' +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(echo "$logs" |wc -l) + echo "{" + for str in $logs; do + ID=$(echo "$str" |cut -f 2 -d \') + DATE=$(echo "$str" |cut -f 4 -d \') + TIME=$(echo "$str" |cut -f 6 -d \') + CMD=$(echo "$str" |cut -f 8 -d \') + CMD=${CMD//\"/\\\"} + echo -n ' "'$ID'": { + "CMD": "'$CMD'", + "UNDO": "'$UNDO'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo fi - i=1 - IFS=' ' - for field in $fields; do - eval value=\"$field\" - value=$(echo "$value" | sed -e 's/"/\\"/g' -e "s/%quote%/'/g") - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - data=1 - fi - fi - done - done < $conf - if [ -n "$data" ]; then - echo -e ' }' - fi - echo -e '}' + ((i++)) + done + echo '}' } +shell_list() { + IFS=$'\n' + echo "DATE~TIME~CMD" + echo "----~----~---" + for str in $logs; do + DATE=$(echo "$str" |cut -f 4 -d \') + TIME=$(echo "$str" |cut -f 6 -d \') + CMD=$(echo "$str" |cut -f 8 -d \') + echo "$DATE~$TIME~$CMD" + done +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + for str in $logs; do + DATE=$(echo "$str" |cut -f 4 -d \') + TIME=$(echo "$str" |cut -f 6 -d \') + CMD=$(echo "$str" |cut -f 8 -d \') + echo -e "$ID\t$CMD\t$UNDO\t$TIME\t$DATE" + done +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "ID,CMD,UNDO,TIME,DATE" + for str in $logs; do + DATE=$(echo "$str" |cut -f 4 -d \') + TIME=$(echo "$str" |cut -f 6 -d \') + CMD=$(echo "$str" |cut -f 8 -d \') + echo "$ID,\"$CMD\",\"$UNDO\",$TIME,$DATE" + done +} #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -65,19 +92,14 @@ is_object_valid 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Defining config -conf=$USER_DATA/history.log +# Parsing history log +logs=$(tail -n 300 $USER_DATA/history.log 2>/dev/null) -# Defining fileds to select -fields="\$ID \$DATE \$TIME \$CMD \$UNDO" - -# Listing domains -case $format in - json) json_list_history ;; - plain) nohead=1; shell_list ;; - shell) fields='$ID~$DATE~$TIME~$CMD'; - shell_list |column -t -s '~';; - *) check_args '1' '0' 'USER [FORMAT]' +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t -s '~';; esac diff --git a/bin/v-list-user-notifications b/bin/v-list-user-notifications new file mode 100755 index 000000000..1d9a976a6 --- /dev/null +++ b/bin/v-list-user-notifications @@ -0,0 +1,112 @@ +#!/bin/bash +# info: list user notifications +# options: USER [FORMAT] +# +# The function for getting the list notifications + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +format=${2-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep NID $USER_DATA/notifications.conf |wc -l) + echo "{" + while read str; do + eval $str + TOPIC=$(echo "$TOPIC" |sed -e "s/%quote%/'/g") + NOTICE=$(echo "$NOTICE" |sed -e "s/%quote%/'/g") + echo -n ' "'$NID'": { + "TOPIC": "'$TOPIC'", + "NOTICE": "'$NOTICE'", + "TYPE": "'$TYPE'", + "ACK": "'$ACK'", + "TPL": "'$TPL'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $USER_DATA/notifications.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + while read str; do + eval $str + echo "$TOPIC" |sed -e "s/%quote%/'/g" + echo "$NOTICE" |sed -e "s/%quote%/'/g" + echo "$DATE $TIME" + echo "--" + echo + done < <(cat $USER_DATA/notifications.conf) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + TOPIC=$(echo "$TOPIC" |sed -e "s/%quote%/'/g") + NOTICE=$(echo "$NOTICE" |sed -e "s/%quote%/'/g") + echo -e "$NID\t$TOPIC\t$NOTICE\t$TIME\t$DATE" + done < <(cat $USER_DATA/notifications.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "NID,TOPIC,NOTICE,TIME,DATE" + while read str; do + eval $str + TOPIC=$(echo "$TOPIC" |sed -e "s/%quote%/'/g") + NOTICE=$(echo "$NOTICE" |sed -e "s/%quote%/'/g") + echo "$NID,\"$TOPIC\",\"$NOTICE\",$TIME,$DATE" + done < <(cat $USER_DATA/notifications.conf) +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +# Checking args +check_args '1' "$#" 'USER [FORMAT]' +is_format_valid 'user' +is_object_valid 'user' 'USER' "$user" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-user-ns b/bin/v-list-user-ns index 1da0fe5f1..7754285d6 100755 --- a/bin/v-list-user-ns +++ b/bin/v-list-user-ns @@ -2,44 +2,55 @@ # info: list user nameservers # options: USER [FORMAT] # -# Function for obtainig the list of user's DNS servers. +# Function for obtaining the list of user's DNS servers. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_ns() { - ns=$(grep "^NS='" $USER_DATA/user.conf |cut -f 2 -d \') - echo '[' +# JSON list function +json_list() { i=1 - nslistc=$(echo -e "${ns//,/\\n}"|wc -l) + objects=$(echo -e "${ns//,/\\n}" |wc -l) + echo '[' for nameserver in ${ns//,/ };do - if [ "$i" -ne "$nslistc" ]; then + if [ "$i" -ne "$objects" ]; then echo -e "\t\"$nameserver\"," else echo -e "\t\"$nameserver\"" fi (( ++i)) done - echo "]" + echo ']' } -# Shell function -shell_list_ns() { - ns=$(grep "^NS='" $USER_DATA/user.conf |cut -f 2 -d \') - if [ -z "$nohead" ]; then - echo "NAMESERVER" - echo "----------" - fi +# SHELL list function +shell_list() { + echo "NS" + echo "--" + for nameserver in ${ns//,/ };do + echo "$nameserver" + done +} + +# PLAIN list function +plain_list() { + for nameserver in ${ns//,/ };do + echo "$nameserver" + done +} + +# CSV list function +csv_list() { + echo "NAMESERVER" for nameserver in ${ns//,/ };do echo "$nameserver" done @@ -51,7 +62,7 @@ shell_list_ns() { #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -59,12 +70,15 @@ is_object_valid 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Listing nameservers -case $format in - json) json_list_ns ;; - plain) nohead=1; shell_list_ns ;; - shell) shell_list_ns ;; - *) check_args '1' '0' 'USER [FORMAT]' +# Parsing name servers +ns=$(grep "^NS='" $USER_DATA/user.conf |cut -f 2 -d \') + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-user-package b/bin/v-list-user-package index df26482a0..74ce4b145 100755 --- a/bin/v-list-user-package +++ b/bin/v-list-user-package @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition package=$1 PACKAGE=$package format=${2-shell} @@ -17,43 +17,75 @@ format=${2-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_package() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - pkg_data=$(cat $VESTA/data/packages/$PACKAGE.pkg) +# JSON list function +json_list() { echo '{' - eval $pkg_data - for field in $fields; do - eval value=$field - if [ $i -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ $fileds_count -eq $i ]; then - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e ' }' - fi - echo -e '}' + echo ' "'$PACKAGE'": { + "WEB_TEMPLATE": "'$WEB_TEMPLATE'", + "BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'", + "PROXY_TEMPLATE": "'$PROXY_TEMPLATE'", + "DNS_TEMPLATE": "'$DNS_TEMPLATE'", + "WEB_DOMAINS": "'$WEB_DOMAINS'", + "WEB_ALIASES": "'$WEB_ALIASES'", + "DNS_DOMAINS": "'$DNS_DOMAINS'", + "DNS_RECORDS": "'$DNS_RECORDS'", + "MAIL_DOMAINS": "'$MAIL_DOMAINS'", + "MAIL_ACCOUNTS": "'$MAIL_ACCOUNTS'", + "DATABASES": "'$DATABASES'", + "CRON_JOBS": "'$CRON_JOBS'", + "DISK_QUOTA": "'$DISK_QUOTA'", + "BANDWIDTH": "'$BANDWIDTH'", + "NS": "'$NS'", + "SHELL": "'$SHELL'", + "BACKUPS": "'$BACKUPS'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell function -shell_list_package() { - line=$(cat $VESTA/data/packages/$PACKAGE.pkg) - eval $line - for field in $fields; do - eval key="$field" - if [ -z "$key" ]; then - key='NULL' - fi - echo "${field//$/}: $key " - done +# SHELL list function +shell_list() { + echo "PACKAGE: $PACKAGE" + echo "WEB TEMPLATE: $WEB_TEMPLATE" + echo "BACKEND_TEMPLATE: $BACKEND_TEMPLATE" + echo "PROXY TEMPLATE: $PROXY_TEMPLATE" + echo "DNS TEMPLATE: $DNS_TEMPLATE" + echo "WEB DOMAINS: $WEB_DOMAINS" + echo "WEB ALIASES: $WEB_ALIASES" + echo "DNS DOMAINS: $DNS_DOMAINS" + echo "DNS RECORDS: $DNS_RECORDS" + echo "MAIL DOMAINS: $MAIL_DOMAINS" + echo "MAIL ACCOUNTS: $MAIL_ACCOUNTS" + echo "DATABASES: $DATABASES" + echo "CRON JOBS: $CRON_JOBS" + echo "DISK QUOTA: $DISK_QUOTA" + echo "BANDWIDTH: $BANDWIDTH" + echo "NS: $NS" + echo "SHELL: $SHELL" + echo "BACKUPS: $BACKUPS" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t" + echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t" + echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t" + echo -e "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$SHELL\t$BACKUPS\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo -n "PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE," + echo -n "WEB_DOMAINS,WEB_ALIASES,DNS_DOMAINS,DNS_RECORDS," + echo -n "MAIL_DOMAINS,MAIL_ACCOUNTS,DATABASES,CRON_JOBS," + echo "DISK_QUOTA,BANDWIDTH,NS,SHELL,BACKUPS,TIME,DATE" + echo -n "$PACKAGE,$WEB_TEMPLATE,$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE," + echo -n "$WEB_DOMAINS,$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS," + echo -n "$MAIL_DOMAINS,$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS," + echo "$DISK_QUOTA,$BANDWIDTH,\"$NS\",$SHELL,$BACKUPS,$TIME,$DATE" } @@ -63,7 +95,7 @@ shell_list_package() { # Checking args check_args '1' "$#" 'PACKAGE [FORMAT]' -validate_format 'package' +is_format_valid 'package' is_package_valid @@ -71,18 +103,15 @@ is_package_valid # Action # #----------------------------------------------------------# -# Defining fileds to select -fields='$PACKAGE $WEB_TEMPLATE $PROXY_TEMPLATE $DNS_TEMPLATE $WEB_DOMAINS - $WEB_ALIASES $DNS_DOMAINS $DNS_RECORDS $MAIL_DOMAINS $MAIL_ACCOUNTS - $DATABASES $CRON_JOBS $DISK_QUOTA $BANDWIDTH $NS $SHELL $BACKUPS $TIME - $DATE' +# Parsing package +source $VESTA/data/packages/$PACKAGE.pkg -# Listing ip -case $format in - json) json_list_package ;; - plain) shell_list_package ;; - shell) shell_list_package | column -t ;; - *) check_args '1' '0' 'IP [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-user-packages b/bin/v-list-user-packages index 17f7a1c34..6808022cd 100755 --- a/bin/v-list-user-packages +++ b/bin/v-list-user-packages @@ -9,59 +9,92 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_pkgs() { - echo '{' - fileds_count=$(echo "$fields" | wc -w) - for package in $(ls -t $VESTA/data/packages); do + +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(echo "$packages" |wc -l) + echo "{" + for package in $packages; do PACKAGE=${package/.pkg/} - pkg_data=$(cat $VESTA/data/packages/$package) - eval $pkg_data - if [ -n "$data" ]; then - echo -e ' },' + source $VESTA/data/packages/$package + echo -n ' "'$PACKAGE'": { + "WEB_TEMPLATE": "'$WEB_TEMPLATE'", + "BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'", + "PROXY_TEMPLATE": "'$PROXY_TEMPLATE'", + "DNS_TEMPLATE": "'$DNS_TEMPLATE'", + "WEB_DOMAINS": "'$WEB_DOMAINS'", + "WEB_ALIASES": "'$WEB_ALIASES'", + "DNS_DOMAINS": "'$DNS_DOMAINS'", + "DNS_RECORDS": "'$DNS_RECORDS'", + "MAIL_DOMAINS": "'$MAIL_DOMAINS'", + "MAIL_ACCOUNTS": "'$MAIL_ACCOUNTS'", + "DATABASES": "'$DATABASES'", + "CRON_JOBS": "'$CRON_JOBS'", + "DISK_QUOTA": "'$DISK_QUOTA'", + "BANDWIDTH": "'$BANDWIDTH'", + "NS": "'$NS'", + "SHELL": "'$SHELL'", + "BACKUPS": "'$BACKUPS'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo fi - i=1 - for field in $fields; do - eval value=$field - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"," - else - echo -e "\t\t\"${field//$/}\": \"${value//,/, }\"" - data=1 - fi - fi - done + ((i++)) done - if [ -n "$data" ]; then - echo -e ' }' - fi - echo -e '}' + echo '}' } -# Shell fnction -shell_list_pkgs() { - for package in $(ls -t $VESTA/data/packages); do +# SHELL list function +shell_list() { + echo "PKG TPL WEB DNS MAIL DB SHELL DISK BW" + echo "--- --- --- --- ---- -- ----- ---- --" + for package in $packages; do + source $VESTA/data/packages/$package PACKAGE=${package/.pkg/} - pkg_descr=$(cat $VESTA/data/packages/$package) - eval $pkg_descr - if [ -z "$nohead" ]; then - echo '----------' - fi - for field in $fields; do - eval value=$field - echo -e "${field//$/}: $value" - done + package_data=$(cat $VESTA/data/packages/$package) + package_data=$(echo "$package_data" |sed -e 's/unlimited/unlim/g') + eval $package_data + echo -n "$PACKAGE $WEB_TEMPLATE $BACKEND_TEMPLATE $WEB_DOMAINS $DNS_DOMAINS " + echo "$MAIL_DOMAINS $DATABASES $SHELL $DISK_QUOTA $BANDWIDTH" + done +} + +# PLAIN list function +plain_list() { + for package in $packages; do + source $VESTA/data/packages/$package + PACKAGE=${package/.pkg/} + echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t" + echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t" + echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t" + echo -e "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$SHELL\t$BACKUPS\t$TIME\t$DATE" + done +} + +# CSV list function +csv_list() { + echo -n "PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE," + echo -n "WEB_DOMAINS,WEB_ALIASES,DNS_DOMAINS,DNS_RECORDS," + echo -n "MAIL_DOMAINS,MAIL_ACCOUNTS,DATABASES,CRON_JOBS," + echo "DISK_QUOTA,BANDWIDTH,NS,SHELL,BACKUPS,TIME,DATE" + for package in $packages; do + PACKAGE=${package/.pkg/} + echo -n "$PACKAGE,$WEB_TEMPLATE,$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE," + echo -n "$WEB_DOMAINS,$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS," + echo -n "$MAIL_DOMAINS,$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS," + echo "$DISK_QUOTA,$BANDWIDTH,\"$NS\",$SHELL,$BACKUPS,$TIME,$DATE" done } @@ -70,18 +103,15 @@ shell_list_pkgs() { # Action # #----------------------------------------------------------# -# Defining fields -fields='$PACKAGE $WEB_TEMPLATE $PROXY_TEMPLATE $DNS_TEMPLATE $WEB_DOMAINS - $WEB_ALIASES $DNS_DOMAINS $DNS_RECORDS $MAIL_DOMAINS $MAIL_ACCOUNTS - $DATABASES $CRON_JOBS $DISK_QUOTA $BANDWIDTH $NS $SHELL $BACKUPS $TIME - $DATE' +# Parsing packages +packages=$(ls --sort=time $VESTA/data/packages |grep .pkg) -# Listing domains +# Listing data case $format in - json) json_list_pkgs ;; - plain) nohead=1; shell_list_pkgs ;; - shell) shell_list_pkgs | column -t ;; - *) check_args '1' '0' '[FORMAT]' + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-user-stats b/bin/v-list-user-stats index 8126fa2ea..0fa7dc900 100755 --- a/bin/v-list-user-stats +++ b/bin/v-list-user-stats @@ -1,6 +1,6 @@ #!/bin/bash # info: list user stats -# options: USER [FORMAT] +# options: [FORMAT] # # The function for listing user statistics @@ -9,20 +9,113 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep DATE $USER_DATA/stats.log |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$DATE'": { + "TIME": "'$TIME'", + "PACKAGE": "'$PACKAGE'", + "IP_OWNED": "'$IP_OWNED'", + "DISK_QUOTA": "'$DISK_QUOTA'", + "U_DISK": "'$U_DISK'", + "U_DISK_DIRS": "'$U_DISK_DIRS'", + "U_DISK_WEB": "'$U_DISK_WEB'", + "U_DISK_MAIL": "'$U_DISK_MAIL'", + "U_DISK_DB": "'$U_DISK_DB'", + "BANDWIDTH": "'$BANDWIDTH'", + "U_BANDWIDTH": "'$U_BANDWIDTH'", + "U_WEB_DOMAINS": "'$U_WEB_DOMAINS'", + "U_WEB_SSL": "'$U_WEB_SSL'", + "U_WEB_ALIASES": "'$U_WEB_ALIASES'", + "U_DNS_DOMAINS": "'$U_DNS_DOMAINS'", + "U_DNS_RECORDS": "'$U_DNS_RECORDS'", + "U_MAIL_DOMAINS": "'$U_MAIL_DOMAINS'", + "U_MAIL_DKIM": "'$U_MAIL_DKIM'", + "U_MAIL_ACCOUNTS": "'$U_MAIL_ACCOUNTS'", + "U_DATABASES": "'$U_DATABASES'", + "U_CRON_JOBS": "'$U_CRON_JOBS'", + "U_BACKUPS": "'$U_BACKUPS'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $USER_DATA/stats.log) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "DATE WEB DNS MAIL DB BACKUPS IP DISK BW" + echo "---- --- --- ---- -- ------- -- ---- --" + while read str; do + eval $str + if [ -z "$U_USERS" ]; then + U_USERS=1 + fi + echo -n "$DATE $U_WEB_DOMAINS $U_DNS_DOMAINS " + echo -n "$U_MAIL_DOMAINS $U_DATABASES $U_BACKUPS $IP_OWNED " + echo "$U_DISK $U_BANDWIDTH" + done < <(cat $USER_DATA/stats.log) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$DATE\t$TIME\t$PACKAGE\t$IP_OWNED\t$DISK_QUOTA\t$U_DISK\t" + echo -ne "$U_DISK_DIRS\t$U_DISK_WEB\t$U_DISK_MAIL\t$U_DISK_DB\t" + echo -ne "$BANDWIDTH\t$U_BANDWIDTH\t$U_WEB_DOMAINS\t$U_WEB_SSL\t" + echo -ne "$U_WEB_ALIASES\t$U_DNS_DOMAINS\t$U_DNS_RECORDS\t" + echo -ne "$U_MAIL_DOMAINS\t$U_MAIL_DKIM\t$U_MAIL_ACCOUNTS\t" + echo -e "$U_DATABASES\t$U_CRON_JOBS\t$U_BACKUPS" + done < <(cat $USER_DATA/stats.log) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo -n "DATE,TIME,PACKAGE,IP_OWNED,DISK_QUOTA,U_DISK," + echo -n "U_DISK_DIRS,U_DISK_WEB,U_DISK_MAIL,U_DISK_DB," + echo -n "BANDWIDTH,U_BANDWIDTH,U_WEB_DOMAINS,U_WEB_SSL," + echo -n "U_WEB_ALIASES,U_DNS_DOMAINS,U_DNS_RECORDS," + echo -n "U_MAIL_DOMAINS,U_MAIL_DKIM,U_MAIL_ACCOUNTS," + echo "U_DATABASES,U_CRON_JOBS,U_BACKUPS" + + while read str; do + eval $str + echo -n "$DATE,$TIME,$PACKAGE,$IP_OWNED,$DISK_QUOTA,$U_DISK," + echo -n "$U_DISK_DIRS,$U_DISK_WEB,$U_DISK_MAIL,$U_DISK_DB," + echo -n "$BANDWIDTH,$U_BANDWIDTH,$U_WEB_DOMAINS,$U_WEB_SSL," + echo -n "$U_WEB_ALIASES,$U_DNS_DOMAINS,$U_DNS_RECORDS," + echo -n "$U_MAIL_DOMAINS,$U_MAIL_DKIM,$U_MAIL_ACCOUNTS," + echo "$U_DATABASES,$U_CRON_JOBS,$U_BACKUPS" + done < <(cat $USER_DATA/stats.log) +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -36,21 +129,12 @@ if [ ! -e "$conf" ]; then touch $conf fi -# Defining fileds to select -fields="\$DATE \$TIME \$PACKAGE \$IP_OWNED \$DISK_QUOTA \$U_DISK \$U_DISK_DIRS" -fields="$fields \$U_DISK_WEB \$U_DISK_MAIL \$U_DISK_DB \$BANDWIDTH" -fields="$fields \$U_BANDWIDTH \$U_WEB_DOMAINS \$U_WEB_SSL \$U_WEB_ALIASES" -fields="$fields \$U_DNS_DOMAINS \$U_DNS_RECORDS \$U_MAIL_DOMAINS \$U_MAIL_DKIM" -fields="$fields \$U_MAIL_ACCOUNTS \$U_DATABASES \$U_CRON_JOBS \$U_BACKUPS" - -# Listing domains -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$DATE $PACKAGE $U_DISK $U_BANDWIDTH $U_WEB_DOMAINS'; - fields="$fields \$U_DATABASES" - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-users b/bin/v-list-users index a6a6e6451..32a947366 100755 --- a/bin/v-list-users +++ b/bin/v-list-users @@ -1,70 +1,170 @@ #!/bin/bash -# info: list system users +# info: list users # options: [FORMAT] # -# The function for obtainig the list of all server's users. +# The function to obtain the list of all system users. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} -# Json function -json_list_users() { +# JSON list function +json_list() { echo '{' - fileds_count=$(echo "$fields" | wc -w) - for USER in $(grep @ /etc/passwd|cut -f 1 -d :); do - source $VESTA/data/users/$USER/user.conf - if [ -n "$data" ]; then - echo -e ' },' + i=1 + while read USER; do + if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then + continue; fi - i=1 - for field in $fields; do - eval value=$field - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"$value\"," - else - echo -e "\t\t\"${field//$/}\": \"$value\"" - data=1 - fi - fi - done - done - if [ -n "$data" ]; then - echo -e ' }' - fi - echo -e '}' + if [ $i -gt 1 ]; then + echo "," + fi + source $VESTA/data/users/$USER/user.conf + echo -n ' "'$USER'": { + "FNAME": "'$FNAME'", + "LNAME": "'$LNAME'", + "PACKAGE": "'$PACKAGE'", + "WEB_TEMPLATE": "'$WEB_TEMPLATE'", + "BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'", + "PROXY_TEMPLATE": "'$PROXY_TEMPLATE'", + "DNS_TEMPLATE": "'$DNS_TEMPLATE'", + "WEB_DOMAINS": "'$WEB_DOMAINS'", + "WEB_ALIASES": "'$WEB_ALIASES'", + "DNS_DOMAINS": "'$DNS_DOMAINS'", + "DNS_RECORDS": "'$DNS_RECORDS'", + "MAIL_DOMAINS": "'$MAIL_DOMAINS'", + "MAIL_ACCOUNTS": "'$MAIL_ACCOUNTS'", + "DATABASES": "'$DATABASES'", + "CRON_JOBS": "'$CRON_JOBS'", + "DISK_QUOTA": "'$DISK_QUOTA'", + "BANDWIDTH": "'$BANDWIDTH'", + "NS": "'$NS'", + "SHELL": "'$SHELL'", + "BACKUPS": "'$BACKUPS'", + "CONTACT": "'$CONTACT'", + "CRON_REPORTS": "'$CRON_REPORTS'", + "RKEY": "'$RKEY'", + "SUSPENDED": "'$SUSPENDED'", + "SUSPENDED_USERS": "'$SUSPENDED_USERS'", + "SUSPENDED_WEB": "'$SUSPENDED_WEB'", + "SUSPENDED_DNS": "'$SUSPENDED_DNS'", + "SUSPENDED_MAIL": "'$SUSPENDED_MAIL'", + "SUSPENDED_DB": "'$SUSPENDED_DB'", + "SUSPENDED_CRON": "'$SUSPENDED_CRON'", + "IP_AVAIL": "'$IP_AVAIL'", + "IP_OWNED": "'$IP_OWNED'", + "U_USERS": "'$U_USERS'", + "U_DISK": "'$U_DISK'", + "U_DISK_DIRS": "'$U_DISK_DIRS'", + "U_DISK_WEB": "'$U_DISK_WEB'", + "U_DISK_MAIL": "'$U_DISK_MAIL'", + "U_DISK_DB": "'$U_DISK_DB'", + "U_BANDWIDTH": "'$U_BANDWIDTH'", + "U_WEB_DOMAINS": "'$U_WEB_DOMAINS'", + "U_WEB_SSL": "'$U_WEB_SSL'", + "U_WEB_ALIASES": "'$U_WEB_ALIASES'", + "U_DNS_DOMAINS": "'$U_DNS_DOMAINS'", + "U_DNS_RECORDS": "'$U_DNS_RECORDS'", + "U_MAIL_DOMAINS": "'$U_MAIL_DOMAINS'", + "U_MAIL_DKIM": "'$U_MAIL_DKIM'", + "U_MAIL_ACCOUNTS": "'$U_MAIL_ACCOUNTS'", + "U_DATABASES": "'$U_DATABASES'", + "U_CRON_JOBS": "'$U_CRON_JOBS'", + "U_BACKUPS": "'$U_BACKUPS'", + "LANGUAGE": "'$LANGUAGE'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + ((i++)) + done < <(grep '@' /etc/passwd |cut -f1 -d:) + echo '}' } -# Shell function -shell_list_users() { - if [ -z "$nohead" ]; then - echo "${fields//$/}" - for a in $fields; do - echo -e "--------- \c" - done - echo - fi - - for USER in $(grep @ /etc/passwd|cut -f 1 -d :); do +# SHELL list function +shell_list() { + echo "USER PKG WEB DNS MAIL DB DISK BW SPND DATE" + echo "---- --- --- --- --- -- ---- -- ---- ----" + while read USER; do + if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then + continue; + fi source $VESTA/data/users/$USER/user.conf - for field in $fields; do - eval value=$field - if [ -z "$value" ]; then - value='NULL' - fi - echo -n "$value " - done - echo - done + echo -n "$USER $PACKAGE $U_WEB_DOMAINS $U_DNS_DOMAINS $U_MAIL_DOMAINS" + echo " $U_DATABASES $U_DISK $U_BANDWIDTH $SUSPENDED $DATE" + done < <(grep '@' /etc/passwd |cut -f1 -d:) +} + +# PLAIN list function +plain_list() { + while read USER; do + if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then + continue; + fi + source $VESTA/data/users/$USER/user.conf + echo -ne "$USER\t$FNAME\t$LNAME\t$PACKAGE\t$WEB_TEMPLATE\t" + echo -ne "$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t" + echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t" + echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t" + echo -ne "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$SHELL\t$BACKUPS\t" + echo -ne "$CONTACT\t$CRON_REPORTS\t$RKEY\t$SUSPENDED\t" + echo -ne "$SUSPENDED_USERS\t$SUSPENDED_WEB\t$SUSPENDED_DNS\t" + echo -ne "$SUSPENDED_MAIL\t$SUSPENDED_DB\t$SUSPENDED_CRON\t" + echo -ne "$IP_AVAIL\t$IP_OWNED\t$U_USERS\t$U_DISK\t$U_DISK_DIRS\t" + echo -ne "$U_DISK_WEB\t$U_DISK_MAIL\t$U_DISK_DB\t$U_BANDWIDTH\t" + echo -ne "$U_WEB_DOMAINS\t$U_WEB_SSL\t$U_WEB_ALIASES\t" + echo -ne "$U_DNS_DOMAINS\t$U_DNS_RECORDS\t$U_MAIL_DOMAINS\t" + echo -ne "$U_MAIL_DKIM\t$U_MAIL_ACCOUNTS\t$U_DATABASES\t" + echo -e "$U_CRON_JOBS\t$U_BACKUPS\t$LANGUAGE\t$TIME\t$DATE\t" + done < <(grep '@' /etc/passwd |cut -f1 -d:) +} + +# CSV list function +csv_list() { + echo -n "USER,FNAME,LNAME,PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE," + echo -n "PROXY_TEMPLATE,DNS_TEMPLATE,WEB_DOMAINS,WEB_ALIASES," + echo -n "DNS_DOMAINS,DNS_RECORDS,MAIL_DOMAINS,MAIL_ACCOUNTS," + echo -n "DATABASES,CRON_JOBS,DISK_QUOTA,BANDWIDTH,NS,HOME,SHELL," + echo -n "BACKUPS,CONTACT,CRON_REPORTS,RKEY,SUSPENDED,SUSPENDED_USERS," + echo -n "SUSPENDED_WEB,SUSPENDED_DNS,SUSPENDED_MAIL,SUSPENDED_DB," + echo -n "SUSPENDED_CRON,IP_AVAIL,IP_OWNED,U_USERS,U_DISK,U_DISK_DIRS," + echo -n "U_DISK_WEB,U_DISK_MAIL,U_DISK_DB,U_BANDWIDTH,U_WEB_DOMAINS," + echo -n "U_WEB_SSL,U_WEB_ALIASES,U_DNS_DOMAINS,U_DNS_RECORDS," + echo -n "U_MAIL_DOMAINS,U_MAIL_DKIM,U_MAIL_ACCOUNTS,U_DATABASES" + echo "U_CRON_JOBS,U_BACKUPS,LANGUAGE,TIME,DATE" + while read USER; do + if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then + continue; + fi + source $VESTA/data/users/$USER/user.conf + echo -n "$USER,\"$FNAME\",\"$LNAME\",$PACKAGE,$WEB_TEMPLATE," + echo -n "$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE," + echo -n "$WEB_DOMAINS,$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS," + echo -n "$MAIL_DOMAINS,$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS," + echo -n "$DISK_QUOTA,$BANDWIDTH,\"$NS\",$HOME,$SHELL,$BACKUPS," + echo -n "$CONTACT,$CRON_REPORTS,\"$RKEY\",$SUSPENDED," + echo -n "$SUSPENDED_USERS,$SUSPENDED_WEB,$SUSPENDED_DNS," + echo -n "$SUSPENDED_MAIL,$SUSPENDED_DB,$SUSPENDED_CRON,$IP_AVAIL," + echo -n "$IP_OWNED,$U_USERS,$U_DISK,$U_DISK_DIRS,$U_DISK_WEB," + echo -n "$U_DISK_MAIL,$U_DISK_DB,$U_BANDWIDTH,$U_WEB_DOMAINS," + echo -n "$U_WEB_SSL,$U_WEB_ALIASES,$U_DNS_DOMAINS,$U_DNS_RECORDS," + echo -n "$U_MAIL_DOMAINS,$U_MAIL_DKIM,$U_MAIL_ACCOUNTS,$U_DATABASES," + echo "$U_CRON_JOBS,$U_BACKUPS,$LANGUAGE,$TIME,$DATE" + done < <(grep '@' /etc/passwd |cut -f1 -d:) +} + +# Raw list function +raw_list() { + while read USER; do + if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then + continue; + fi + echo $VESTA/data/users/$USER/user.conf + cat $VESTA/data/users/$USER/user.conf + done < <(grep '@' /etc/passwd |cut -f1 -d:) } @@ -72,27 +172,12 @@ shell_list_users() { # Action # #----------------------------------------------------------# -# Defining fileds to select -fields="\$USER \$FNAME \$LNAME \$PACKAGE \$WEB_TEMPLATE \$PROXY_TEMPLATE" -fields="$fields \$DNS_TEMPLATE \$WEB_DOMAINS \$WEB_ALIASES \$DNS_DOMAINS" -fields="$fields \$DNS_RECORDS \$MAIL_DOMAINS \$MAIL_ACCOUNTS \$DATABASES" -fields="$fields \$CRON_JOBS \$DISK_QUOTA \$BANDWIDTH \$NS \$SHELL \$BACKUPS" -fields="$fields \$CONTACT \$CRON_REPORTS \$RKEY \$SUSPENDED \$SUSPENDED_USERS" -fields="$fields \$SUSPENDED_WEB \$SUSPENDED_DNS \$SUSPENDED_MAIL" -fields="$fields \$SUSPENDED_DB \$SUSPENDED_CRON \$IP_AVAIL \$IP_OWNED" -fields="$fields \$U_USERS \$U_DISK \$U_DISK_DIRS \$U_DISK_WEB \$U_DISK_MAIL" -fields="$fields \$U_DISK_DB \$U_BANDWIDTH \$U_WEB_DOMAINS \$U_WEB_SSL" -fields="$fields \$U_WEB_ALIASES \$U_DNS_DOMAINS \$U_DNS_RECORDS" -fields="$fields \$U_MAIL_DOMAINS \$U_MAIL_DKIM \$U_MAIL_ACCOUNTS" -fields="$fields \$U_DATABASES \$U_CRON_JOBS \$U_BACKUPS \$LANGUAGE" -fields="$fields \$TIME \$DATE" - -# Listing domains -case $format in - json) json_list_users ;; - plain) nohead=1; shell_list_users ;; - shell) fields='$USER $PACKAGE $U_DISK $U_BANDWIDTH $SUSPENDED $DATE'; - shell_list_users | column -t ;; +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-users-stats b/bin/v-list-users-stats index 5416da7b8..2a267964c 100755 --- a/bin/v-list-users-stats +++ b/bin/v-list-users-stats @@ -9,12 +9,106 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep DATE $VESTA/data/users/admin/overall_stats.log |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$DATE'": { + "TIME": "'$TIME'", + "PACKAGE": "'$PACKAGE'", + "IP_OWNED": "'$IP_OWNED'", + "DISK_QUOTA": "'$DISK_QUOTA'", + "U_DISK": "'$U_DISK'", + "U_DISK_DIRS": "'$U_DISK_DIRS'", + "U_DISK_WEB": "'$U_DISK_WEB'", + "U_DISK_MAIL": "'$U_DISK_MAIL'", + "U_DISK_DB": "'$U_DISK_DB'", + "BANDWIDTH": "'$BANDWIDTH'", + "U_BANDWIDTH": "'$U_BANDWIDTH'", + "U_WEB_DOMAINS": "'$U_WEB_DOMAINS'", + "U_WEB_SSL": "'$U_WEB_SSL'", + "U_WEB_ALIASES": "'$U_WEB_ALIASES'", + "U_DNS_DOMAINS": "'$U_DNS_DOMAINS'", + "U_DNS_RECORDS": "'$U_DNS_RECORDS'", + "U_MAIL_DOMAINS": "'$U_MAIL_DOMAINS'", + "U_MAIL_DKIM": "'$U_MAIL_DKIM'", + "U_MAIL_ACCOUNTS": "'$U_MAIL_ACCOUNTS'", + "U_DATABASES": "'$U_DATABASES'", + "U_CRON_JOBS": "'$U_CRON_JOBS'", + "U_BACKUPS": "'$U_BACKUPS'", + "U_USERS": "'$U_USERS'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $VESTA/data/users/admin/overall_stats.log) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "DATE USER WEB DNS MAIL DB BACKUPS IP DISK BW" + echo "---- ---- --- --- ---- -- ------- -- ---- --" + while read str; do + eval $str + if [ -z "$U_USERS" ]; then + U_USERS=1 + fi + echo -n "$DATE $U_USERS $U_WEB_DOMAINS $U_DNS_DOMAINS " + echo -n "$U_MAIL_DOMAINS $U_DATABASES $U_BACKUPS $IP_OWNED " + echo "$U_DISK $U_BANDWIDTH" + done < <(cat $VESTA/data/users/admin/overall_stats.log) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$DATE\t$TIME\t$PACKAGE\t$IP_OWNED\t$DISK_QUOTA\t$U_DISK\t" + echo -ne "$U_DISK_DIRS\t$U_DISK_WEB\t$U_DISK_MAIL\t$U_DISK_DB\t" + echo -ne "$BANDWIDTH\t$U_BANDWIDTH\t$U_WEB_DOMAINS\t$U_WEB_SSL\t" + echo -ne "$U_WEB_ALIASES\t$U_DNS_DOMAINS\t$U_DNS_RECORDS\t" + echo -ne "$U_MAIL_DOMAINS\t$U_MAIL_DKIM\t$U_MAIL_ACCOUNTS\t" + echo -e "$U_DATABASES\t$U_CRON_JOBS\t$U_BACKUPS\t$U_USERS" + done < <(cat $VESTA/data/users/admin/overall_stats.log) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo -n "DATE,TIME,PACKAGE,IP_OWNED,DISK_QUOTA,U_DISK," + echo -n "U_DISK_DIRS,U_DISK_WEB,U_DISK_MAIL,U_DISK_DB," + echo -n "BANDWIDTH,U_BANDWIDTH,U_WEB_DOMAINS,U_WEB_SSL," + echo -n "U_WEB_ALIASES,U_DNS_DOMAINS,U_DNS_RECORDS," + echo -n "U_MAIL_DOMAINS,U_MAIL_DKIM,U_MAIL_ACCOUNTS," + echo "U_DATABASES,U_CRON_JOBS,U_BACKUPS,U_USERS" + + while read str; do + eval $str + echo -n "$DATE,$TIME,$PACKAGE,$IP_OWNED,$DISK_QUOTA,$U_DISK," + echo -n "$U_DISK_DIRS,$U_DISK_WEB,$U_DISK_MAIL,$U_DISK_DB," + echo -n "$BANDWIDTH,$U_BANDWIDTH,$U_WEB_DOMAINS,$U_WEB_SSL," + echo -n "$U_WEB_ALIASES,$U_DNS_DOMAINS,$U_DNS_RECORDS," + echo -n "$U_MAIL_DOMAINS,$U_MAIL_DKIM,$U_MAIL_ACCOUNTS," + echo "$U_DATABASES,$U_CRON_JOBS,$U_BACKUPS,$U_USERS" + done < <(cat $VESTA/data/users/admin/overall_stats.log) +} + #----------------------------------------------------------# # Verifications # @@ -33,21 +127,12 @@ if [ ! -e "$conf" ]; then touch $conf fi -# Defining fileds to select -fields="\$DATE \$TIME \$PACKAGE \$IP_OWNED \$DISK_QUOTA \$U_DISK \$U_DISK_DIRS" -fields="$fields \$U_DISK_WEB \$U_DISK_MAIL \$U_DISK_DB \$BANDWIDTH" -fields="$fields \$U_BANDWIDTH \$U_WEB_DOMAINS \$U_WEB_SSL \$U_WEB_ALIASES" -fields="$fields \$U_DNS_DOMAINS \$U_DNS_RECORDS \$U_MAIL_DOMAINS \$U_MAIL_DKIM" -fields="$fields \$U_MAIL_ACCOUNTS \$U_DATABASES \$U_CRON_JOBS \$U_BACKUPS" - -# Listing domains -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$DATE $U_DISK $U_BANDWIDTH $U_WEB_DOMAINS $U_DATABASES'; - fields="$fields \$U_DATABASES" - shell_list | column -t ;; - *) check_args '1' '0' '[FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-web-domain b/bin/v-list-web-domain index 8a1c794de..7e33a4ab0 100755 --- a/bin/v-list-web-domain +++ b/bin/v-list-web-domain @@ -1,16 +1,15 @@ #!/bin/bash -# info: list web domain +# info: list web domain parameters # options: USER DOMAIN [FORMAT] # -# The function of obtaining the list of domain parameters. This call, just as -# all v_list_* calls, supports 3 formats - json, shell and plain. +# The function to obtain web domain parameters. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 format=${3-shell} @@ -18,43 +17,91 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_domain() { - i=1 - fileds_count=$(echo "$fields" | wc -w) - line=$(grep "DOMAIN='$domain'" $conf) +# JSON list function +json_list() { echo '{' - eval $line - for field in $fields; do - eval value=$field - if [ "$i" -eq 1 ]; then - echo -e "\t\"$value\": {" - else - if [ "$fileds_count" -eq "$i" ]; then - echo -e "\t\t\"${field//$/}\": \"$value\"" - else - echo -e "\t\t\"${field//$/}\": \"$value\"," - fi - fi - (( ++i)) - done - if [ -n "$value" ]; then - echo -e ' }' - fi - echo -e "}" + echo ' "'$DOMAIN'": { + "IP": "'$IP'", + "IP6": "'$IP6'", + "U_DISK": "'$U_DISK'", + "U_BANDWIDTH": "'$U_BANDWIDTH'", + "TPL": "'$TPL'", + "ALIAS": "'$ALIAS'", + "STATS": "'$STATS'", + "STATS_USER": "'$STATS_USER'", + "SSL": "'$SSL'", + "SSL_HOME": "'$SSL_HOME'", + "LETSENCRYPT": "'$LETSENCRYPT'", + "FTP_USER": "'$FTP_USER'", + "FTP_PATH": "'$FTP_PATH'", + "AUTH_USER": "'$AUTH_USER'", + "BACKEND": "'$BACKEND'", + "PROXY": "'$PROXY'", + "PROXY_EXT": "'$PROXY_EXT'", + "DOCUMENT_ROOT": "'$HOMEDIR/$user/web/$domain/public_html'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + echo '}' } -# Shell function -shell_list_domain() { - line=$(grep "DOMAIN='$domain'" $conf) - eval $line - for field in $fields; do - eval key="$field" - if [ -z "$key" ]; then - key='NULL' +# SHELL list function +shell_list() { + source $VESTA/conf/vesta.conf + echo "DOMAIN: $DOMAIN" + echo "ALIAS: ${ALIAS//,/ }" + echo "IP: $IP" + if [ ! -z "$IP6" ]; then + echo "IP6: $IP6" + fi + if [ ! -z "$SSL" ] && [ "$SSL" != 'no' ]; then + echo "SSL: $SSL / $SSL_HOME" + if [ ! -z "$LETSENCRYPT" ] && [ "$LETSENCRYPT" != 'no' ]; then + echo "LETSENCRYPT: $LETSENCRYPT" fi - echo "${field//$/}: $key " - done + fi + echo "TEMPLATE: $TPL" + if [ ! -z "$WEB_BACKEND" ]; then + echo "BACKEND: $BACKEND" + fi + if [ ! -z "$PROXY_SYSTEM" ]; then + echo "PROXY: $PROXY" + echo "PROXY EXT: ${PROXY_EXT//,/ }" + fi + if [ ! -z "$STATS" ]; then + echo "STATS: $STATS" + fi + if [ ! -z "$FTP_USER" ]; then + echo "FTP_USER: ${FTP_USER//,/, }" + fi + if [ ! -z "$AUTH_USER" ]; then + echo "HTTP_AUTH: $AUTH_USER" + fi + echo "DISK: $U_DISK" + echo "BW: $U_BANDWIDTH" + echo "SUSPENDED: $SUSPENDED" + echo "TIME: $TIME" + echo "DATE: $DATE" +} + +# PLAIN list function +plain_list() { + echo -ne "$DOMAIN\t$IP\t$IP6\t$U_DISK\t$U_BANDWIDTH\t$TPL\t" + echo -ne "$ALIAS\t$STATS\t$STATS_USER\t$SSL\t$SSL_HOME\t,$LETSENCRYPT" + echo -ne "$FTP_USER\t$FTP_PATH\t$AUTH_USER\t$BACKEND\t$PROXY\t" + echo -e "$PROXY_EXT\t$SUSPENDED\t$TIME\t$DATE" +} + +# CSV list function +csv_list() { + echo -n "DOMAIN,IP,IP6,U_DISK,U_BANDWIDTH,TPL,ALIAS,STATS,STATS_USER,SSL," + echo -n "SSL_HOME,LETSENCRYPT,FTP_USER,FTP_PATH,AUTH_USER,BACKEND,PROXY,PROXY_EXT," + echo "SUSPENDED,TIME,DATE" + echo -n "$DOMAIN,$IP,$IP6,$U_DISK,$U_BANDWIDTH,$TPL,\"$ALIAS\",$STATS" + echo -n "\"$STATS_USER\",$SSL,$SSL_HOME,$LETSENCRYPT,\"$FTP_USER\",\"$FTP_PATH\"," + echo -n "\"$AUTH_USER\",$BACKEND,$PROXY,\"$PROXY_EXT\",$SUSPENDED,$TIME," + echo "$DATE" } @@ -63,6 +110,7 @@ shell_list_domain() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" @@ -71,23 +119,15 @@ is_object_valid 'web' 'DOMAIN' "$domain" # Action # #----------------------------------------------------------# -# Defining config -conf=$USER_DATA/web.conf +# Parsing domain +eval $(grep "DOMAIN='$domain'" $USER_DATA/web.conf) -# Defining fileds to select -fields='$DOMAIN $IP $IP6 $U_DISK $U_BANDWIDTH $TPL $ALIAS $STATS $STATS_USER - $SSL $SSL_HOME $FTP_USER $FTP_PATH $PROXY $PROXY_EXT $DOCUMENT_ROOT - $SUSPENDED $TIME $DATE' - -# Defining document root -DOCUMENT_ROOT="$HOMEDIR/$user/web/$domain/public_html" - -# Listing domains -case $format in - json) json_list_domain ;; - plain) nohead=1; shell_list_domain ;; - shell) shell_list_domain |column -t;; - *) check_args '2' '0' 'USER DOMAIN [FORMAT]' +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-web-domain-accesslog b/bin/v-list-web-domain-accesslog index 9fdff009a..24362596c 100755 --- a/bin/v-list-web-domain-accesslog +++ b/bin/v-list-web-domain-accesslog @@ -1,6 +1,6 @@ #!/bin/bash # info: list web domain access log -# options: USER DOMAIN [LINES] +# options: USER DOMAIN [LINES] [FORMAT] # # The function of obtaining raw access web domain logs. @@ -9,36 +9,81 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 -lines=${3-70} +ttl=${3-70} +format=${4-shell} # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +# JSON list function +json_list() { + i=1 + objects=$(echo "$lines" |wc -l) + echo '[' + for str in $lines; do + str=$(echo "$str" |sed -e 's/"/\\"/g') + if [ "$i" -lt "$objects" ]; then + echo -e "\t\"$str\"," + else + echo -e "\t\"$str\"" + fi + (( ++i)) + done + echo "]" +} + +# SHELL list function +shell_list() { + echo "$lines" +} + +# PLAIN list function +plain_list() { + echo "$lines" +} + +# CSV list function +csv_list() { + echo "LOG" + echo "$lines" +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '2' "$#" 'USER DOMAIN [FORMAT]' +check_args '2' "$#" 'USER DOMAIN [LINES] [FORMAT]' +is_format_valid 'user' 'domain' 'ttl' is_object_valid 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" + #----------------------------------------------------------# # Action # #----------------------------------------------------------# # Check number of output lines -if [ "$lines" -gt '3000' ]; then +if [ "$ttl" -gt '3000' ]; then read_cmd="cat" else - read_cmd="tail -n $lines" + read_cmd="tail -n $ttl" fi -$read_cmd /var/log/$WEB_SYSTEM/domains/$domain.log +lines=$($read_cmd /var/log/$WEB_SYSTEM/domains/$domain.log) +IFS=$'\n' + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac #----------------------------------------------------------# diff --git a/bin/v-list-web-domain-errorlog b/bin/v-list-web-domain-errorlog index 04520213c..3e23ecfa1 100755 --- a/bin/v-list-web-domain-errorlog +++ b/bin/v-list-web-domain-errorlog @@ -1,6 +1,6 @@ #!/bin/bash # info: list web domain error log -# options: USER DOMAIN [LINES] +# options: USER DOMAIN [LINES] [FORMAT] # # The function of obtaining raw error web domain logs. @@ -9,36 +9,81 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 -lines=${3-70} +ttl=${3-70} +format=${4-shell} # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +# JSON list function +json_list() { + i=1 + objects=$(echo "$lines" |wc -l) + echo '[' + for str in $lines; do + str=$(echo "$str" |sed -e 's/"/\\"/g') + if [ "$i" -lt "$objects" ]; then + echo -e "\t\"$str\"," + else + echo -e "\t\"$str\"" + fi + (( ++i)) + done + echo "]" +} + +# SHELL list function +shell_list() { + echo "$lines" +} + +# PLAIN list function +plain_list() { + echo "$lines" +} + +# CSV list function +csv_list() { + echo "LOG" + echo "$lines" +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '2' "$#" 'USER DOMAIN [FORMAT]' +check_args '2' "$#" 'USER DOMAIN [LINES] [FORMAT]' +is_format_valid 'user' 'domain' 'ttl' is_object_valid 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" + #----------------------------------------------------------# # Action # #----------------------------------------------------------# # Check number of output lines -if [ "$lines" -gt '3000' ]; then +if [ "$ttl" -gt '3000' ]; then read_cmd="cat" else - read_cmd="tail -n $lines" + read_cmd="tail -n $ttl" fi -$read_cmd /var/log/$WEB_SYSTEM/domains/$domain.error.log +lines=$($read_cmd /var/log/$WEB_SYSTEM/domains/$domain.error.log) +IFS=$'\n' + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac #----------------------------------------------------------# diff --git a/bin/v-list-web-domain-ssl b/bin/v-list-web-domain-ssl index a8696572f..bf69e3624 100755 --- a/bin/v-list-web-domain-ssl +++ b/bin/v-list-web-domain-ssl @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 format=${3-shell} @@ -17,19 +17,26 @@ format=${3-shell} # Includes source $VESTA/func/main.sh -# Json function -json_list_ssl() { - i='1' # iterator +# JSON list function +json_list() { + issuer=$(echo "$issuer" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g") echo '{' echo -e "\t\"$domain\": {" echo " \"CRT\": \"$crt\"," echo " \"KEY\": \"$key\"," - echo " \"CA\": \"$ca\"" + echo " \"CA\": \"$ca\"," + echo " \"SUBJECT\": \"$subj\"," + echo " \"ALIASES\": \"$alt_dns\"," + echo " \"NOT_BEFORE\": \"$before\"," + echo " \"NOT_AFTER\": \"$after\"," + echo " \"SIGNATURE\": \"$signature\"," + echo " \"PUB_KEY\": \"$pub_key\"," + echo " \"ISSUER\": \"$issuer\"" echo -e "\t}\n}" } -# Shell function -shell_list_ssl() { +# SHELL list function +shell_list() { if [ ! -z "$crt" ]; then echo -e "$crt" fi @@ -39,6 +46,50 @@ shell_list_ssl() { if [ ! -z "$ca" ]; then echo -e "\n$ca" fi + if [ ! -z "$crt" ]; then + echo + echo + echo "SUBJECT: $subj" + if [ ! -z "$alt_dns" ]; then + echo "ALIASES: ${alt_dns//,/ }" + fi + echo "VALID FROM: $before" + echo "VALID TIL: $after" + echo "SIGNATURE: $signature" + echo "PUB_KEY: $pub_key" + echo "ISSUER: $issuer" + fi +} + +# PLAIN list function +plain_list() { + if [ ! -z "$crt" ]; then + echo -e "$crt" + fi + if [ ! -z "$key" ]; then + echo -e "\n$key" + fi + if [ ! -z "$ca" ]; then + echo -e "\n$ca" + fi + if [ ! -z "$crt" ]; then + echo "$subj" + echo "${alt_dns//,/ }" + echo "$before" + echo "$after" + echo "$signature" + echo "$pub_key" + echo "$issuer" + fi + +} + +# CSV list function +csv_list() { + echo -n "CRT,KEY,CA,SUBJECT,ALIASES,NOT_BEFORE,NOT_AFTER,SIGNATURE," + echo "PUB_KEY,ISSUER" + echo -n "\"$crt\",\"$key\",\"$ca\",\"$subj\",\"${alt_dns//,/ }\"," + echo "\"$before\",\"$after\",\"$signature\",\"$pub_key\",\"$issuer\"" } @@ -47,30 +98,46 @@ shell_list_ssl() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" + #----------------------------------------------------------# # Action # #----------------------------------------------------------# + +# Parsing domain SSL certificate if [ -e "$USER_DATA/ssl/$domain.crt" ]; then - crt=$(cat $USER_DATA/ssl/$domain.crt | sed ':a;N;$!ba;s/\n/\\n/g' ) + crt=$(cat $USER_DATA/ssl/$domain.crt |sed ':a;N;$!ba;s/\n/\\n/g') + + info=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt) + subj=$(echo "$info" |grep Subject: |cut -f 2 -d =|cut -f 2 -d \") + before=$(echo "$info" |grep Before: |sed -e "s/.*Before: //") + after=$(echo "$info" |grep "After :" |sed -e "s/.*After : //") + signature=$(echo "$info" |grep "Algorithm:" |head -n1 ) + signature=$(echo "$signature"| sed -e "s/.*Algorithm: //") + pub_key=$(echo "$info" |grep Public-Key: |cut -f2 -d \( | tr -d \)) + issuer=$(echo "$info" |grep Issuer: |sed -e "s/.*Issuer: //") + alt_dns=$(echo "$info" |grep DNS |sed -e 's/DNS:/\n/g' |tr -d ',') + alt_dns=$(echo "$alt_dns" |tr -d ' ' |sed -e "/^$/d") + alt_dns=$(echo "$alt_dns" |sed -e ':a;N;$!ba;s/\n/,/g') fi if [ -e "$USER_DATA/ssl/$domain.key" ]; then - key=$(cat $USER_DATA/ssl/$domain.key | sed ':a;N;$!ba;s/\n/\\n/g' ) + key=$(cat $USER_DATA/ssl/$domain.key |sed ':a;N;$!ba;s/\n/\\n/g') fi if [ -e "$USER_DATA/ssl/$domain.ca" ]; then - ca=$(cat $USER_DATA/ssl/$domain.ca | sed ':a;N;$!ba;s/\n/\\n/g' ) + ca=$(cat $USER_DATA/ssl/$domain.ca |sed ':a;N;$!ba;s/\n/\\n/g') fi -# Listing domains +# Listing data case $format in - json) json_list_ssl ;; - plain) nohead=1; shell_list_ssl ;; - shell) shell_list_ssl ;; - *) check_args '1' '0' '[FORMAT]' + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-web-domains b/bin/v-list-web-domains index 95f061702..23de5fb4f 100755 --- a/bin/v-list-web-domains +++ b/bin/v-list-web-domains @@ -2,27 +2,105 @@ # info: list web domains # options: USER [FORMAT] # -# The function of obtaining the list of all user domains. +# The function to obtain the list of all user web domains. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 format=${2-shell} # Includes source $VESTA/func/main.sh +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(grep DOMAIN $USER_DATA/web.conf |wc -l) + echo "{" + while read str; do + eval $str + echo -n ' "'$DOMAIN'": { + "IP": "'$IP'", + "IP6": "'$IP6'", + "U_DISK": "'$U_DISK'", + "U_BANDWIDTH": "'$U_BANDWIDTH'", + "TPL": "'$TPL'", + "ALIAS": "'$ALIAS'", + "STATS": "'$STATS'", + "STATS_USER": "'$STATS_USER'", + "SSL": "'$SSL'", + "SSL_HOME": "'$SSL_HOME'", + "LETSENCRYPT": "'$LETSENCRYPT'", + "FTP_USER": "'$FTP_USER'", + "FTP_PATH": "'$FTP_PATH'", + "AUTH_USER": "'$AUTH_USER'", + "BACKEND": "'$BACKEND'", + "PROXY": "'$PROXY'", + "PROXY_EXT": "'$PROXY_EXT'", + "SUSPENDED": "'$SUSPENDED'", + "TIME": "'$TIME'", + "DATE": "'$DATE'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done < <(cat $USER_DATA/web.conf) + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "DOMAIN IP TPL SSL DISK BW SPND DATE" + echo "------ -- --- --- ---- -- ---- -----" + while read str; do + eval $str + echo "$DOMAIN $IP $TPL $SSL $U_DISK $U_BANDWIDTH $SUSPENDED $DATE" + done < <(cat $USER_DATA/web.conf) +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + while read str; do + eval $str + echo -ne "$DOMAIN\t$IP\t$IP6\t$U_DISK\t$U_BANDWIDTH\t$TPL\t" + echo -ne "$ALIAS\t$STATS\t$STATS_USER\t$SSL\t$SSL_HOME\t$LETSENCRYPT\t" + echo -ne "$FTP_USER\t$FTP_PATH\t$AUTH_USER\t$BACKEND\t$PROXY\t" + echo -e "$PROXY_EXT\t$SUSPENDED\t$TIME\t$DATE" + done < <(cat $USER_DATA/web.conf) +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo -n "DOMAIN,IP,IP6,U_DISK,U_BANDWIDTH,TPL,ALIAS,STATS,STATS_USER," + echo -n "SSL,SSL_HOME,LETSENCRYPT,FTP_USER,FTP_PATH,AUTH_USER,BACKEND,PROXY," + echo "PROXY_EXT,SUSPENDED,TIME,DATE" + while read str; do + eval $str + echo -n "$DOMAIN,$IP,$IP6,$U_DISK,$U_BANDWIDTH,$TPL," + echo -n "\"$ALIAS\",$STATS,\"$STATS_USER\",$SSL,$SSL_HOME,$LETSENCRYPT," + echo -n "\"$FTP_USER\",\"$FTP_PATH\",\"$AUTH_USER\",$BACKEND,$PROXY," + echo "\"$PROXY_EXT\",$SUSPENDED,$TIME,$DATE" + done < <(cat $USER_DATA/web.conf) +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -30,21 +108,12 @@ is_object_valid 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -# Defining config -conf=$USER_DATA/web.conf - -# Defining fileds to select -fields="\$DOMAIN \$IP \$IP6 \$U_DISK \$U_BANDWIDTH \$TPL \$ALIAS \$STATS" -fields="$fields \$STATS_USER \$SSL \$SSL_HOME \$FTP_USER \$FTP_PATH" -fields="$fields \$PROXY \$PROXY_EXT \$SUSPENDED \$TIME \$DATE" - -# Listing domains -case $format in +# Listing data +case $format in json) json_list ;; - plain) nohead=1; shell_list ;; - shell) fields='$DOMAIN $IP $U_DISK $U_BANDWIDTH $TPL $DATE'; - shell_list | column -t ;; - *) check_args '1' '0' 'USER [FORMAT]' + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; esac diff --git a/bin/v-list-web-domains-ssl b/bin/v-list-web-domains-ssl deleted file mode 100755 index 6f05bc743..000000000 --- a/bin/v-list-web-domains-ssl +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/bash -# info: list web domains and alias key -# options: USER [FORMAT] -# -# The function for obtaining the list of domains with SSL parameter displayed. -# This call was arranged for filling in the lack of information by applying -# v-list-web-domains call in the shell format. - - -#----------------------------------------------------------# -# Variable&Function # -#----------------------------------------------------------# - -# Argument defenition -user=$1 -format=${2-shell} - -# Includes -source $VESTA/func/main.sh - - -#----------------------------------------------------------# -# Verifications # -#----------------------------------------------------------# - -check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' -is_object_valid 'user' 'USER' "$user" - - -#----------------------------------------------------------# -# Action # -#----------------------------------------------------------# - -# Defining config -conf="$USER_DATA/web.conf" - -# Defining fileds to select -fields="\$DOMAIN \$IP \$TPL \$SSL \$SSL_HOME \$SUSPENDED" - -# Listing domains -case $format in - json) json_list ;; - plain) nohead=1; shell_list ;; - shell) shell_list | column -t ;; - *) check_args '1' "0" 'USER [FORMAT]' -esac - - -#----------------------------------------------------------# -# Vesta # -#----------------------------------------------------------# - -exit diff --git a/bin/v-list-web-stats b/bin/v-list-web-stats index 33d56c24a..b48419d67 100755 --- a/bin/v-list-web-stats +++ b/bin/v-list-web-stats @@ -9,39 +9,50 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf -# Json function -json_list_st() { - stats=$(echo "${STATS_SYSTEM//,/ } none") - st_counter=$(echo "$stats" | wc -w) +# JSON list function +json_list() { + objects=$(echo "$stats" | wc -w) i=1 echo '[' - for st in $stats; do - if [ "$i" -lt "$st_counter" ]; then - echo -e "\t\"$st\"," + for str in $stats; do + if [ "$i" -lt "$objects" ]; then + echo -e "\t\"$str\"," else - echo -e "\t\"$st\"" + echo -e "\t\"$str\"" fi (( ++i)) done echo "]" } -# Shell function -shell_list_st() { - stats=$(echo "none ${STATS_SYSTEM//,/ }") - if [ -z "$nohead" ]; then - echo "STATS" - echo "----------" - fi - for st in $stats; do - echo "$st" +# SHELL list function +shell_list() { + echo "PARSER" + echo "------" + for parser in $stats; do + echo "$parser" + done +} + +# PLAIN list function +plain_list() { + for parser in $stats; do + echo "$parser" + done +} + +# CSV list function +csv_list() { + echo "PARSER" + for parser in $stats; do + echo "$parser" done } @@ -50,12 +61,15 @@ shell_list_st() { # Action # #----------------------------------------------------------# -# Listing domains -case $format in - json) json_list_st ;; - plain) nohead=1; shell_list_st ;; - shell) shell_list_st ;; - *) check_args '1' '0' '[FORMAT]' ;; +# Parsing stats system +stats=$(echo "none ${STATS_SYSTEM//,/ }") + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-web-templates b/bin/v-list-web-templates index d54bfc458..ec02c710f 100755 --- a/bin/v-list-web-templates +++ b/bin/v-list-web-templates @@ -9,21 +9,20 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf -# Json function -json_list_wtpl() { - templates=$(ls -t $WEBTPL/$WEB_SYSTEM | cut -f 1 -d '.' |sort -u ) - t_counter=$(echo "$templates" | wc -w) +# JSON list function +json_list() { + objects=$(echo "$templates" |wc -w) i=1 echo '[' for template in $templates; do - if [ "$i" -lt "$t_counter" ]; then + if [ "$i" -lt "$objects" ]; then echo -e "\t\"$template\"," else echo -e "\t\"$template\"" @@ -33,30 +32,45 @@ json_list_wtpl() { echo "]" } -# Shell function -shell_list_wtpl() { - templates=$(ls -t $WEBTPL/$WEB_SYSTEM | cut -f 1 -d '.' |sort -u ) - if [ -z "$nohead" ]; then - echo "Templates" - echo "----------" - fi +# SHELL list function +shell_list() { + echo "TEMPLATE" + echo "--------" + for template in $templates; do + echo "$template" + done +} + +# PLAIN list function +plain_list() { + for template in $templates; do + echo "$template" + done +} + +# CSV list function +csv_list() { + echo "TEMPLATE" for template in $templates; do echo "$template" done } - #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Listing domains +# Parsing templates +templates=$(ls -v $WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/) +templates=$(echo "$templates" |grep '\.tpl' |sed 's/\.tpl$//') + +# Listing data case $format in - json) json_list_wtpl ;; - plain) nohead=1; shell_list_wtpl ;; - shell) shell_list_wtpl ;; - *) check_args '1' '0' '[FORMAT]' + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-list-web-templates-backend b/bin/v-list-web-templates-backend new file mode 100755 index 000000000..5536b7e83 --- /dev/null +++ b/bin/v-list-web-templates-backend @@ -0,0 +1,85 @@ +#!/bin/bash +# info: listing backend templates +# options: [FORMAT] +# +# The function for obtaining the list of available backend templates. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +# JSON list function +json_list() { + i=1 + objects=$(echo "$templates" |wc -w) + echo '[' + for template in $templates; do + if [ "$i" -lt "$objects" ]; then + echo -e "\t\"$template\"," + else + echo -e "\t\"$template\"" + fi + (( ++i)) + done + echo "]" +} + +# SHELL list function +shell_list() { + echo "TEMPLATE" + echo "--------" + for template in $templates; do + echo "$template" + done +} + +# PLAIN list function +plain_list() { + for template in $templates; do + echo "$template" + done +} + +# CSV list function +csv_list() { + echo "TEMPLATE" + for template in $templates; do + echo "$template" + done +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Parsing backend templates +if [ ! -z "$WEB_BACKEND" ]; then + templates=$(ls -t $WEBTPL/$WEB_BACKEND |\ + cut -f1 -d . |\ + grep -v proxy_ip |\ + sort -u ) +fi + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-list-web-templates-proxy b/bin/v-list-web-templates-proxy index 852fee82b..0d827fc5a 100755 --- a/bin/v-list-web-templates-proxy +++ b/bin/v-list-web-templates-proxy @@ -9,20 +9,20 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition format=${1-shell} # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf -# Json function -json_list_wtpl() { - t_counter=$(echo "$templates" | wc -w) +# JSON list function +json_list() { + objects=$(echo "$templates" |wc -w) i=1 echo '[' for template in $templates; do - if [ "$i" -lt "$t_counter" ]; then + if [ "$i" -lt "$objects" ]; then echo -e "\t\"$template\"," else echo -e "\t\"$template\"" @@ -30,14 +30,27 @@ json_list_wtpl() { (( ++i)) done echo "]" - } +} -# Shell function -shell_list_wtpl() { - if [ -z "$nohead" ]; then - echo "Templates" - echo "----------" - fi +# SHELL list function +shell_list() { + echo "TEMPLATE" + echo "--------" + for template in $templates; do + echo "$template" + done +} + +# PLAIN list function +plain_list() { + for template in $templates; do + echo "$template" + done +} + +# CSV list function +csv_list() { + echo "TEMPLATE" for template in $templates; do echo "$template" done @@ -48,21 +61,21 @@ shell_list_wtpl() { # Action # #----------------------------------------------------------# -# Proxy templates -if [ -z "$PROXY_SYSTEM" ]; then - exit +# Parsing proxy templates +if [ ! -z "$PROXY_SYSTEM" ]; then + templates=$(ls -t $WEBTPL/$PROXY_SYSTEM |\ + grep ".tpl$" |\ + cut -f1 -d . |\ + grep -v proxy_ip |\ + sort -u ) fi -templates=$(ls -t $WEBTPL/$PROXY_SYSTEM |\ - cut -f1 -d . |\ - grep -v proxy_ip |\ - sort -u ) -# Listing domains +# Listing data case $format in - json) json_list_wtpl ;; - plain) nohead=1; shell_list_wtpl ;; - shell) shell_list_wtpl ;; - *) check_args '1' '0' '[FORMAT]' + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; esac diff --git a/bin/v-move-fs-directory b/bin/v-move-fs-directory new file mode 100755 index 000000000..f101d9955 --- /dev/null +++ b/bin/v-move-fs-directory @@ -0,0 +1,59 @@ +#!/bin/bash +# info: move file +# options: USER SRC_DIRECTORY DST_DIRECTORY +# +# The function moved file or directory on the file system. This function +# can also be used to rename files just like normal mv command. + +user=$1 +src_dir=$2 +dst_dir=$3 + +# Checking arguments +if [ -z "$dst_dir" ]; then + echo "Usage: USER SRC_DIRECTORY DST_DIRECTORY" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking source file +if [ ! -d "$src_dir" ]; then + echo "Error: source directory $src_dir doesn't exist" + exit 3 +fi + +# Checking source path +rpath=$(readlink -f "$src_dir") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid source path $src_dir" + exit 2 +fi + +# Checking destination path +rpath=$(readlink -f "$dst_dir") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid destination path $dst_dir" + exit 2 +fi + +# Moving directory +sudo -u $user mv "$src_dir" "$dst_dir" >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: directory $src_dir was not moved" + exit 3 +fi + +# Exiting +exit diff --git a/bin/v-move-fs-file b/bin/v-move-fs-file new file mode 100755 index 000000000..3671e0e58 --- /dev/null +++ b/bin/v-move-fs-file @@ -0,0 +1,59 @@ +#!/bin/bash +# info: move file +# options: USER SRC_FILE DST_FLE +# +# The function moved file or directory on the file system. This function +# can also be used to rename files just like normal mv command. + +user=$1 +src_file=$2 +dst_file=$3 + +# Checking arguments +if [ -z "$dst_file" ]; then + echo "Usage: USER SRC_FILE DST_FILE" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking source file +if [ ! -f "$src_file" ]; then + echo "Error: source file $src_file doesn't exist" + exit 3 +fi + +# Checking source path +rpath=$(readlink -f "$src_file") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid source path $src_file" + exit 2 +fi + +# Checking destination path +rpath=$(readlink -f "$dst_file") +if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid destination path $dst_file" + exit 2 +fi + +# Moving file +sudo -u $user mv "$src_file" "$dst_file" >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "Error: file $src_file was not moved" + exit 3 +fi + +# Exiting +exit diff --git a/bin/v-open-fs-config b/bin/v-open-fs-config new file mode 100755 index 000000000..720df86a7 --- /dev/null +++ b/bin/v-open-fs-config @@ -0,0 +1,53 @@ +#!/bin/bash +# info: open config +# options: CONFIG +# +# The function opens/reads config files on the file system + +src_file=$1 + +# Checking arguments +if [ -z "$src_file" ]; then + echo "Usage: CONFIG" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking file on fs +if [ ! -e "$src_file" ]; then + echo "Error: $src_file file doesn't exist" + exit 3 +fi + +# Checking path +if [ ! -z "$src_file" ]; then + rpath=$(readlink -f "$src_file") + services="nginx|apache|httpd|php|ftp|bind|named|exim|dovecot|spamassassin" + services="$services|clam|mysql|postgresql|pgsql|cron|fail2ban|iptables" + services="$services|my.cnf" + spath=$(echo "$rpath" |egrep "$services") + if [ -z "$spath" ]; then + echo "Error: invalid source path $src_file" + exit 2 + fi + spath=$(echo "$rpath" |egrep "/etc|/var/lib") + if [ -z "$spath" ]; then + echo "Error: invalid source path $src_file" + exit 2 + fi +fi + +# Reading conf +cat "$src_file" 2>/dev/null +if [ $? -ne 0 ]; then + echo "Error: file $src_file was not opened" + exit 3 +fi + +# Exiting +exit diff --git a/bin/v-open-fs-file b/bin/v-open-fs-file index d5c8ea3a6..c51cd0b9f 100755 --- a/bin/v-open-fs-file +++ b/bin/v-open-fs-file @@ -1,36 +1,51 @@ #!/bin/bash -# File reader +# info: open file +# options: USER FILE +# +# The function opens/reads files on the file system user=$1 -path=$2 +src_file=$2 # Checking arguments -if [ -z "$path" ]; then - echo "Usage: USER PATH" +if [ -z "$src_file" ]; then + echo "Usage: USER FILE" exit 1 fi -# Checking users +# Checking vesta user if [ ! -e "$VESTA/data/users/$user" ]; then - exit 1 + echo "Error: vesta user $user doesn't exist" + exit 3 fi -# Checking homedir +# Checking user homedir homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) if [ -z $homedir ]; then - exit 1 + echo "Error: user home directory doesn't exist" + exit 12 fi # Checking path -if [ ! -z "$path" ]; then - # Validating absolute path - rpath=$(readlink -f "$path") - if [ -z "$(echo $rpath |grep $homedir)" ]; then - exit 1 +if [ ! -z "$src_file" ]; then + rpath=$(readlink -f "$src_file") + if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then + echo "Error: invalid source path $src_file" + exit 2 + fi + + if [ ! -f "$src_file" ]; then + echo "Error: file not found $src_file" + exit 2 fi fi -cat "$path" +# Reading file +sudo -u $user cat "$src_file" 2>/dev/null +if [ $? -ne 0 ]; then + echo "Error: file $src_file was not opened" + exit 3 +fi +# Exiting exit - diff --git a/bin/v-rebuild-cron-jobs b/bin/v-rebuild-cron-jobs index 8fcd2da2d..40192b63d 100755 --- a/bin/v-rebuild-cron-jobs +++ b/bin/v-rebuild-cron-jobs @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -40,15 +40,11 @@ sync_cron_jobs # Vesta # #----------------------------------------------------------# -# Restart crond -if [ "$restart" != 'no' ]; then - $BIN/v-restart-cron - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting crond +$BIN/v-restart-cron $restart +check_result $? "Cron restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-rebuild-databases b/bin/v-rebuild-databases index f3f74cbc6..0b8f4a2d2 100755 --- a/bin/v-rebuild-databases +++ b/bin/v-rebuild-databases @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -67,6 +67,6 @@ update_user_value "$user" '$U_DISK_DB' "$U_DISK_DB" #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-rebuild-dns-domain b/bin/v-rebuild-dns-domain index 7fdb0bd33..536392687 100755 --- a/bin/v-rebuild-dns-domain +++ b/bin/v-rebuild-dns-domain @@ -1,6 +1,6 @@ #!/bin/bash # info: rebuild dns domain -# options: USER DOMAIN [RESTART] +# options: USER DOMAIN [RESTART] [UPDATE_SERIAL] # # The function rebuilds DNS configuration files. @@ -9,10 +9,11 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 domain=$2 restart=$3 +update_serial=$4 # Includes source $VESTA/func/main.sh @@ -25,8 +26,8 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# -check_args '2' "$#" 'USER DOMAIN [RESTART]' -validate_format 'user' 'domain' +check_args '2' "$#" 'USER DOMAIN [RESTART] [UPDATE_SERIAL]' +is_format_valid 'user' 'domain' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -59,10 +60,15 @@ if [ -e '/etc/bind/named.conf' ]; then dns_conf='/etc/bind/named.conf' fi -# Remove old user's zone +# Deleting old user's zone sed -i "/\/$user\/conf\/dns\/$domain/d" $dns_conf -# Starting loop +# Updating zone serial +if [ "$update_serial" != 'no' ]; then + update_domain_serial +fi + +# Rebuiling zone config rebuild_dns_domain_conf @@ -75,15 +81,11 @@ update_user_value "$user" '$U_DNS_DOMAINS' "$user_domains" update_user_value "$user" '$U_DNS_RECORDS' "$user_records" update_user_value "$user" '$SUSPENDED_DNS' "$suspended_dns" -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns "$restart" - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "Bind restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-rebuild-dns-domains b/bin/v-rebuild-dns-domains index 971a99f45..0b03e8191 100755 --- a/bin/v-rebuild-dns-domains +++ b/bin/v-rebuild-dns-domains @@ -1,6 +1,6 @@ #!/bin/bash # info: rebuild dns domains -# options: USER [RESTART] +# options: USER [RESTART] [UPDATE_SERIAL] # # The function rebuilds DNS configuration files. @@ -9,9 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 +update_serial=$3 # Includes source $VESTA/func/main.sh @@ -24,8 +25,8 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# -check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +check_args '1' "$#" 'USER [RESTART] [UPDATE_SERIAL]' +is_format_valid 'user' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -65,6 +66,9 @@ sed -i "/\/$user\/conf\/dns/d" $dns_conf # Starting loop for domain in $(search_objects 'dns' 'DOMAIN' "*" 'DOMAIN'); do + if [ "$update_serial" != 'no' ]; then + update_domain_serial + fi rebuild_dns_domain_conf done @@ -78,15 +82,11 @@ update_user_value "$user" '$U_DNS_DOMAINS' "$user_domains" update_user_value "$user" '$U_DNS_RECORDS' "$user_records" update_user_value "$user" '$SUSPENDED_DNS' "$suspended_dns" -# Restart named -if [ "$restart" != 'no' ]; then - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting named +$BIN/v-restart-dns $restart +check_result $? "Bind restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-rebuild-mail-domains b/bin/v-rebuild-mail-domains index 9faeb29a8..82b7fa144 100755 --- a/bin/v-rebuild-mail-domains +++ b/bin/v-rebuild-mail-domains @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -70,6 +70,6 @@ update_user_value "$user" '$U_DISK_MAIL' "$U_DISK_MAIL" recalc_user_disk_usage # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-rebuild-user b/bin/v-rebuild-user index 2d57f6ae8..6a2b4d037 100755 --- a/bin/v-rebuild-user +++ b/bin/v-rebuild-user @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -27,7 +27,7 @@ export PATH=$PATH:/usr/sbin #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -50,6 +50,6 @@ rebuild_user_conf #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-rebuild-web-domains b/bin/v-rebuild-web-domains index 8f4d4f43c..2094d19c1 100755 --- a/bin/v-rebuild-web-domains +++ b/bin/v-rebuild-web-domains @@ -1,5 +1,5 @@ #!/bin/bash -# info: rebuild dns domains +# info: rebuild web domains # options: USER [RESTART] # # The function rebuilds web configuration files. @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -26,7 +26,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -36,130 +36,66 @@ is_object_unsuspended 'user' 'USER' "$user" # Action # #----------------------------------------------------------# -user_domains=0 -user_ssl=0 -user_aliases=0 -suspended_web=0 -conf=$USER_DATA/web.conf -fields='$DOMAIN' -nohead=1 -domain_counter=0 +# Deleting old web configs +sed -i "/.*\/$user\/conf\/web\//d" /etc/$WEB_SYSTEM/conf.d/vesta.conf +if [ -e "$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" ]; then + rm $HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf +fi +if [ -e "$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" ]; then + rm $HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf +fi -# Clean up old config -rm -f $HOMEDIR/$user/conf/tmp_*.conf +# Deleting old proxy configs +if [ ! -z "$PROXY_SYSTEM" ]; then + sed -i "/.*\/$user\/conf\/web\//d" /etc/$PROXY_SYSTEM/conf.d/vesta.conf -# Starting loop -for domain in $(shell_list); do - ((++ domain_counter)) + if [ -e "$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" ]; then + rm $HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf + fi + + if [ -e "$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" ]; then + rm $HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf + fi +fi + +# Deleting backend configs +if [ ! -z "$WEB_BACKEND" ]; then + if [ "$WEB_BACKEND_POOL" = 'user' ]; then + prepare_web_backend + rm -f $pool/$backend_type.conf + else + for domain in $($BIN/v-list-web-domains $user plain |cut -f 1); do + prepare_web_backend + rm -f $pool/$backend_type.conf + done + fi +fi + +# Starting rebuild loop for each web domain +for domain in $($BIN/v-list-web-domains $user plain |cut -f 1); do + if [ ! -z "$WEB_BACKEND" ]; then + template=$(get_object_value 'web' 'DOMAIN' "$domain" '$BACKEND') + $BIN/v-add-web-domain-backend $user $domain $template $restart + fi rebuild_web_domain_conf done -# Config path -web_conf="/etc/$WEB_SYSTEM/conf.d/vesta.conf" -proxy_conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf" - -# Touch vesta configs -touch $web_conf -if [ ! -z "$PROXY_SYSTEM" ]; then - touch $proxy_conf -fi - -# Checking if there is at least 1 domain -if [ "$domain_counter" -lt 1 ]; then - # Deleting web configs - rm -f $HOMEDIR/$user/conf/web/* - sed -i "/.*\/$user\/.*$WEB_SYSTEM.conf/d" $web_conf - if [ ! -z "$PROXY_SYSTEM" ]; then - sed -i "/.*\/$user\/.*$PROXY_SYSTEM.conf/d" $proxy_conf - fi - -else - # Clean web configs - sed -i "/.*\/$user\/.*.conf/d" $web_conf - if [ ! -z "$PROXY_SYSTEM" ]; then - sed -i "/.*\/$user\/.*.conf/d" $proxy_conf - fi - - # Renaming tmp config - tmp_conf="$HOMEDIR/$user/conf/web/tmp_$WEB_SYSTEM.conf" - conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" - mv $tmp_conf $conf - - # Checking include - web_include=$(grep "$conf" $web_conf ) - if [ -z "$web_include" ]; then - echo "Include $conf" >> $web_conf - fi - - # Checking SSL - if [ "$ssl_change" = 'yes' ]; then - tmp_conf="$HOMEDIR/$user/conf/web/tmp_s$WEB_SYSTEM.conf" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - mv $tmp_conf $conf - fi - ssl_include=$(grep "$conf" $web_conf ) - if [ -z "$ssl_include" ]; then - echo "Include $conf" >> $web_conf - fi - - # Checking proxy - if [ ! -z "$PROXY_SYSTEM" ]; then - if [ "$proxy_change" = 'yes' ]; then - tmp_conf="$HOMEDIR/$user/conf/web/tmp_$PROXY_SYSTEM.conf" - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - mv $tmp_conf $conf - proxy_include=$(grep "$conf" $proxy_conf ) - if [ -z "$proxy_include" ]; then - echo "include $conf;" >> $proxy_conf - fi - else - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - sed -i "/.*\/$user\/.*$PROXY_SYSTEM.conf/d" $proxy_conf - rm -f $HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf - fi - - # Checking SSL proxy - if [ "$proxy_change" = 'yes' ] && [ "$ssl_change" = 'yes' ]; then - tmp_conf="$HOMEDIR/$user/conf/web/tmp_s$PROXY_SYSTEM.conf" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - mv $tmp_conf $conf - proxy_include=$(grep "$conf" $proxy_conf ) - if [ -z "$proxy_include" ]; then - echo "include $conf;" >> $proxy_conf - fi - else - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - sed -i "/.*\/$user\/.*s$PROXY_SYSTEM.conf/d" $proxy_conf - rm -f $HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf - fi - fi -fi - #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# -# Updating counters -update_user_value "$user" '$SUSPENDED_WEB' "$suspended_web" -update_user_value "$user" '$U_WEB_DOMAINS' "$user_domains" -update_user_value "$user" '$U_WEB_SSL' "$user_ssl" -update_user_value "$user" '$U_WEB_ALIASES' "$user_aliases" +# Updating user counters +$BIN/v-update-user-counters $user -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-restart-cron b/bin/v-restart-cron index a30278aa0..ac9ea8b1a 100755 --- a/bin/v-restart-cron +++ b/bin/v-restart-cron @@ -12,16 +12,16 @@ # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin" send_email_report() { - send_mail="$VESTA/web/inc/mail-wrapper.php" email=$(grep CONTACT $VESTA/data/users/admin/user.conf) email=$(echo "$email" | cut -f 2 -d "'") tmpfile=$(mktemp) subj="$(hostname): $CRON_SYSTEM restart failed" - /etc/init.d/$CRON_SYSTEM configtest >> $tmpfile 2>&1 - /etc/init.d/$CRON_SYSTEM restart >> $tmpfile 2>&1 - cat $tmpfile | $send_mail -s "$subj" $email + service $CRON_SYSTEM configtest >> $tmpfile 2>&1 + service $CRON_SYSTEM restart >> $tmpfile 2>&1 + cat $tmpfile |$SENDMAIL -s "$subj" $email rm -f $tmpfile } @@ -30,6 +30,11 @@ send_email_report() { # Action # #----------------------------------------------------------# +# Exit +if [ "$1" = "no" ]; then + exit +fi + # Schedule restart if [ "$1" = 'scheduled' ]; then echo "$BIN/$SCRIPT now" >> $VESTA/data/queue/restart.pipe @@ -45,14 +50,12 @@ if [ -z "$CRON_SYSTEM" ] || [ "$CRON_SYSTEM" = 'remote' ]; then fi # Restart system -if [ -e "/var/run/crond.pid" ]; then - /etc/init.d/$CRON_SYSTEM reload >/dev/null 2>&1 - reload cron >/dev/null 2>&1 -else - /etc/init.d/$CRON_SYSTEM restart >/dev/null 2>&1 +service $CRON_SYSTEM reload >/dev/null 2>&1 +if [ $? -ne 0 ]; then + service $CRON_SYSTEM restart >/dev/null 2>&1 if [ $? -ne 0 ]; then send_email_report - exit $E_RESTART + check_result $E_RESTART "$CRON_SYSTEM restart failed" fi fi diff --git a/bin/v-restart-dns b/bin/v-restart-dns index 7dc7a9bab..4e7712a7c 100755 --- a/bin/v-restart-dns +++ b/bin/v-restart-dns @@ -12,6 +12,7 @@ # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin" send_email_report() { if [ -e '/etc/named.conf' ]; then @@ -19,15 +20,13 @@ send_email_report() { else dns_conf='/etc/bind/named.conf' fi - - send_mail="$VESTA/web/inc/mail-wrapper.php" email=$(grep CONTACT $VESTA/data/users/admin/user.conf) email=$(echo "$email" | cut -f 2 -d "'") tmpfile=$(mktemp) subj="$(hostname): $DNS_SYSTEM restart failed" - named-checkconf $dns_conf >> $tmpfile 2>&1 - /etc/init.d/$DNS_SYSTEM restart >> $tmpfile 2>&1 - cat $tmpfile | $send_mail -s "$subj" $email + /usr/sbin/named-checkconf $dns_conf >> $tmpfile 2>&1 + service $DNS_SYSTEM restart >> $tmpfile 2>&1 + cat $tmpfile |$SENDMAIL -s "$subj" $email rm -f $tmpfile } @@ -36,6 +35,11 @@ send_email_report() { # Action # #----------------------------------------------------------# +# Exit +if [ "$1" = "no" ]; then + exit +fi + # Schedule restart if [ "$1" = 'scheduled' ]; then echo "$BIN/$SCRIPT now" >> $VESTA/data/queue/restart.pipe @@ -51,13 +55,12 @@ if [ -z "$DNS_SYSTEM" ] || [ "$DNS_SYSTEM" = 'remote' ] ; then fi # Restart system -/etc/init.d/$DNS_SYSTEM reload >/dev/null 2>&1 +service $DNS_SYSTEM reload >/dev/null 2>&1 if [ $? -ne 0 ]; then - /etc/init.d/$DNS_SYSTEM restart >/dev/null 2>&1 + service $DNS_SYSTEM restart >/dev/null 2>&1 if [ $? -ne 0 ]; then send_email_report - echo "Error: $DNS_SYSTEM restart failed" - exit $E_RESTART + check_result $E_RESTART "$DNS_SYSTEM restart failed" fi fi diff --git a/bin/v-restart-ftp b/bin/v-restart-ftp index 611672797..2f1eab35d 100755 --- a/bin/v-restart-ftp +++ b/bin/v-restart-ftp @@ -12,16 +12,16 @@ # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin" send_email_report() { - send_mail="$VESTA/web/inc/mail-wrapper.php" email=$(grep CONTACT $VESTA/data/users/admin/user.conf) email=$(echo "$email" | cut -f 2 -d "'") tmpfile=$(mktemp) subj="$(hostname): $FTP_SYSTEM restart failed" - /etc/init.d/$FTP_SYSTEM configtest >> $tmpfile 2>&1 - /etc/init.d/$FTP_SYSTEM restart >> $tmpfile 2>&1 - cat $tmpfile | $send_mail -s "$subj" $email + service $FTP_SYSTEM configtest >> $tmpfile 2>&1 + service $FTP_SYSTEM restart >> $tmpfile 2>&1 + cat $tmpfile |$SENDMAIL -s "$subj" $email rm -f $tmpfile } @@ -30,6 +30,11 @@ send_email_report() { # Action # #----------------------------------------------------------# +# Exit +if [ "$1" = "no" ]; then + exit +fi + # Schedule restart if [ "$1" = 'scheduled' ]; then echo "$BIN/$SCRIPT now" >> $VESTA/data/queue/restart.pipe @@ -48,8 +53,7 @@ fi service $FTP_SYSTEM restart >/dev/null 2>&1 if [ $? -ne 0 ]; then send_email_report - echo "Error: $FTP_SYSTEM restart failed" - exit $E_RESTART + check_result $E_RESTART "$FTP_SYSTEM restart failed" fi # Update restart queue diff --git a/bin/v-restart-mail b/bin/v-restart-mail index 325f0f0f8..920297227 100755 --- a/bin/v-restart-mail +++ b/bin/v-restart-mail @@ -12,16 +12,16 @@ # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin" send_email_report() { - send_mail="$VESTA/web/inc/mail-wrapper.php" email=$(grep CONTACT $VESTA/data/users/admin/user.conf) email=$(echo "$email" | cut -f 2 -d "'") tmpfile=$(mktemp) subj="$(hostname): $MAIL_SYSTEM restart failed" - /etc/init.d/$MAIL_SYSTEM configtest >> $tmpfile 2>&1 - /etc/init.d/$MAIL_SYSTEM restart >> $tmpfile 2>&1 - cat $tmpfile | $send_mail -s "$subj" $email + service $MAIL_SYSTEM configtest >> $tmpfile 2>&1 + service $MAIL_SYSTEM restart >> $tmpfile 2>&1 + cat $tmpfile |$SENDMAIL -s "$subj" $email rm -f $tmpfile } @@ -30,6 +30,11 @@ send_email_report() { # Action # #----------------------------------------------------------# +# Exit +if [ "$1" = "no" ]; then + exit +fi + # Schedule restart if [ "$1" = 'scheduled' ]; then echo "$BIN/$SCRIPT now" >> $VESTA/data/queue/restart.pipe @@ -48,8 +53,7 @@ fi service $MAIL_SYSTEM restart >/dev/null 2>&1 if [ $? -ne 0 ]; then send_email_report - echo "Error: $MAIL_SYSTEM restart failed" - exit $E_RESTART + check_result $E_RESTART "$MAIL_SYSTEM restart failed" fi # Update restart queue diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy index c3be9aedd..7dcfad120 100755 --- a/bin/v-restart-proxy +++ b/bin/v-restart-proxy @@ -12,16 +12,16 @@ # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin" send_email_report() { - send_mail="$VESTA/web/inc/mail-wrapper.php" email=$(grep CONTACT $VESTA/data/users/admin/user.conf) email=$(echo "$email" | cut -f 2 -d "'") tmpfile=$(mktemp) subj="$(hostname): $PROXY_SYSTEM restart failed" - /etc/init.d/$PROXY_SYSTEM configtest >> $tmpfile 2>&1 - /etc/init.d/$PROXY_SYSTEM restart >> $tmpfile 2>&1 - cat $tmpfile | $send_mail -s "$subj" $email + service $PROXY_SYSTEM configtest >> $tmpfile 2>&1 + service $PROXY_SYSTEM restart >> $tmpfile 2>&1 + cat $tmpfile |$SENDMAIL -s "$subj" $email rm -f $tmpfile } @@ -30,6 +30,11 @@ send_email_report() { # Action # #----------------------------------------------------------# +# Exit +if [ "$1" = "no" ]; then + exit +fi + # Schedule restart if [ "$1" = 'scheduled' ]; then echo "$BIN/$SCRIPT now" >> $VESTA/data/queue/restart.pipe @@ -45,11 +50,16 @@ if [ -z "$PROXY_SYSTEM" ] || [ "$PROXY_SYSTEM" = 'remote' ]; then fi # Restart system -/etc/init.d/$PROXY_SYSTEM restart >/dev/null 2>&1 +if [ ! -f "/etc/debian_version" ]; then + service $PROXY_SYSTEM restart >/dev/null 2>&1 +else + systemctl reset-failed $PROXY_SYSTEM + systemctl restart $PROXY_SYSTEM > /dev/null 2>&1 +fi + if [ $? -ne 0 ]; then send_email_report - echo "Error: $PROXY_SYSTEM restart failed" - exit $E_RESTART + check_result $E_RESTART "$PROXY_SYSTEM restart failed" fi # Update restart queue diff --git a/bin/v-restart-service b/bin/v-restart-service index 612b3fb6f..e46339f92 100755 --- a/bin/v-restart-service +++ b/bin/v-restart-service @@ -9,11 +9,12 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition service=$1 # Includes source $VESTA/func/main.sh +PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin" #----------------------------------------------------------# @@ -30,13 +31,13 @@ check_args '1' "$#" 'SERVICE' if [ "$service" != "iptables" ]; then service $service restart >/dev/null 2>&1 if [ $? -ne 0 ]; then - exit $E_RESTART + check_result $E_RESTART "$service restart failed" fi else $BIN/v-stop-firewall $BIN/v-update-firewall if [ $? -ne 0 ]; then - exit $E_RESTART + check_result $E_RESTART "$service restart failed" fi fi diff --git a/bin/v-restart-system b/bin/v-restart-system index 209794a7a..40767acec 100755 --- a/bin/v-restart-system +++ b/bin/v-restart-system @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition restart=$1 # Includes diff --git a/bin/v-restart-web b/bin/v-restart-web index 180ed6f86..ab1afe6ce 100755 --- a/bin/v-restart-web +++ b/bin/v-restart-web @@ -12,16 +12,16 @@ # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin" send_email_report() { - send_mail="$VESTA/web/inc/mail-wrapper.php" email=$(grep CONTACT $VESTA/data/users/admin/user.conf) email=$(echo "$email" | cut -f 2 -d "'") tmpfile=$(mktemp) subj="$(hostname): $WEB_SYSTEM restart failed" - /etc/init.d/$WEB_SYSTEM configtest >> $tmpfile 2>&1 - /etc/init.d/$WEB_SYSTEM restart >> $tmpfile 2>&1 - cat $tmpfile | $send_mail -s "$subj" $email + service $WEB_SYSTEM configtest >> $tmpfile 2>&1 + service $WEB_SYSTEM restart >> $tmpfile 2>&1 + cat $tmpfile |$SENDMAIL -s "$subj" $email rm -f $tmpfile } @@ -30,6 +30,11 @@ send_email_report() { # Action # #----------------------------------------------------------# +# Exit +if [ "$1" = "no" ]; then + exit +fi + # Schedule restart if [ "$1" = 'scheduled' ]; then echo "$BIN/$SCRIPT now" >> $VESTA/data/queue/restart.pipe @@ -44,27 +49,25 @@ if [ -z "$WEB_SYSTEM" ] || [ "$WEB_SYSTEM" = 'remote' ]; then exit fi -# Restart system +# Reload web system +service $WEB_SYSTEM reload >/dev/null 2>&1 +rc=$? + +# Workaround for Ubuntu 12.04 if [ "$WEB_SYSTEM" == 'apache2' ]; then - if [ -e "/var/run/apache2.pid" ]; then - /etc/init.d/$WEB_SYSTEM reload >/dev/null 2>&1 - else - /etc/init.d/$WEB_SYSTEM restart >/dev/null 2>&1 - if [ $? -ne 0 ]; then - send_email_report - echo "Error: $WEB_SYSTEM restart failed" - exit $E_RESTART - fi + pid1='/var/run/apache2.pid' + pid2='/var/run/apache2/apache2.pid' + if [ ! -e "$pid1" ] && [ ! -e "$pid2" ]; then + rc=1 fi -else - /etc/init.d/$WEB_SYSTEM reload >/dev/null 2>&1 - if [ "$?" -ne 0 ]; then - /etc/init.d/$WEB_SYSTEM restart >/dev/null 2>&1 - if [ $? -ne 0 ]; then - send_email_report - echo "Error: $WEB_SYSTEM restart failed" - exit $E_RESTART - fi +fi + +# Resart web system if reload didn't work +if [ "$rc" -ne 0 ]; then + service $WEB_SYSTEM restart >/dev/null 2>&1 + if [ $? -ne 0 ]; then + send_email_report + check_result $E_RESTART "$WEB_SYSTEM restart failed" fi fi diff --git a/bin/v-restart-web-backend b/bin/v-restart-web-backend new file mode 100755 index 000000000..e1d8ebe94 --- /dev/null +++ b/bin/v-restart-web-backend @@ -0,0 +1,75 @@ +#!/bin/bash +# info: restart backend server +# options: NONE +# +# The function reloads backend server configuration. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf +PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin" + +send_email_report() { + email=$(grep CONTACT $VESTA/data/users/admin/user.conf) + email=$(echo "$email" | cut -f 2 -d "'") + tmpfile=$(mktemp) + subj="$(hostname): $WEB_BACKEND restart failed" + service $WEB_BACKEND configtest >> $tmpfile 2>&1 + service $WEB_BACKEND restart >> $tmpfile 2>&1 + cat $tmpfile |$SENDMAIL -s "$subj" $email + rm -f $tmpfile +} + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Exit +if [ "$1" = "no" ]; then + exit +fi + +# Schedule restart +if [ "$1" = 'scheduled' ]; then + echo "$BIN/$SCRIPT now" >> $VESTA/data/queue/restart.pipe + exit +fi +if [ -z "$1" ] && [ "$SCHEDULED_RESTART" = 'yes' ]; then + echo "$BIN/$SCRIPT now" >> $VESTA/data/queue/restart.pipe + exit +fi + +if [ -z "$WEB_BACKEND" ] || [ "$WEB_BACKEND" = 'remote' ]; then + exit +fi + +# Restart system +php_fpm=$(ls /etc/init.d/php*-fpm* 2>/dev/null |cut -f 4 -d / |head -n 1) +if [ -z "$php_fpm" ]; then + service $WEB_BACKEND restart >/dev/null 2>&1 +else + service $php_fpm restart >/dev/null 2>&1 +fi + +if [ $? -ne 0 ]; then + send_email_report + check_result $E_RESTART "$WEB_BACKEND restart failed" +fi + +# Update restart queue +if [ -e "$VESTA/data/queue/restart.pipe" ]; then + sed -i "/$SCRIPT/d" $VESTA/data/queue/restart.pipe +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-restore-user b/bin/v-restore-user index 5971ca836..cb77f7434 100755 --- a/bin/v-restore-user +++ b/bin/v-restore-user @@ -12,7 +12,7 @@ # Import VESTA variable for cron launch source /etc/profile -# Argument defenition +# Argument definition user=$1 backup=$2 web=$3 @@ -25,7 +25,7 @@ notify=${9-no} # Define backup dir if [ -z "$BACKUP" ]; then - BACKUP=/home/backup/ + BACKUP=/backup fi # Includes @@ -36,12 +36,127 @@ source $VESTA/func/db.sh source $VESTA/func/rebuild.sh source $VESTA/conf/vesta.conf -# Check backup function -is_backup_valid() { - if [ ! -e "$BACKUP/$backup" ]; then - echo "Error: backup doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST +# Check backup ownership function +is_backup_available() { + passed=false + if [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then + passed=true + elif [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then + passed=true + fi + + if [ $passed = false ]; then + check_result $E_FORBIDEN "permission denied" + fi +} + +# Defining ftp command function +ftpc() { + /usr/bin/ftp -n $HOST $PORT <" { + if {\$count < \$argc} { + set arg [lindex \$argv \$count] + send "\$arg\r" + incr count + } else { + send "exit\r" + set output "Disconnected." + if {[info exists rc] != 1} { + set rc $OK + } + } + exp_continue + } + timeout { + set output "Connection timeout." + set rc $E_CONNECT + } + } + + if {[info exists output] == 1} { + puts "\$output" + } + + exit \$rc +EOF +} + +# SFTP backup download function +sftp_download() { + source $VESTA/conf/sftp.backup.conf + if [ -z "$PORT" ]; then + PORT='22' + fi + cd $BACKUP + if [ -z $BPATH ]; then + sftpc "get $1" > /dev/null 2>&1 + else + sftpc "cd $BPATH" "get $1" > /dev/null 2>&1 + fi + +} + +# Google backup download function +google_download() { + source $VESTA/conf/google.backup.conf + gsutil="$VESTA/3rdparty/gsutil/gsutil" + export BOTO_CONFIG="$VESTA/conf/.google.backup.boto" + ${gsutil} cp gs://$BUCKET/$BPATH/$1 $BACKUP/ > /dev/null 2>&1 + if [ "$?" -ne 0 ]; then + check_result "$E_CONNECT" "gsutil failed to download $1" fi } @@ -52,171 +167,168 @@ is_backup_valid() { args_usage='USER BACKUP [WEB] [DNS] [MAIL] [DB] [CRON] [UDIR] [NOTIFY]' check_args '2' "$#" "$args_usage" -validate_format 'user' 'backup' -is_backup_valid -is_backup_available +is_format_valid 'user' 'backup' +is_backup_available "$user" "$backup" #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Define email wrapper -send_mail="$VESTA/web/inc/mail-wrapper.php" +# Checking local backup +if [ ! -e "$BACKUP/$backup" ]; then + if [[ "$BACKUP_SYSTEM" =~ "google" ]]; then + google_download $backup + downloaded='yes' + fi + if [[ "$BACKUP_SYSTEM" =~ "sftp" ]] && [ -z "$downloaded" ]; then + sftp_download $backup + downloaded='yes' + fi + if [[ "$BACKUP_SYSTEM" =~ "ftp" ]] && [ -z "$downloaded" ]; then + ftp_download $backup + downloaded='yes' + fi + if [ -z "$downloaded" ]; then + check_result $E_NOTEXIST "backup $backup doesn't exist" + fi +fi -# Check user +# Checking user existance on the server check_user=$(is_object_valid 'user' 'USER' "$user") if [ -z "$check_user" ]; then is_object_unsuspended 'user' 'USER' "$user" - - if [ "$notify" != 'no' ]; then - subj="$user → restore failed" - email=$(get_user_value '$CONTACT') - else - subj="$user → restore failed" - email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f2 -d \') - fi -else - # Set flag for user creation - create_user="yes" - - # Set notification email and subject subj="$user → restore failed" + email=$(get_user_value '$CONTACT') +else + create_user="yes" email=$(grep CONTACT $VESTA/data/users/admin/user.conf | cut -f2 -d \') fi -# Check disk usage + +# Checking avaiable disk space disk_usage=$(df $BACKUP |tail -n1 |tr ' ' '\n' |grep % |cut -f 1 -d %) if [ "$disk_usage" -ge "$BACKUP_DISK_LIMIT" ]; then - rm -rf $tmpdir - echo "Not enough disk space to run backup" | $send_mail -s "$subj" $email - echo "Error: Not enough disk space" + echo "Error: Not enough disk space" |$SENDMAIL -s "$subj" $email $notify sed -i "/ $user /d" $VESTA/data/queue/backup.pipe - log_event "$E_DISK" "$EVENT" - exit $E_DISK + check_result $E_DISK "Not enough disk space" fi -# Check load average -la=$(cat /proc/loadavg | cut -f 1 -d ' ' | cut -f 1 -d '.') +# Checking load average +la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.') i=0 while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do - echo "$(date "+%F %T") Load Average $la" - echo + echo -e "$(date "+%F %T") Load Average $la" sleep 60 if [ "$i" -ge "15" ]; then - echo "LoadAverage $i is above threshold" |$send_mail -s "$subj" $email - echo "Error: LA is too high" + la_error="LoadAverage $la is above threshold" + echo "Error: $la_error" |$SENDMAIL -s "$subj" $email $notify sed -i "/ $user /d" $VESTA/data/queue/backup.pipe - log_event "$E_LA" "$EVENT" - exit $E_LA + check_result $E_LA "$la_error" fi + la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.') (( ++i)) done -# Creating temporary directory -tmpdir=$(mktemp -p $BACKUP -d) -if [ "$?" -ne 0 ]; then - echo "Can't create tmp dir $tmpdir" | $send_mail -s "$subj" $email - echo "Error: can't create tmp dir" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST +if [ -z "$BACKUP_TEMP" ]; then + BACKUP_TEMP=$BACKUP fi -# User +# Creating temporary directory +tmpdir=$(mktemp -p $BACKUP_TEMP -d) +if [ "$?" -ne 0 ]; then + echo "Can't create tmp dir $tmpdir" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_NOTEXIST" "can't create tmp dir" +fi + +# Restoring user account if [ "$create_user" = 'yes' ]; then - echo "-- USER --" - msg="$msg\n-- USER --" + echo "-- USER --" |tee $tmpdir/restore.log + echo -e "$(date "+%F %T") $user" |tee -a $tmpdir/restore.log - echo -e "$(date "+%F %T") $user" - msg="$msg\n$(date "+%F %T") $user" - - # unpack user container + # Unpacking user container tar xf $BACKUP/$backup -C $tmpdir ./vesta if [ "$?" -ne 0 ]; then - echo "Error: can't unpack user contaner" - echo "Can't unpack user contaner" | $send_mail -s "$subj" $email rm -rf $tmpdir - exit $E_PARSING + echo "Can't unpack user contaner" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "can't unpack user contaner" fi - # Restore cron records + # Restoring user.conf mkdir $USER_DATA cp $tmpdir/vesta/user.conf $USER_DATA/ + cp -r $tmpdir/vesta/ssl $USER_DATA/ >/dev/null 2>&1 + cp $tmpdir/vesta/backup-excludes.conf $USER_DATA/ >/dev/null 2>&1 - # Rebuild cron + # Rebuilding user rebuild_user_conf - - echo - msg="$msg\n" fi -# WEB -if [ "$web" != 'no' ]; then - echo "-- WEB --" - msg="$msg\n-- WEB --" +# Unpacking pam container +tar xf $BACKUP/$backup -C $tmpdir ./pam +if [ "$?" -ne 0 ]; then + rm -rf $tmpdir + echo "Can't unpack PAM contaner" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "can't unpack PAM contaner" +fi +old_user=$(cut -f 1 -d : $tmpdir/pam/passwd) +old_uid=$(cut -f 3 -d : $tmpdir/pam/passwd) +new_uid=$(grep "^$user:" /etc/passwd |cut -f 3 -d :) - # Unpack pam container - tar xf $BACKUP/$backup -C $tmpdir ./pam - if [ "$?" -ne 0 ]; then - echo "Error: can't unpack PAM contaner" - echo "Can't unpack PAM contaner" | $send_mail -s "$subj" $email - rm -rf $tmpdir - exit $E_PARSING + +# Restoring web domains +if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then + echo -e "\n-- WEB --" |tee -a $tmpdir/restore.log + + # Creating web domain restore list + backup_domains=$(tar -tf $BACKUP/$backup |grep "^./web") + backup_domains=$(echo "$backup_domains" |grep domain_data.tar.gz) + backup_domains=$(echo "$backup_domains" |cut -f 3 -d /) + if [ -z "$web" ] || [ "$web" = '*' ]; then + domains="$backup_domains" + else + echo "$web" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt + domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt) fi - # Get user id - old_uid=$(cut -f 3 -d : $tmpdir/pam/passwd) - new_uid=$(grep "^$user:" /etc/passwd | cut -f 3 -d :) + # Restoring web domain + for domain in $domains; do + echo -e "$(date "+%F %T") $domain" |tee -a $tmpdir/restore.log - # Create domain list - domain_list=$(tar -tf $BACKUP/$backup | grep "^./web" |\ - grep domain_data.tar.gz | cut -f 3 -d '/') - if [ ! -z "$web" ]; then - dom_include_list=$(mktemp) - for domain_include in ${web//,/ }; do - echo "^$domain_include$" >> $dom_include_list - done - domain_list=$(echo "$domain_list" | egrep -f $dom_include_list ) - rm -f $dom_include_list - fi - - for domain in $domain_list; do - echo -e "$(date "+%F %T") $domain" - msg="$msg\n$(date "+%F %T") $domain" - - # unpack domain container - tar xf $BACKUP/$backup -C $tmpdir ./web/$domain - if [ "$?" -ne 0 ]; then - echo "Error: can't unpack $domain web contaner" - echo "Can't unpack $domain web contaner" |\ - $send_mail -s "$subj" $email - rm -rf $tmpdir - exit $E_PARSING - fi - - # Restore domain config + # Checking domain existance check_config=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf) if [ -z "$check_config" ]; then - - # Parse domain config - eval $(cat $tmpdir/web/$domain/vesta/web.conf) - - # Check if domain new check_new=$(is_domain_new 'web' $domain) if [ ! -z "$check_new" ]; then - echo "Error: web domain $domain belongs to another user" - echo "Web domain $domain belongs to another user" |\ - $send_mail -s "$subj" $email rm -rf $tmpdir - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + error="$domain belongs to another user" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" fi + fi - # Check if domain alias is new + # Unpacking domain container + tar xf $BACKUP/$backup -C $tmpdir ./web/$domain + if [ "$?" -ne 0 ]; then + rm -rf $tmpdir + error="Can't unpack $domain web container" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" + fi + + # Restoring web.conf + if [ -z "$check_config" ]; then + eval $(cat $tmpdir/web/$domain/vesta/web.conf) + + # Deleting conflicting aliases for dom_alias in ${ALIAS//,/ }; do check_new=$(is_domain_new 'web' $dom_alias) if [ ! -z "$check_new" ]; then - # Delete conflicting alias ALIAS=$(echo "$ALIAS" |\ sed "s/,/\n/g"|\ sed "s/^$dom_alias$//g"|\ @@ -225,582 +337,443 @@ if [ "$web" != 'no' ]; then fi done - # Check ip address - check_ip=$(is_ip_valid $IP) - if [ -z "$check_ip" ]; then - check_ip=$(is_ip_avalable $IP) - fi + # Checking ip address + check_ip=$(is_ip_valid $IP $user) if [ ! -z "$check_ip" ]; then - IP=$(get_user_ip $user) - if [ -z "$IP" ]; then - echo "Error: no avaiable IP address" - echo "No available IP address" |\ - $send_mail -s "$subj" $email - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi - echo "$IP" > $tmpdir/ip_mapping.$domain + local_ip='' + get_user_ip $user + old_ip=$IP + IP=$ip fi - # Check web template - check_tpl=$(is_web_template_valid) - if [ ! -e "$WEBTPL/$WEB_SYSTEM/$TPL.tpl" ]; then - TPL="default" - if [ ! -e "$WEBTPL/$WEB_SYSTEM/$TPL.tpl" ]; then - echo "Error: no avaiable web template" - echo "No available web template" |\ - $send_mail -s "$subj" $email - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi + # Checking web template + check_tpl=$(is_web_template_valid $TPL) + if [ ! -z "$check_tpl" ]; then + TPL='default' fi - # Check proxy template - if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then - if [ ! -e "$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" ]; then - PROXY="default" - if [ ! -e "$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" ]; then - echo "Error: no avaiable proxy template" - echo "No available proxy tpl" |\ - $send_mail -s "$subj" $email - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi - fi + # Checking proxy template + check_proxy_tpl=$(is_proxy_template_valid $PROXY) + if [ ! -z "$check_proxy_tpl" ]; then + PROXY='default' fi - # Convert ftp user + # Checking backend template + check_backend_tpl=$(is_backend_template_valid $BACKEND) + if [ ! -z "$check_proxy_tpl" ]; then + BACKEND='default' + fi + + # Converting ftp users if [ ! -z "$FTP_USER" ]; then - FTP_USER=$(echo "$FTP_USER" | cut -f 2,3,4,5,6,7 -d '_') + FTP_USER=$(echo "$FTP_USER" |sed -e "s/${old_user}_//") FTP_USER="${user}_${FTP_USER}" fi - # Convert stats user + # Converting stats users if [ ! -z "$STATS_USER" ]; then - STATS_USER=$(echo "$STATS_USER" | cut -f 2,3,4,5,6,7 -d '_') + STATS_USER=$(echo "$STATS_USER" |sed -e "s/${old_user}_//") STATS_USER="${user}_${STATS_USER}" fi + + # Copying ssl certificates + if [ "$SSL" = 'yes' ]; then + certificates=$(ls $tmpdir/web/$domain/conf| grep ssl) + certificates=$(echo "$certificates" |grep $domain) + for crt in $certificates; do + crt=$(echo $crt|sed -e "s/ssl.//") + cp -f $tmpdir/web/$domain/conf/ssl.$crt $USER_DATA/ssl/$crt + done + fi + + # Concatenating web.conf keys str="DOMAIN='$domain' IP='$IP' IP6='$IP6' ALIAS='$ALIAS'" str="$str TPL='$TPL' SSL='$SSL' SSL_HOME='$SSL_HOME'" - str="$str FTP_USER='$FTP_USER' FTP_MD5='$FTP_MD5' PROXY='$PROXY'" + str="$str LETSENCRYPT='$LETSENCRYPT' FTP_USER='$FTP_USER'" + str="$str FTP_MD5='$FTP_MD5' BACKEND='$BACKEND' PROXY='$PROXY'" str="$str PROXY_EXT='$PROXY_EXT' STATS='$STATS'" str="$str STATS_USER='$STATS_USER' STATS_CRYPT='$STATS_CRYPT'" str="$str U_DISK='$U_DISK' U_BANDWIDTH='0' SUSPENDED='no'" str="$str TIME='$(date +%T)' DATE='$(date +%F)'" echo $str >> $USER_DATA/web.conf - # Copy ssl certificate - if [ "$SSL" = 'yes' ]; then - for crt in $(ls $tmpdir/web/$domain/conf |grep ssl); do - crt=$(echo "$crt" |sed "s/ssl.//") - cp -f $tmpdir/web/$domain/conf/ssl.$crt $USER_DATA/ssl/$crt - done + # Rebuilding backend + if [ ! -z "$WEB_BACKEND" ]; then + $BIN/v-add-web-domain-backend $user $domain $BACKEND fi - # Rebuild web config + # Rebuilding vhost rebuild_web_domain_conf - - # Adding vhost - web_conf="/etc/$WEB_SYSTEM/conf.d/vesta.conf" - tmp_conf="$HOMEDIR/$user/conf/web/tmp_$WEB_SYSTEM.conf" - conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" - cat $tmp_conf >> $conf - rm -f $tmp_conf - web_include=$(grep "$conf" $web_conf) - if [ -z "$web_include" ]; then - echo "Include $conf" >> $web_conf - fi - - # Adding SSL vhost - if [ "$SSL" = 'yes' ]; then - tmp_conf="$HOMEDIR/$user/conf/web/tmp_s$WEB_SYSTEM.conf" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - cat $tmp_conf >> $conf - rm -f $tmp_conf - fi - ssl_include=$(grep "$conf" $web_conf) - if [ -z "$ssl_include" ]; then - echo "Include $conf" >> $web_conf - fi - - # Proxy - if [ ! -z "$PROXY_SYSTEM" ]; then - # Adding proxy vhost - proxy_conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf" - if [ ! -z "$PROXY" ]; then - tmp_conf="$HOMEDIR/$user/conf/web/tmp_$PROXY_SYSTEM.conf" - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - cat $tmp_conf >> $conf - rm -f $tmp_conf - fi - proxy_include=$(grep "$conf" $proxy_conf) - if [ -z "$proxy_include" ]; then - echo "include $conf;" >> $proxy_conf - fi - - # Adding SSL proxy vhost - if [ ! -z "$PROXY" ] && [ "$SSL" = 'yes' ]; then - tmp_conf="$HOMEDIR/$user/conf/web/tmp_s$PROXY_SYSTEM.conf" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - cat $tmp_conf >> $conf - rm -f $tmp_conf - proxy_include=$(grep "$conf" $proxy_conf) - if [ -z "$proxy_include" ]; then - echo "include $conf;" >> $proxy_conf - fi - fi - fi fi - # Restore data - tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \ - -C $HOMEDIR/$user/web/$domain/ - if [ "$?" -ne 0 ]; then - echo "Error: can't unpack $domain data tarball" - echo "Can't can't unpack $domain data tarball" |\ - $send_mail -s "$subj" $email - rm -rf $tmpdir - exit $E_PARSING + # Restoring web domain data + chown $user $tmpdir + chmod u+w $HOMEDIR/$user/web/$domain + sudo -u $user tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \ + -C $HOMEDIR/$user/web/$domain/ --exclude=./logs/* \ + 2> $HOMEDIR/$user/web/$domain/restore_errors.log + if [ -e "$HOMEDIR/$user/web/$domain/restore_errors.log" ]; then + chown $user:$user $HOMEDIR/$user/web/$domain/restore_errors.log fi + #if [ "$?" -ne 0 ]; then + # rm -rf $tmpdir + # error="can't unpack $domain data tarball" + # echo "$error" |$SENDMAIL -s "$subj" $email $notify + # sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + # check_result "$E_PARSING" "$error" + #fi - # Fix for tar < 1.24 + # Applying Fix for tar < 1.24 find $HOMEDIR/$user/web/$domain -type d \ -exec chown -h $user:$user {} \; - # ReChown files if uid differs + # Re-chowning files if uid differs if [ "$old_uid" -ne "$new_uid" ]; then find $HOMEDIR/$user/web/$domain/ -user $old_uid \ -exec chown -h $user:$user {} \; fi - done - # Restart WEB + # Adding user to traff queue + sed -i "/ $user /d" $VESTA/data/queue/traffic.pipe + echo "$BIN/v-update-web-domains-traff $user" >>\ + $VESTA/data/queue/traffic.pipe + + # Restarting web server $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART + check_result $? "Web restart failed" + if [ ! -z "$PROXY_SYSTEM" ]; then + $BIN/v-restart-proxy + check_result $? "Proxy restart failed" fi - - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi - - echo - msg="$msg\n" fi -# DNS -if [ "$dns" != 'no' ]; then - echo "-- DNS --" - msg="$msg\n-- DNS --" +# Restoring dns domains +if [ "$dns" != 'no' ] && [ ! -z "$DNS_SYSTEM" ]; then + echo -e "\n-- DNS --" |tee -a $tmpdir/restore.log - # Create domain list - domain_list=$(tar -tf $BACKUP/$backup | grep "^./dns" |\ - grep dns.conf | cut -f 3 -d '/') - if [ ! -z "$dns" ]; then - dom_include_list=$(mktemp) - for domain_include in ${dns//,/ }; do - echo "^$domain_include$" >> $dom_include_list - done - domain_list=$(echo "$domain_list" | egrep -f $dom_include_list ) - rm -f $dom_include_list + # Creating dns domain restore list + backup_domains=$(tar -tf $BACKUP/$backup |grep "^./dns") + backup_domains=$(echo "$backup_domains" |grep "dns.conf$") + backup_domains=$(echo "$backup_domains" |cut -f 3 -d /) + if [ -z "$dns" ] || [ "$dns" = '*' ]; then + domains="$backup_domains" + else + echo "$dns" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt + domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt) fi - for domain in $domain_list; do - echo -e "$(date "+%F %T") $domain" - msg="$msg\n$(date "+%F %T") $domain" + # Restoring dns domain + for domain in $domains; do + echo -e "$(date "+%F %T") $domain" |tee -a $tmpdir/restore.log - # unpack domain container - tar xf $BACKUP/$backup -C $tmpdir ./dns/$domain - if [ "$?" -ne 0 ]; then - echo "Error: can't unpack $domain dns contaner" - echo "Can't unpack $domain dns contaner" |\ - $send_mail -s "$subj" $email - rm -rf $tmpdir - exit $E_PARSING - fi - - # Restore domain config + # Checking domain existance check_config=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) if [ -z "$check_config" ]; then - - # Parse domain config - eval $(cat $tmpdir/dns/$domain/vesta/dns.conf) - - # Check if domain new check_new=$(is_domain_new 'dns' $domain) if [ ! -z "$check_new" ]; then - echo "Error: dns domain $domain belongs to another user" - echo "DNS domain $domain belongs to another user" |\ - $send_mail -s "$subj" $email rm -rf $tmpdir - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + error="$domain belongs to another user" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" + fi + fi + + # Unpacking domain container + tar xf $BACKUP/$backup -C $tmpdir ./dns/$domain + if [ "$?" -ne 0 ]; then + rm -rf $tmpdir + error="Can't unpack $domain dns container" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" + fi + + # Restoring dns.conf + if [ -z "$check_config" ]; then + eval $(cat $tmpdir/dns/$domain/vesta/dns.conf) + + # Checking ip address + check_ip=$(is_ip_valid $IP $user) + if [ ! -z "$check_ip" ]; then + local_ip='' + get_user_ip $user + old_ip=$IP + IP=$ip fi - # Check ip address - if [ -e "$tmpdir/ip_mapping.$domain" ]; then - OLD=$IP - IP=$(cat $tmpdir/ip_mapping.$domain) - sed -i "s/$OLD/$IP/g" $tmpdir/dns/$domain/vesta/$domain.conf - else - check_ip=$(is_ip_valid $IP) - if [ ! -z "$check_ip" ]; then - if [ -z "$IP" ]; then - IP=$(get_user_ip $user) - fi - fi - fi - if [ -z "$IP" ]; then - echo "Error: no avaiable IP address" - echo "No available IP address" | $send_mail -s "$subj" $email - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi - - # Check dns template - check_tpl=$(is_dns_template_valid) + # Checking dns template + check_tpl=$(is_dns_template_valid $TPL) if [ ! -z "$check_tpl" ]; then - templates=$(ls -t $VESTA/data/templates/dns/ |\ - grep '\.tpl' |\ - cut -f 1 -d '.') - if [ ! -z "$(echo $templates |grep default)" ]; then - TPL=$(echo "$templates" |grep default |head -n1) - else - TPL=$("$templates" |head -n1) - fi - - if [ -z "$TPL" ]; then - echo "Error: no avaiable dns template" - echo "No available dns template" |\ - $send_mail -s "$subj" $email - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi + TPL='default' fi + # Concatenating dns.conf keys str="DOMAIN='$domain' IP='$IP' TPL='$TPL' TTL='$TTL' EXP='$EXP'" str="$str SOA='$SOA' RECORDS='$RECORDS' SUSPENDED='no'" str="$str TIME='$(date +%T)' DATE='$(date +%F)'" echo $str >> $USER_DATA/dns.conf fi - # Restore dns records + # Restoring dns records cp -f $tmpdir/dns/$domain/vesta/$domain.conf $USER_DATA/dns/ - # Rebuild dns config + # Rebuilding dns domain rebuild_dns_domain_conf done - # Restart DNS + # Restarting DNS $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi - - echo - msg="$msg\n" + check_result $? "DNS restart failed" fi -# MAIL -if [ "$mail" != 'no' ]; then - echo "-- MAIL --" - msg="$msg\n-- MAIL --" +# Restoring mail domains +if [ "$mail" != 'no' ] && [ ! -z "$MAIL_SYSTEM" ]; then + echo -e "\n-- MAIL --" |tee -a $tmpdir/restore.log - # Unpack pam container - tar xf $BACKUP/$backup -C $tmpdir ./pam - if [ "$?" -ne 0 ]; then - echo "Error: can't unpack PAM contaner" - echo "Can't unpack PAM contaner" | $send_mail -s "$subj" $email - rm -rf $tmpdir - exit $E_PARSING + # Creating mail domain restore list + backup_domains=$(tar -tf $BACKUP/$backup |grep "^./mail") + backup_domains=$(echo "$backup_domains" |grep "mail.conf$") + backup_domains=$(echo "$backup_domains" |cut -f 3 -d /) + if [ -z "$mail" ] || [ "$mail" = '*' ]; then + domains="$backup_domains" + else + echo "$mail" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt + domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt) fi - # Get user id - old_uid=$(cut -f 3 -d : $tmpdir/pam/passwd) - new_uid=$(grep "^$user:" /etc/passwd | cut -f 3 -d :) - - # Create domain list - domain_list=$(tar -tf $BACKUP/$backup | grep "^./mail" |\ - grep mail.conf | cut -f 3 -d '/') - if [ ! -z "$mail" ]; then - dom_include_list=$(mktemp) - for domain_include in ${mail//,/ }; do - echo "^$domain_include$" >> $dom_include_list - done - domain_list=$(echo "$domain_list" | egrep -f $dom_include_list ) - rm -f $dom_include_list + # Checking exim username for later chowning + exim_user="exim"; + check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd) + if [ "$check_exim_username" -eq 1 ]; then + exim_user="Debian-exim" fi - for domain in $domain_list; do - echo -e "$(date "+%F %T") $domain" - msg="$msg\n$(date "+%F %T") $domain" - - # unpack domain container - tar xf $BACKUP/$backup -C $tmpdir ./mail/$domain - if [ "$?" -ne 0 ]; then - echo "Error: can't unpack $domain mail contaner" - echo "Can't can't unpack $domain mail contaner" |\ - $send_mail -s "$subj" $email - rm -rf $tmpdir - exit $E_PARSING - fi - - # Restore domain config - domain_idn=$(idn -t --quiet -a "$domain") + # Restoring dns domain + for domain in $domains; do + echo -e "$(date "+%F %T") $domain" |tee -a $tmpdir/restore.log + # Checking domain existance check_config=$(grep "DOMAIN='$domain'" $USER_DATA/mail.conf) if [ -z "$check_config" ]; then - - # Parse domain config - eval $(cat $tmpdir/mail/$domain/vesta/mail.conf) - - # Check if domain new check_new=$(is_domain_new 'mail' $domain) if [ ! -z "$check_new" ]; then - echo "Error: mail domain $domain belongs to another user" - echo "Mail domain $domain belongs to another user" |\ - $send_mail -s "$subj" $email rm -rf $tmpdir - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + error="$domain belongs to another user" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" fi - - str="DOMAIN='$domain' ANTIVIRUS='$ANTIVIRUS' ANTISPAM='$ANTISPAM'" - str="$str DKIM='$DKIM' ACCOUNTS='$ACCOUNTS' U_DISK='$U_DISK'" - str="$str CATCHALL='$CATCHALL' SUSPENDED='no'" - str="$str TIME='$(date +%T)' DATE='$(date +%F)'" - echo $str >> $USER_DATA/mail.conf fi - # Restore DKIM + # Unpacking domain container + tar xf $BACKUP/$backup -C $tmpdir ./mail/$domain + if [ "$?" -ne 0 ]; then + rm -rf $tmpdir + error="Can't unpack $domain mail container" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" + fi + + # Restoring mail.conf + if [ -z "$check_config" ]; then + cat $tmpdir/mail/$domain/vesta/mail.conf >> $USER_DATA/mail.conf + fi + + # Restoring DKIM if [ -e "$tmpdir/mail/$domain/vesta/$domain.pem" ]; then cp -f $tmpdir/mail/$domain/vesta/$domain.pem $USER_DATA/mail/ cp -f $tmpdir/mail/$domain/vesta/$domain.pub $USER_DATA/mail/ fi - # Restore email accounts + # Restoring email accounts cp -f $tmpdir/mail/$domain/vesta/$domain.conf $USER_DATA/mail/ - # Rebuild mail config + # Rebuilding mail config rebuild_mail_domain_conf - # Restore emails + domain_idn=$domain + format_domain_idn + + # Restoring emails if [ -e "$tmpdir/mail/$domain/accounts.tar.gz" ]; then - tar -xzpf $tmpdir/mail/$domain/accounts.tar.gz \ + chown $user $tmpdir + chmod u+w $HOMEDIR/$user/mail/$domain_idn + sudo -u $user tar -xzpf $tmpdir/mail/$domain/accounts.tar.gz \ -C $HOMEDIR/$user/mail/$domain_idn/ if [ "$?" -ne 0 ]; then - echo "Error: can't unpack $domain mail account tarball" - echo "Can't unpack $domain mail account tarball" |\ - $send_mail -s "$subj" $email rm -rf $tmpdir - exit $E_PARSING + error="Can't unpack $domain mail account container" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" fi - # ReChown files if uid differs + # Re-chowning files if uid differs if [ "$old_uid" -ne "$new_uid" ]; then find $HOMEDIR/$user/mail/$domain_idn -user $old_uid \ -exec chown -h $user:mail {} \; fi - fi + + # Chowning mail conf files to exim user + find $HOMEDIR/$user/conf/mail/$domain_idn -user root \ + -exec chown $exim_user {} \; + done - echo - msg="$msg\n" fi -# DB -if [ "$db" != 'no' ]; then - echo "-- DB --" - msg="$msg\n-- DB --" +# Restoring databases +if [ "$db" != 'no' ] && [ ! -z "$DB_SYSTEM" ]; then + echo -e "\n-- DB --" |tee -a $tmpdir/restore.log - # Create domain list - db_list=$(tar -tf $BACKUP/$backup | grep "^./db" |\ - grep db.conf | cut -f 3 -d '/') - if [ ! -z "$db" ]; then - db_include_list=$(mktemp) - for db_include in ${db//,/ }; do - echo "^$db_include$" >> $db_include_list - done - db_list=$(echo "$db_list" | egrep -f $db_include_list ) - rm -f $db_include_list + # Creating database restore list + backup_databases=$(tar -tf $BACKUP/$backup |grep "^./db") + backup_databases=$(echo "$backup_databases" |grep db.conf) + backup_databases=$(echo "$backup_databases" |cut -f 3 -d / |sort -u) + if [ -z "$db" ] || [ "$db" = '*' ]; then + databases="$backup_databases" + else + echo "$db" |tr ',' '\n' | sed -e "s/$/$/" > $tmpdir/selected.txt + databases=$(echo "$backup_databases" |egrep -f $tmpdir/selected.txt) fi - for db in $db_list; do + # Restoring database + for database in $databases; do + echo -e "$(date "+%F %T") $database" |tee -a $tmpdir/restore.log - # unpack db container - tar xf $BACKUP/$backup -C $tmpdir ./db/$db + # Checking database existance + check_config=$(grep "DB='$database'" $USER_DATA/db.conf) + + # Unpacking database container + tar xf $BACKUP/$backup -C $tmpdir ./db/$database if [ "$?" -ne 0 ]; then - echo "Error: can't unpack $db database contaner" - echo "Can't unpack $db database contaner" |\ - $send_mail -s "$subj" $email rm -rf $tmpdir - exit $E_PARSING + error="Can't unpack $database database container" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" fi - # Restore domain config - check_config=$(grep "DB='$db'" $USER_DATA/db.conf) + # Restore database config if [ -z "$check_config" ]; then - - # Parse database config - eval $(cat $tmpdir/db/$db/vesta/db.conf) - - # Convert database & database user - DB=$(echo "$DB" | cut -f 2,3,4,5,6,7 -d '_') + eval $(cat $tmpdir/db/$database/vesta/db.conf) + DB=$(echo "$DB" |sed -e "s/${old_user}_//") DB="${user}_${DB}" - DBUSER=$(echo "$DBUSER" | cut -f 2,3,4,5,6,7 -d '_') + DBUSER=$(echo "$DBUSER" |sed -e "s/${old_user}_//") DBUSER="${user}_${DBUSER}" - str="DB='$DB' DBUSER='$DBUSER' MD5='$MD5' HOST='$HOST'" str="$str TYPE='$TYPE' CHARSET='$CHARSET' U_DISK='$U_DISK'" str="$str SUSPENDED='no' TIME='$(date +%T)' DATE='$(date +%F)'" echo $str >> $USER_DATA/db.conf else - eval $(grep "DB='$db'" $USER_DATA/db.conf) + eval $(grep "DB='$database'" $USER_DATA/db.conf) fi - echo -e "$(date "+%F %T") $DB" - msg="$msg\n$(date "+%F %T") $DB" + # Unziping database dump + gzip -d $tmpdir/db/$database/$database.*.sql.gz - # Unzip database dump - gzip -d $tmpdir/db/$db/$db.*.sql.gz - - # Get database values - get_database_values - - # Rebuild db + # Importing database dump + database_dump="$tmpdir/db/$database/$database.$TYPE.sql" case $TYPE in mysql) rebuild_mysql_database; - import_mysql_database $tmpdir/db/$db/$db.$TYPE.sql ;; + import_mysql_database $database_dump ;; pgsql) rebuild_pgsql_database; - import_pgsql_database $tmpdir/db/$db/$db.$TYPE.sql ;; + import_pgsql_database $database_dump ;; esac done - echo - msg="$msg\n" fi -# Cron -if [ "$cron" != 'no' ]; then - echo "-- CRON --" - msg="$msg\n-- CRON --" +# Restoring cron jobs +if [ "$cron" != 'no' ] && [ ! -z "CRON_SYSTEM" ]; then + echo -e "\n-- CRON --" |tee -a $tmpdir/restore.log - # unpack cron container + # Unpacking cron container tar xf $BACKUP/$backup -C $tmpdir ./cron if [ "$?" -ne 0 ]; then - echo "Error: can't unpack cron contaner" - echo "Can't unpack cron contaner" | $send_mail -s "$subj" $email rm -rf $tmpdir - exit $E_PARSING + error="Can't unpack cron container" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" fi - cron_record=$(wc -l $tmpdir/cron/cron.conf |cut -f 1 -d' ') - if [ "$cron_record" -eq 1 ]; then - echo -e "$(date "+%F %T") $cron_record record" - msg="$msg\n$(date "+%F %T") $cron_record record" + jobs=$(wc -l $tmpdir/cron/cron.conf |cut -f 1 -d' ') + if [ "$jobs" -eq 1 ]; then + echo -e "$(date "+%F %T") $jobs cron job" |tee -a $tmpdir/restore.log else - echo -e "$(date "+%F %T") $cron_record records" - msg="$msg\n$(date "+%F %T") $cron_record records" + echo -e "$(date "+%F %T") $jobs cron jobs"|tee -a $tmpdir/restore.log fi - # Restore cron records + # Restoring cron jobs cp $tmpdir/cron/cron.conf $USER_DATA/cron.conf - # Rebuild cron + # Rebuilding cron jobs sync_cron_jobs - # Restart cron + # Restarting cron $BIN/v-restart-cron - if [ $? -ne 0 ]; then - exit $E_RESTART - fi - - echo - msg="$msg\n" + check_result $? "CRON restart failed" fi -# Restore user directories +# Restoring user files and directories if [ "$udir" != 'no' ]; then - echo "-- USER DIR --" - msg="$msg\n-- USER DIR --" + echo -e "\n-- USER FILES --" |tee -a $tmpdir/restore.log - # unpack user dir container + # Unpacking user dir container if [ ! -z "$(tar -tf $BACKUP/$backup |grep './user_dir')" ]; then - # Unpack pam container - tar xf $BACKUP/$backup -C $tmpdir ./pam - if [ "$?" -ne 0 ]; then - echo "Error: can't unpack PAM contaner" - echo "Can't unpack PAM contaner" | $send_mail -s "$subj" $email - rm -rf $tmpdir - exit $E_PARSING + # Creating user dir restore list + backup_dirs=$(tar -tf $BACKUP/$backup |grep "^./user_dir") + backup_dirs=$(echo "$backup_dirs" |grep tar.gz) + backup_dirs=$(echo "$backup_dirs" |cut -f 3 -d /) + backup_dirs=$(echo "$backup_dirs" |sed "s/.tar.gz//") + if [ -z "$udir" ] || [ "$udir" = '*' ]; then + user_dirs="$backup_dirs" + else + echo "$udir" |tr ',' '\n' > $tmpdir/selected.txt + user_dirs=$(echo "$backup_dirs" |egrep -f $tmpdir/selected.txt) fi - # Get user id - old_uid=$(cut -f 3 -d : $tmpdir/pam/passwd) - new_uid=$(grep "^$user:" /etc/passwd | cut -f 3 -d :) - - # Create user dir list - udir_list=$(tar -tf $BACKUP/$backup | grep "^./user_dir" |\ - grep tar.gz | cut -f 3 -d '/' | sed "s/.tar.gz//") - - if [ ! -z "$udir" ]; then - udir_include_list=$(mktemp) - for udir_include in ${udir//,/ }; do - echo "^$udir_include$" >> $udir_include_list - done - udir_list=$(echo "$udir_list" | egrep -f $udir_include_list ) - rm -f $udir_include_list - fi - - for user_dir in $udir_list; do - echo -e "$(date "+%F %T") $user_dir" - msg="$msg\n$(date "+%F %T") $user_dir" - - # unpack user_dir container + for user_dir in $user_dirs; do + echo -e "$(date "+%F %T") $user_dir" |tee -a $tmpdir/restore.log tar xf $BACKUP/$backup -C $tmpdir ./user_dir/$user_dir.tar.gz if [ "$?" -ne 0 ]; then - echo "Error: can't unpack $user_dir user dir contaner" - echo "Can't unpack $user_dir user dir contaner" |\ - $send_mail -s "$subj" $email - rm -rf $tmpdir - exit $E_PARSING + error="can't unpack $user_dir user dir contaner" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" fi tar xzf $tmpdir/user_dir/$user_dir.tar.gz -C $HOMEDIR/$user if [ "$?" -ne 0 ]; then - echo "Error: can't unpack $user_dir user dir contaner" - echo "Can't unpack $user_dir user dir contaner" |\ - $send_mail -s "$subj" $email - rm -rf $tmpdir - exit $E_PARSING + error="can't unpack $user_dir user dir contaner" + echo "$error" |$SENDMAIL -s "$subj" $email $notify + sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + check_result "$E_PARSING" "$error" fi - # ReChown files if uid differs + # Re-chowning files if uid differs if [ "$old_uid" -ne "$new_uid" ]; then find $HOMEDIR/$user/$user_dir -user $old_uid \ -exec chown -h $user:$user {} \; fi done fi - echo - msg="$msg\n" fi -# Remove temporary data +# Sending mail notification +subj="$user → restore has been completed" +cat $tmpdir/restore.log |$SENDMAIL -s "$subj" $email $notify + +# Deleting temporary data rm -rf $tmpdir -# Clean restore queue +# Cleaning restore queue sed -i "/v-restore-user $user /d" $VESTA/data/queue/backup.pipe -# Send notification -if [ "$notify" != 'no' ]; then - subj="$user → restore has been completed" - email=$(get_user_value '$CONTACT') - echo -e "$msg" | $send_mail -s "$subj" $email -fi - #----------------------------------------------------------# # Vesta # @@ -812,6 +785,6 @@ $BIN/v-update-user-counters admin $BIN/v-update-sys-ip-counters # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-schedule-letsencrypt-domain b/bin/v-schedule-letsencrypt-domain new file mode 100755 index 000000000..3877b6ef4 --- /dev/null +++ b/bin/v-schedule-letsencrypt-domain @@ -0,0 +1,62 @@ +#!/bin/bash +# info: adding cronjob for letsencrypt cetificate installation +# options: USER DOMAIN [ALIASES] +# +# The function adds cronjob for letsencrypt ssl certificate installation + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +aliases=$3 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN [ALIASES]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_system_enabled "$WEB_SSL" 'SSL_SUPPORT' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Parsing domain aliases +if [ -z "$aliases" ]; then + get_domain_values 'web' + aliases="$ALIAS" +fi + +# Adding cronjob scheduler for LE +$BIN/v-add-cron-letsencrypt-job + +# Adding LE task +echo "$BIN/v-add-letsencrypt-domain $user $domain '$aliases' yes yes" \ + >> $VESTA/data/queue/letsencrypt.pipe + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-schedule-user-backup b/bin/v-schedule-user-backup index 41cc3d79b..dcbcedb61 100755 --- a/bin/v-schedule-user-backup +++ b/bin/v-schedule-user-backup @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$BACKUP_SYSTEM" 'BACKUP_SYSTEM' is_object_valid 'user' 'USER' "$user" is_backup_enabled @@ -44,6 +44,6 @@ echo "$BIN/v-backup-user $user yes >> $log 2>&1" >>\ #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-schedule-user-restore b/bin/v-schedule-user-restore index 0aded2148..0fbb8546e 100755 --- a/bin/v-schedule-user-restore +++ b/bin/v-schedule-user-restore @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 backup=$2 web=$3 @@ -23,17 +23,31 @@ udir=$8 source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +# Check backup ownership function +is_backup_available() { + passed=false + if [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then + passed=true + elif [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then + passed=true + fi + + if [ $passed = false ]; then + check_result $E_FORBIDEN "permission denied" + fi +} #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER BACKUP [WEB] [DNS] [MAIL] [DB] [CRON] [UDIR]' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$BACKUP_SYSTEM" 'BACKUP_SYSTEM' is_object_valid 'user' 'USER' "$user" is_backup_enabled is_backup_scheduled 'restore' +is_backup_available "$user" "$backup" #----------------------------------------------------------# @@ -52,6 +66,6 @@ echo "$BIN/v-restore-user $user $backup $options yes >> $log 2>&1" >>\ #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-list-web-domains-alias b/bin/v-schedule-vesta-softaculous similarity index 54% rename from bin/v-list-web-domains-alias rename to bin/v-schedule-vesta-softaculous index fb8f24514..9474f50ff 100755 --- a/bin/v-list-web-domains-alias +++ b/bin/v-schedule-vesta-softaculous @@ -1,54 +1,46 @@ #!/bin/bash -# info: list web domains and alias key -# options: USER [FORMAT] +# info: adding cronjob for vesta-softaculous installation +# options: NONE # -# The function for obtaining the list of aliases of all user's domains. This -# call was arranged for filling in the lack of information by applying -# v-list-web-domains call in the shell format. +# The function adds cronjob for letsencrypt ssl certificate installation #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition -user=$1 -format=${2-shell} - # Includes source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '1' "$#" 'USER [FORMAT]' -validate_format 'user' -is_object_valid 'user' 'USER' "$user" +is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Defining config -conf=$USER_DATA/web.conf -# Defining fileds to select -fields="\$DOMAIN \$ALIAS" +# Adding cronjob for vesta-softaculous +cmd="sudo /usr/local/vesta/bin/v-add-vesta-softaculous" +check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null) +if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then + $BIN/v-add-cron-job admin '*/1' '*' '*' '*' '*' "$cmd" +fi -# Listing domains -case $format in - json) json_list ;; - plain) nohead=1; shell_list ;; - shell) shell_list;; - *) check_args '1' '0' 'USER [FORMAT]' -esac #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Logging +log_event "$OK" "$ARGUMENTS" + exit diff --git a/bin/v-search-domain-owner b/bin/v-search-domain-owner index 453fdfdca..5b88f4959 100755 --- a/bin/v-search-domain-owner +++ b/bin/v-search-domain-owner @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition domain=$(idn -t --quiet -u "$1" ) type=${2-any} @@ -50,6 +50,6 @@ echo $owner #----------------------------------------------------------# # Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-search-fs-object b/bin/v-search-fs-object new file mode 100755 index 000000000..3c7785682 --- /dev/null +++ b/bin/v-search-fs-object @@ -0,0 +1,47 @@ +#!/bin/bash +# info: search file or directory +# options: USER OBJECT [PATH] +# +# The function search files and directories on the file system + +user=$1 +object=$2 +path=$3 + +# Checking arguments +if [ -z "$object" ]; then + echo "Usage: USER OBJECT [PATH]" + exit 1 +fi + +# Checking vesta user +if [ ! -e "$VESTA/data/users/$user" ]; then + echo "Error: vesta user $user doesn't exist" + exit 3 +fi + +# Checking user homedir +homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :) +if [ -z $homedir ]; then + echo "Error: user home directory doesn't exist" + exit 12 +fi + +# Checking path +if [ ! -z "$path" ]; then + rpath=$(readlink -f "$path") + if [ -z "$(echo $rpath |grep $homedir)" ]; then + echo "Error: invalid path $dst_dir" + exit 2 + fi +else + path=$homedir +fi + +# Listing directory +sudo -u $user find "$path" -name "$object" \ + -printf "%y|%m|%TY-%Tm-%Td|%TH:%TM|%u|%g|%s|%P\n" 2>/dev/null +# -printf "%y|%m|%TY-%Tm-%Td|%TH:%TM:%TS|%u|%g|%s|%P\n" 2>/dev/null + +# Exiting +exit $? diff --git a/bin/v-search-object b/bin/v-search-object index 3c6ab0d46..939cbafc2 100755 --- a/bin/v-search-object +++ b/bin/v-search-object @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition object=$1 format=${2-shell} @@ -71,7 +71,7 @@ shell_list_search() { #----------------------------------------------------------# check_args '1' "$#" 'OBJECT [FORMAT]' -validate_format 'object' +is_format_valid 'object' #----------------------------------------------------------# @@ -84,6 +84,22 @@ OLD_IFS=$IFS IFS=$'\n' # User loop +search_user=$(ls -1 $VESTA/data/users |grep $object) +for user in $search_user; do + if [ -e "$VESTA/data/users/$user/user.conf" ]; then + source $VESTA/data/users/$user/user.conf + ((i ++)) + type=$(echo $type|cut -f1 -d \.) + str="ID='$i' USER='$user' TYPE='user' KEY='$user'" + str="$str RESULT='$user' ALIAS=''" + str="$str LINK='$user' PARENT=''" + str="$str SUSPENDED='$SUSPENDED' TIME='$TIME'" + str="$str DATE='$DATE'" + echo $str >> $conf + fi +done + +# User data loop for user in $(ls $VESTA/data/users/); do # Search query search=$(grep "$object" \ @@ -94,7 +110,7 @@ for user in $(ls $VESTA/data/users/); do $VESTA/data/users/$user/mail/*.conf \ $VESTA/data/users/$user/db.conf \ $VESTA/data/users/$user/cron.conf 2> /dev/null) - + for row in $search; do # Initialise variable key='' @@ -154,12 +170,13 @@ for user in $(ls $VESTA/data/users/); do # DNS Records if [ "$type" = 'dns' ]; then - if [ -n "$(echo $RECORD |grep $object)" ]; then + if [ -n "$(echo $RECORD $VALUE |grep $object)" ]; then + dom="$(echo $row|cut -f 1 -d :|cut -f 9 -d /|sed 's/.conf//')" key="RECORD" - result="$RECORD.$DOMAIN" + result="$RECORD.$dom" suspended=$SUSPENDED object_link=$ID - object_parent=$DOMAIN + object_parent=$dom object_time=$TIME object_date=$DATE ((i ++)) @@ -253,6 +270,6 @@ rm $conf #----------------------------------------------------------# # Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-search-ssl-certificates b/bin/v-search-ssl-certificates new file mode 100755 index 000000000..c9208830b --- /dev/null +++ b/bin/v-search-ssl-certificates @@ -0,0 +1,93 @@ +#!/bin/bash +# info: search ssl certificates +# options: [FORMAT] +# +# The function to obtain the list of available ssl certificates. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + IFS=$'\n' + objects=$(echo "$search_cmd" |wc -l) + i=1 + echo '[' + for str in $search_cmd; do + eval $str + if [ "$i" -lt "$objects" ]; then + echo -e "\t\"$USER:$DOMAIN\"," + else + echo -e "\t\"$USER:$DOMAIN\"" + fi + (( ++i)) + done + echo "]" +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "USER DOMAIN" + echo "---- ------" + for str in $search_cmd; do + eval $str + echo "$USER $DOMAIN" + done +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + for str in $search_cmd; do + eval $str + echo -e "$USER\t$DOMAIN" + done +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "USER,DOMAIN" + for str in $search_cmd; do + eval $str + echo "$USER,$DOMAIN" + done +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +search_cmd=$(grep -H "SSL='yes'" $VESTA/data/users/*/web.conf |\ + cut -f 1 -d ' ' |\ + sed -e "s|$VESTA/data/users/|USER='|" -e "s|/web.conf:|' |") + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-search-user-object b/bin/v-search-user-object index 084b8b01a..3e25372df 100755 --- a/bin/v-search-user-object +++ b/bin/v-search-user-object @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 object=$2 format=${3-shell} @@ -72,7 +72,7 @@ shell_list_search() { #----------------------------------------------------------# check_args '2' "$#" 'USER OBJECT [FORMAT]' -validate_format 'user' 'object' +is_format_valid 'user' 'object' is_object_valid 'user' 'USER' "$user" @@ -253,6 +253,6 @@ rm $conf #----------------------------------------------------------# # Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-start-service b/bin/v-start-service index 970c7ca0a..0e5c9b895 100755 --- a/bin/v-start-service +++ b/bin/v-start-service @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition service=$1 # Includes @@ -29,14 +29,10 @@ check_args '1' "$#" 'SERVICE' if [ "$service" != 'iptables' ]; then service $service start >/dev/null 2>&1 - if [ $? -ne 0 ]; then - exit $E_RESTART - fi + check_result $? "$service start failed" $E_RESTART else $BIN/v-update-firewall - if [ $? -ne 0 ]; then - exit $E_RESTART - fi + check_result $? "$service start failed" $E_RESTART fi diff --git a/bin/v-stop-firewall b/bin/v-stop-firewall index 1806d4fae..2cd653a61 100755 --- a/bin/v-stop-firewall +++ b/bin/v-stop-firewall @@ -40,6 +40,15 @@ echo "$iptables -F INPUT" >> $tmp # Deleting vesta chain echo "$iptables -X vesta" >> $tmp +# Deleting custom chains +chains=$(cat $VESTA/data/firewall/chains.conf 2>/dev/null) +IFS=$'\n' +for chain in $chains; do + eval $chain + echo "$iptables -F fail2ban-$CHAIN" >> $tmp + echo "$iptables -X fail2ban-$CHAIN" >> $tmp +done + # Applying rules bash $tmp 2>/dev/null @@ -47,7 +56,7 @@ bash $tmp 2>/dev/null rm -f $tmp # Saving rules to the master iptables file -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then /sbin/iptables-save > /etc/sysconfig/iptables if [ -z "$(ls /etc/rc3.d/S*iptables 2>/dev/null)" ]; then /sbin/chkconfig iptables off diff --git a/bin/v-stop-service b/bin/v-stop-service index 7355a113c..68f4009ed 100755 --- a/bin/v-stop-service +++ b/bin/v-stop-service @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition service=$1 # Includes @@ -29,14 +29,10 @@ check_args '1' "$#" 'SERVICE' if [ "$service" != 'iptables' ]; then service $service stop >/dev/null 2>&1 - if [ $? -ne 0 ]; then - exit $E_RESTART - fi + check_result $? "$service stop failed" $E_RESTART else $BIN/v-stop-firewall - if [ $? -ne 0 ]; then - exit $E_RESTART - fi + check_result $? "$service stop failed" $E_RESTART fi diff --git a/bin/v-suspend-cron-job b/bin/v-suspend-cron-job index 977b77aba..43074ef14 100755 --- a/bin/v-suspend-cron-job +++ b/bin/v-suspend-cron-job @@ -9,12 +9,12 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 job=$2 restart=$3 -# Inlcudes +# Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER JOB [RESTART]' -validate_format 'user' 'job' +is_format_valid 'user' 'job' is_object_valid 'user' 'USER' "$user" is_object_valid 'cron' 'JOB' "$job" is_object_unsuspended 'cron' 'JOB' "$job" @@ -46,15 +46,11 @@ sync_cron_jobs # Vesta # #----------------------------------------------------------# -# Restart crond -if [ "$restart" != 'no' ]; then - $BIN/v-restart-cron - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting crond +$BIN/v-restart-cron $restart +check_result $? "Cron restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-cron-jobs b/bin/v-suspend-cron-jobs index 993989a5f..8b3f4ad8b 100755 --- a/bin/v-suspend-cron-jobs +++ b/bin/v-suspend-cron-jobs @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -41,15 +41,11 @@ done # Vesta # #----------------------------------------------------------# -# Restart crond -if [ "$restart" != 'no' ]; then - $BIN/v-restart-cron - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting crond +$BIN/v-restart-cron $restart +check_result $? "Cron restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-database b/bin/v-suspend-database index 1f7765194..ac736ea17 100755 --- a/bin/v-suspend-database +++ b/bin/v-suspend-database @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 database=$2 @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DATABASE' -validate_format 'user' 'database' +is_format_valid 'user' 'database' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -55,6 +55,6 @@ update_object_value 'db' 'DB' "$database" '$SUSPENDED' 'yes' increase_user_value "$user" '$SUSPENDED_DB' # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-database-host b/bin/v-suspend-database-host index 7ed06316b..daf39adc6 100755 --- a/bin/v-suspend-database-host +++ b/bin/v-suspend-database-host @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition type=$1 host=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'TYPE HOST' -validate_format 'type' 'host' +is_format_valid 'type' 'host' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid "../../conf/$type" 'HOST' "$host" is_object_unsuspended "../../conf/$type" 'HOST' "$host" @@ -42,6 +42,6 @@ update_object_value "../../conf/$type" 'HOST' "$host" '$SUSPENDED' 'yes' #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-databases b/bin/v-suspend-databases index 53ed4cec3..6c15b014e 100755 --- a/bin/v-suspend-databases +++ b/bin/v-suspend-databases @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -42,6 +42,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-dns-domain b/bin/v-suspend-dns-domain index 9d6c0906c..bfe30f0bc 100755 --- a/bin/v-suspend-dns-domain +++ b/bin/v-suspend-dns-domain @@ -9,23 +9,28 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 restart="$3" # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [RESTART]' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" @@ -36,6 +41,16 @@ is_object_unsuspended 'dns' 'DOMAIN' "$domain" # Action # #----------------------------------------------------------# +# Deleting system configs +if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + if [ -e '/etc/named.conf' ]; then + dns_conf='/etc/named.conf' + else + dns_conf='/etc/bind/named.conf' + fi + + sed -i "/\/$user\/conf\/dns\/$domain.db\"/d" $dns_conf +fi #----------------------------------------------------------# # Vesta # @@ -46,15 +61,7 @@ update_object_value 'dns' 'DOMAIN' "$domain" '$SUSPENDED' 'yes' sed -i "s/SUSPENDED='no'/SUSPENDED='yes'/g" $USER_DATA/dns/$domain.conf increase_user_value "$user" '$SUSPENDED_DNS' -# Restart named -#if [ "$restart" != 'no' ]; then -# $BIN/v-restart-dns -# if [ $? -ne 0 ]; then -# exit $E_RESTART -# fi -#fi - # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-dns-domains b/bin/v-suspend-dns-domains index f46cc39e6..c38e4336d 100755 --- a/bin/v-suspend-dns-domains +++ b/bin/v-suspend-dns-domains @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -42,15 +42,7 @@ done # Vesta # #----------------------------------------------------------# -# Restart dns server -#if [ "$restart" != 'no' ]; then -# $BIN/v-restart-dns -# if [ $? -ne 0 ]; then -# exit $E_RESTART -# fi -#fi - # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-dns-record b/bin/v-suspend-dns-record index 5cc8f310f..003f8d757 100755 --- a/bin/v-suspend-dns-record +++ b/bin/v-suspend-dns-record @@ -9,25 +9,30 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 id=$3 -restart="$4" +restart=$4 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ID [RESTART]' -validate_format 'user' 'domain' 'id' +is_format_valid 'user' 'domain' 'id' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" @@ -54,6 +59,7 @@ sort_dns_records # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -62,15 +68,7 @@ fi # Vesta # #----------------------------------------------------------# -# Restart named -#if [ "$restart" != 'no' ]; then -# $BIN/v-restart-dns -# if [ $? -ne 0 ]; then -# exit $E_RESTART -# fi -#fi - # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-domain b/bin/v-suspend-domain new file mode 100755 index 000000000..74e17f196 --- /dev/null +++ b/bin/v-suspend-domain @@ -0,0 +1,88 @@ +#!/bin/bash +# info: suspend web/dns/mail domain +# options: USER DOMAIN +# +# The function suspends web/dns/mail domain. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +restart="${3-yes}" + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN' +is_format_valid 'user' 'domain' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Working on Web domain +if [ ! -z "$WEB_SYSTEM" ]; then + str=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='no") + if [ ! -z "$str" ]; then + domain_found='yes' + $BIN/v-suspend-web-domain $user $domain 'no' + check_result $? "can't suspend web" > /dev/null + fi +fi + +# Working on DNS domain +if [ ! -z "$DNS_SYSTEM" ]; then + str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf |grep "SUSPENDED='no") + if [ ! -z "$str" ]; then + domain_found='yes' + $BIN/v-suspend-dns-domain $user $domain 'no' + check_result $? "can't suspend dns" > /dev/null + fi +fi + +# Working on Mail domain +if [ ! -z "$MAIL_SYSTEM" ]; then + str=$(grep "DOMAIN='$domain'" $USER_DATA/mail.conf |grep "SUSPENDED='no") + if [ ! -z "$str" ]; then + domain_found='yes' + $BIN/v-suspend-mail-domain $user $domain + check_result $? "can't suspend mail" > /dev/null + fi +fi + +# Checking domain search result +if [ -z "$domain_found" ]; then + echo "Error: domain $domain doesn't exist" + log_event "$E_NOTEXIST" "$ARGUMENTS" + exit $E_NOTEXIST +fi + +# Restarting services +$BIN/v-restart-web $restat +check_result $? "can't restart web" > /dev/null + +$BIN/v-restart-proxy $restart +check_result $? "can't restart proxy" > /dev/null + +$BIN/v-restart-dns $restart +check_result $? "can't restart dns" > /dev/null + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-suspend-firewall-rule b/bin/v-suspend-firewall-rule index a5e2d638e..67f14cecb 100755 --- a/bin/v-suspend-firewall-rule +++ b/bin/v-suspend-firewall-rule @@ -9,10 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition rule=$1 -# Inlcudes +# Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'RULE' -validate_format 'rule' +is_format_valid 'rule' is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' is_object_valid '../../data/firewall/rules' 'RULE' "$rule" is_object_unsuspended '../../data/firewall/rules' 'RULE' "$rule" @@ -44,6 +44,6 @@ $BIN/v-update-firewall #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-mail-account b/bin/v-suspend-mail-account index d691d05b2..913e1c4cd 100755 --- a/bin/v-suspend-mail-account +++ b/bin/v-suspend-mail-account @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 # Includes @@ -21,13 +20,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ACCOUNT' -validate_format 'user' 'domain' 'account' +is_format_valid 'user' 'domain' 'account' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -43,6 +47,9 @@ is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" if [[ "$MAIL_SYSTEM" =~ exim ]]; then quota=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA') + if [ "$quota" = 'unlimited' ]; then + quota=0 + fi sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd str="$account:SUSPENDED:$user:mail::$HOMEDIR/$user:$quota" echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd @@ -57,6 +64,6 @@ fi update_object_value "mail/$domain" 'ACCOUNT' "$account" '$SUSPENDED' 'yes' # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-mail-accounts b/bin/v-suspend-mail-accounts index 9cc393f20..ab8c440fa 100755 --- a/bin/v-suspend-mail-accounts +++ b/bin/v-suspend-mail-accounts @@ -9,23 +9,27 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -48,6 +52,6 @@ done #----------------------------------------------------------# # No Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-mail-domain b/bin/v-suspend-mail-domain index 02828e5d3..201dc7f3d 100755 --- a/bin/v-suspend-mail-domain +++ b/bin/v-suspend-mail-domain @@ -9,24 +9,28 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -54,6 +58,6 @@ sed -i "s/SUSPENDED='no'/SUSPENDED='yes'/g" $USER_DATA/mail/$domain.conf increase_user_value "$user" '$SUSPENDED_MAIL' # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-mail-domains b/bin/v-suspend-mail-domains index db52c5d4f..333228ee1 100755 --- a/bin/v-suspend-mail-domains +++ b/bin/v-suspend-mail-domains @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -43,6 +43,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-remote-dns-host b/bin/v-suspend-remote-dns-host index b55977c7a..f83b61720 100755 --- a/bin/v-suspend-remote-dns-host +++ b/bin/v-suspend-remote-dns-host @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition host=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'HOST' -validate_format 'host' +is_format_valid 'host' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid "../../conf/dns-cluster" 'HOST' "$host" is_object_unsuspended "../../conf/dns-cluster" 'HOST' "$host" @@ -41,6 +41,6 @@ update_object_value "../../conf/dns-cluster" 'HOST' "$host" '$SUSPENDED' 'yes' #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-user b/bin/v-suspend-user index adbff01aa..6276ce5ab 100755 --- a/bin/v-suspend-user +++ b/bin/v-suspend-user @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" if [ "$user" = 'admin' ]; then @@ -38,6 +38,11 @@ fi # Adding '!' in front of the password /usr/sbin/usermod --lock $user +# Suspending ftp accounts +for ftp in $(grep "^${user}_" /etc/passwd |cut -f 1 -d : ); do + /usr/sbin/usermod --lock $ftp 2>/dev/null +done + # Suspending web domains if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB_SYSTEM" != 'no' ]; then $BIN/v-suspend-web-domains $user $restart @@ -68,29 +73,21 @@ fi # Vesta # #----------------------------------------------------------# -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting system services +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +$BIN/v-restart-dns $restart +check_result $? "DNS restart failed" >/dev/null - $BIN/v-restart-cron - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-cron $restart +check_result $? "Cron restart failed" >/dev/null # Changing suspend value update_user_value "$user" '$SUSPENDED' 'yes' increase_user_value 'admin' '$SUSPENDED_USERS' # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-web-domain b/bin/v-suspend-web-domain index 7634e5fa5..7bd658ceb 100755 --- a/bin/v-suspend-web-domain +++ b/bin/v-suspend-web-domain @@ -11,10 +11,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 restart=$3 # Includes @@ -23,13 +23,18 @@ source $VESTA/func/domain.sh source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [RESTART]' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" @@ -42,41 +47,28 @@ is_object_unsuspended 'web' 'DOMAIN' "$domain" # Parsing domain values get_domain_values 'web' -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl" -conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" SUSPENDED='yes' -ip=$(get_real_ip $IP) +local_ip=$(get_real_ip $IP) # Preparing domain values for the template substitution -upd_web_domain_values +prepare_web_domain_values -# Recreating vhost -del_web_config -add_web_config - -# Check SSL +# Rebuilding vhost +del_web_config "$WEB_SYSTEM" "$TPL.tpl" +add_web_config "$WEB_SYSTEM" "$TPL.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - del_web_config - add_web_config + del_web_config "$WEB_SYSTEM" "$TPL.stpl" + add_web_config "$WEB_SYSTEM" "$TPL.stpl" fi -# Checking proxy -if [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - del_web_config - add_web_config - -fi - -# Checking proxy SSL -if [ ! -z "$PROXY" ] && [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$PROXY_SSL/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - del_web_config - add_web_config +# Rebuilding proxy configuration +if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + if [ "$SSL" = 'yes' ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + fi fi @@ -84,24 +76,18 @@ fi # Vesta # #----------------------------------------------------------# -# Update config +# Updating config update_object_value 'web' 'DOMAIN' "$domain" '$SUSPENDED' 'yes' increase_user_value "$user" '$SUSPENDED_WEB' -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-suspend-web-domains b/bin/v-suspend-web-domains index fc4bf125c..de8b178da 100755 --- a/bin/v-suspend-web-domains +++ b/bin/v-suspend-web-domains @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -42,20 +42,14 @@ done # Vesta # #----------------------------------------------------------# -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-sync-dns-cluster b/bin/v-sync-dns-cluster index ac0045184..207ecf91a 100755 --- a/bin/v-sync-dns-cluster +++ b/bin/v-sync-dns-cluster @@ -8,9 +8,8 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition host=$1 -verbose=$2 # Includes source $VESTA/func/main.sh @@ -23,146 +22,55 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' - -if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then - echo "Error: dns-cluster.conf doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST -fi - -number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l) -if [ "$number_of_proc" -gt 2 ]; then - echo "Error: another sync process already exists" - log_event "$E_EXISTS $EVENT" - exit $E_EXISTS -fi +is_procces_running +remote_dns_health_check 'no_email' #----------------------------------------------------------# # Action # #----------------------------------------------------------# -old_ifs="$IFS" +# Selecting remote hosts IFS=$'\n' - if [ -z $host ]; then - hosts=$(cat $VESTA/conf/dns-cluster.conf | grep "SUSPENDED='no'") - rm -f $VESTA/data/queue/dns-cluster.pipe - touch $VESTA/data/queue/dns-cluster.pipe - chmod 660 $VESTA/data/queue/dns-cluster.pipe + hosts=$(cat $VESTA/conf/dns-cluster.conf |grep "SUSPENDED='no'") else hosts=$(grep "HOST='$host'" $VESTA/conf/dns-cluster.conf) fi # Starting cluster loop -for cluster_str in $hosts; do +for cluster in $hosts; do - # Get host values - eval $cluster_str + # Parsing host values + eval $cluster - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' - fi + # Wiping remote domains + cluster_cmd v-delete-dns-domains-src $DNS_USER $HOSTNAME no + check_result $? "$HOST connection failed" $E_CONNECT - # Print hostname - if [ ! -z "$verbose" ]; then - echo "HOSTNAME: $HOSTNAME" - echo "TYPE: $TYPE" - fi - - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check host connection - $send_cmd v-list-sys-config - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - if [ ! -z "$verbose" ]; then - echo "DNS_USER: $DNS_USER" - fi - $send_cmd v-list-user $DNS_USER - if [ $? -ne 0 ]; then - echo "Error: dns user $DNS_USER doesn't exist" - log_event "$E_NOTEXIST $EVENT" - exit $E_NOTEXIST - fi - - # Check dns exceptions - if [ -z "$DNS_CLUSTER_IGNORE" ]; then - DNS_CLUSTER_IGNORE='dns-cluster' - fi - - # Create userlist - user_list=$(ls $VESTA/data/users) - for exception in $(echo -e "${DNS_CLUSTER_IGNORE//,/\n}"); do - user_list=$(echo "$user_list" | grep -v "^$exception$") - done - - # Clean source records - if [ ! -z "$verbose" ]; then - echo "STATUS: Wiping dns domains" - fi - $send_cmd v-delete-dns-domains-src $DNS_USER $HOSTNAME no - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed (cleanup)" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - - # Start user loop + # Syncing user domains + user_list=$(ls -d $VESTA/data/users/*/ | sed "s#$VESTA/data/users/##" | sed s"/.$//" | grep -v "dns-cluster") for user in $user_list; do - - # Sync domain for str in $(cat $VESTA/data/users/$user/dns.conf); do - eval $str - if [ ! -z "$verbose" ]; then - echo "DOMAIN: $DOMAIN index" - fi - $send_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME - if [ $? -eq 0 ]; then - if [ ! -z "$verbose" ]; then - echo "DOMAIN: $DOMAIN records" - fi - # Sync record - if [ "$TYPE" = 'ssh' ]; then - tmp=$(mktemp -u) - scp_cmd $USER_DATA/$user/dns/$DOMAIN.conf $tmp - $send_cmd v-insert-dns-records $DNS_USER $DOMAIN $tmp - else - for str in $(cat $USER_DATA/$user/dns/$DOMAIN.conf); do - str=$(echo "$str" | sed 's/"/\\"/g') - $send_cmd v-insert-dns-record \ - $DNS_USER $DOMAIN "$str" - done - fi - else - if [ ! -z "$verbose" ]; then - echo "DOMAIN: $DOMAIN skiping records (not uniq)" - fi - fi + # Syncing domain index + eval $str + cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME ' ' no + check_result $? "$HOST connection failed" $E_CONNECT + + # Syncing domain records + tmp_file="/tmp/vst-sync.$DOMAIN" + cluster_file $USER_DATA/$user/dns/$DOMAIN.conf $tmp_file + check_result $? "$HOST connection failed" $E_CONNECT + + cluster_cmd v-insert-dns-records $DNS_USER $DOMAIN $tmp_file 'no' + check_result $? "$HOST connection failed" $E_CONNECT done done - # Rebuild dns zones - $send_cmd v-rebuild-dns-domains $DNS_USER - if [ $? -ne 0 ]; then - echo "Error: $TYPE connection to $HOST failed (rebuild)" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi + # Rebuilding dns zones + cluster_cmd v-rebuild-dns-domains $DNS_USER + check_result $? "$TYPE connection to $HOST failed" $E_CONNECT done @@ -171,4 +79,9 @@ done # Vesta # #----------------------------------------------------------# +# Flushing dns-cluster queue +rm -f $VESTA/data/queue/dns-cluster.pipe +touch $VESTA/data/queue/dns-cluster.pipe +chmod 660 $VESTA/data/queue/dns-cluster.pipe + exit diff --git a/bin/v-unsuspend-cron-job b/bin/v-unsuspend-cron-job index 39af81b16..0e40a6eca 100755 --- a/bin/v-unsuspend-cron-job +++ b/bin/v-unsuspend-cron-job @@ -1,15 +1,15 @@ #!/bin/bash -# info: unuspend cron job +# info: unsuspend cron job # options: USER JOB [RESTART] # -# The function unsuspen certain cron job. +# The function unsuspend certain cron job. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 job=$2 restart="${3-yes}" @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER JOB [RESTART]' -validate_format 'user' 'job' 'restart' +is_format_valid 'user' 'job' 'restart' is_object_valid 'user' 'USER' "$user" is_object_valid 'cron' 'JOB' "$job" is_object_suspended 'cron' 'JOB' "$job" @@ -46,15 +46,11 @@ sync_cron_jobs # Vesta # #----------------------------------------------------------# -# Restart crond -if [ "$restart" != 'no' ]; then - $BIN/v-restart-cron - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting crond +$BIN/v-restart-cron $restart +check_result $? "Cron restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-cron-jobs b/bin/v-unsuspend-cron-jobs index e1d3e686b..2f2d740ec 100755 --- a/bin/v-unsuspend-cron-jobs +++ b/bin/v-unsuspend-cron-jobs @@ -1,5 +1,5 @@ #!/bin/bash -# info: unuspend sys cron +# info: unsuspend sys cron # options: USER [RESTART] # # The function unsuspends all suspended cron jobs. @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -41,15 +41,11 @@ done # Vesta # #----------------------------------------------------------# -# Restart crond -if [ "$restart" != 'no' ]; then - $BIN/v-restart-cron - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +# Restarting crond +$BIN/v-restart-cron $restart +check_result $? "Cron restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-database b/bin/v-unsuspend-database index 5a75ba3be..89892cb76 100755 --- a/bin/v-unsuspend-database +++ b/bin/v-unsuspend-database @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 database=$2 @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DATABASE' -validate_format 'user' 'database' +is_format_valid 'user' 'database' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_valid 'db' 'DB' "$database" @@ -54,6 +54,6 @@ update_object_value 'db' 'DB' "$database" '$SUSPENDED' 'no' decrease_user_value "$user" '$SUSPENDED_DB' # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-database-host b/bin/v-unsuspend-database-host index 2d2a0dc7c..928776a56 100755 --- a/bin/v-unsuspend-database-host +++ b/bin/v-unsuspend-database-host @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition type=$1 host=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'TYPE HOST' -validate_format 'type' 'host' +is_format_valid 'type' 'host' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid "../../conf/$type" 'HOST' "$host" is_object_suspended "../../conf/$type" 'HOST' "$host" @@ -42,6 +42,6 @@ update_object_value "../../conf/$type" 'HOST' "$host" '$SUSPENDED' 'no' #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-databases b/bin/v-unsuspend-databases index fcf9dc62e..30525c869 100755 --- a/bin/v-unsuspend-databases +++ b/bin/v-unsuspend-databases @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -43,6 +43,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-dns-domain b/bin/v-unsuspend-dns-domain index 25253590c..38008d2fc 100755 --- a/bin/v-unsuspend-dns-domain +++ b/bin/v-unsuspend-dns-domain @@ -9,23 +9,27 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") -restart="$3" +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" @@ -36,7 +40,21 @@ is_object_suspended 'dns' 'DOMAIN' "$domain" # Action # #----------------------------------------------------------# +# Creating system configs +if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + if [ -e '/etc/named.conf' ]; then + dns_conf='/etc/named.conf' + dns_group='named' + else + dns_conf='/etc/bind/named.conf' + dns_group='bind' + fi + # Adding zone in named.conf + named="zone \"$domain_idn\" {type master; file" + named="$named \"$HOMEDIR/$user/conf/dns/$domain.db\";};" + echo "$named" >> $dns_conf +fi #----------------------------------------------------------# # Vesta # @@ -47,16 +65,7 @@ update_object_value 'dns' 'DOMAIN' "$domain" '$SUSPENDED' 'no' decrease_user_value "$user" '$SUSPENDED_DNS' sed -i "s/SUSPENDED='yes'/SUSPENDED='no'/g" $USER_DATA/dns/$domain.conf - -# Restart named -#if [ "$restart" != 'no' ]; then -# $BIN/v-restart-dns -# if [ $? -ne 0 ]; then -# exit $E_RESTART -# fi -#fi - # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-dns-domains b/bin/v-unsuspend-dns-domains index 177770e04..eb27ba2ec 100755 --- a/bin/v-unsuspend-dns-domains +++ b/bin/v-unsuspend-dns-domains @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -42,15 +42,7 @@ done # Vesta # #----------------------------------------------------------# -# Restart dns server -#if [ "$restart" != 'no' ]; then -# $BIN/v-restart-dns -# if [ $? -ne 0 ]; then -# exit $E_RESTART -# fi -#fi - # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-dns-record b/bin/v-unsuspend-dns-record index 761581ef2..f1bc163f4 100755 --- a/bin/v-unsuspend-dns-record +++ b/bin/v-unsuspend-dns-record @@ -9,25 +9,30 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 id=$3 -restart="$4" +restart=$4 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ID [RESTART]' -validate_format 'user' 'domain' 'id' +is_format_valid 'user' 'domain' 'id' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" @@ -53,6 +58,7 @@ sort_dns_records # Updating zone if [[ "$DNS_SYSTEM" =~ named|bind ]]; then + update_domain_serial update_domain_zone fi @@ -61,15 +67,7 @@ fi # Vesta # #----------------------------------------------------------# -# Restart named -#if [ "$restart" != 'no' ]; then -# $BIN/v-restart-dns -# if [ $? -ne 0 ]; then -# exit $E_RESTART -# fi -#fi - # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-domain b/bin/v-unsuspend-domain new file mode 100755 index 000000000..a0a3b4597 --- /dev/null +++ b/bin/v-unsuspend-domain @@ -0,0 +1,87 @@ +#!/bin/bash +# info: unsuspend web/dns/mail domain +# options: USER DOMAIN +# +# The function unsuspends web/dns/mail domain. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +restart="${3-yes}" + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN' +is_format_valid 'user' 'domain' +is_object_valid 'user' 'USER' "$user" + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Working on Web domain +if [ ! -z "$WEB_SYSTEM" ]; then + str=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='yes") + if [ ! -z "$str" ]; then + domain_found='yes' + $BIN/v-unsuspend-web-domain $user $domain 'no' + check_result $? "can't suspend web" > /dev/null + fi +fi + +# Working on DNS domain +if [ ! -z "$DNS_SYSTEM" ]; then + str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf |grep "SUSPENDED='yes") + if [ ! -z "$str" ]; then + domain_found='yes' + $BIN/v-unsuspend-dns-domain $user $domain 'no' + check_result $? "can't suspend dns" > /dev/null + fi +fi + +# Working on Mail domain +if [ ! -z "$MAIL_SYSTEM" ]; then + str=$(grep "DOMAIN='$domain'" $USER_DATA/mail.conf |grep "SUSPENDED='yes") + if [ ! -z "$str" ]; then + domain_found='yes' + $BIN/v-unsuspend-mail-domain $user $domain + check_result $? "can't suspend mail" > /dev/null + fi +fi + +# Checking domain search result +if [ -z "$domain_found" ]; then + echo "Error: domain $domain doesn't exist" + log_event "$E_NOTEXIST" "$ARGUMENTS" + exit $E_NOTEXIST +fi + +# Restarting services +$BIN/v-restart-web $restart +check_result $? "can't restart web" > /dev/null + +$BIN/v-restart-proxy $restart +check_result $? "can't restart proxy" > /dev/null + +$BIN/v-restart-dns $restart +check_result $? "can't restart dns" > /dev/null + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-unsuspend-firewall-rule b/bin/v-unsuspend-firewall-rule index c1c97e2c7..be6320d41 100755 --- a/bin/v-unsuspend-firewall-rule +++ b/bin/v-unsuspend-firewall-rule @@ -9,10 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition rule=$1 -# Inlcudes +# Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'RULE' -validate_format 'rule' +is_format_valid 'rule' is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' is_object_valid '../../data/firewall/rules' 'RULE' "$rule" is_object_suspended '../../data/firewall/rules' 'RULE' "$rule" @@ -44,6 +44,6 @@ $BIN/v-update-firewall #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-mail-account b/bin/v-unsuspend-mail-account index 690f78df1..57e54af50 100755 --- a/bin/v-unsuspend-mail-account +++ b/bin/v-unsuspend-mail-account @@ -9,11 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 account=$3 # Includes @@ -21,13 +20,18 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '3' "$#" 'USER DOMAIN ACCOUNT' -validate_format 'user' 'domain' 'account' +is_format_valid 'user' 'domain' 'account' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -44,6 +48,9 @@ is_object_suspended "mail/$domain" 'ACCOUNT' "$account" if [[ "$MAIL_SYSTEM" =~ exim ]]; then md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5') quota=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA') + if [ "$quota" = 'unlimited' ]; then + quota=0 + fi sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota" echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd @@ -58,6 +65,6 @@ fi update_object_value "mail/$domain" 'ACCOUNT' "$account" '$SUSPENDED' 'no' # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-mail-accounts b/bin/v-unsuspend-mail-accounts index 6db20f07e..420bcf050 100755 --- a/bin/v-unsuspend-mail-accounts +++ b/bin/v-unsuspend-mail-accounts @@ -9,23 +9,27 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -48,6 +52,6 @@ done #----------------------------------------------------------# # No Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-mail-domain b/bin/v-unsuspend-mail-domain index d6167852a..935865d70 100755 --- a/bin/v-unsuspend-mail-domain +++ b/bin/v-unsuspend-mail-domain @@ -9,24 +9,28 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" @@ -53,6 +57,6 @@ sed -i "s/SUSPENDED='yes'/SUSPENDED='no'/g" $USER_DATA/mail/$domain.conf decrease_user_value "$user" '$SUSPENDED_MAIL' # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-mail-domains b/bin/v-unsuspend-mail-domains index 19321a538..6e319c944 100755 --- a/bin/v-unsuspend-mail-domains +++ b/bin/v-unsuspend-mail-domains @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -43,6 +43,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-remote-dns-host b/bin/v-unsuspend-remote-dns-host index 37e90e6b2..8e3308bfa 100755 --- a/bin/v-unsuspend-remote-dns-host +++ b/bin/v-unsuspend-remote-dns-host @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition host=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'HOST' -validate_format 'host' +is_format_valid 'host' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_object_valid "../../conf/dns-cluster" 'HOST' "$host" is_object_suspended "../../conf/dns-cluster" 'HOST' "$host" @@ -41,6 +41,6 @@ update_object_value "../../conf/dns-cluster" 'HOST' "$host" '$SUSPENDED' 'no' #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-user b/bin/v-unsuspend-user index 4222d2988..17c6683d6 100755 --- a/bin/v-unsuspend-user +++ b/bin/v-unsuspend-user @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" if [ "$user" = 'admin' ]; then exit @@ -37,6 +37,11 @@ fi # Deleting '!' in front of the password /usr/sbin/usermod --unlock $user +# Unsuspending ftp accounts +for ftp in $(grep "^${user}_" /etc/passwd |cut -f 1 -d : ); do + /usr/sbin/usermod --unlock $ftp 2>/dev/null +done + # Unsuspending web domains if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB_SYSTEM" != 'no' ]; then $BIN/v-unsuspend-web-domains $user $restart @@ -71,24 +76,17 @@ fi update_user_value "$user" '$SUSPENDED' 'no' decrease_user_value 'admin' '$SUSPENDED_USERS' -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting system services +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +$BIN/v-restart-dns $restart +check_result $? "DNS restart failed" >/dev/null - $BIN/v-restart-cron - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-cron $restart +check_result $? "Cron restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-web-domain b/bin/v-unsuspend-web-domain index b963833bb..91bc1e16b 100755 --- a/bin/v-unsuspend-web-domain +++ b/bin/v-unsuspend-web-domain @@ -9,11 +9,11 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") -restart="$3" +domain=$2 +domain_idn=$2 +restart=$3 # Includes source $VESTA/func/main.sh @@ -21,13 +21,18 @@ source $VESTA/func/domain.sh source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [RESTART]' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" @@ -40,40 +45,28 @@ is_object_suspended 'web' 'DOMAIN' "$domain" # Parsing domain values get_domain_values 'web' -tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl" -conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" SUSPENDED='no' -ip=$(get_real_ip $IP) +local_ip=$(get_real_ip $IP) # Preparing domain values for the template substitution -upd_web_domain_values +prepare_web_domain_values -# Recreating vhost -del_web_config -add_web_config - -# Check SSL +# Rebuilding vhost +del_web_config "$WEB_SYSTEM" "$TPL.tpl" +add_web_config "$WEB_SYSTEM" "$TPL.tpl" if [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" - conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" - del_web_config - add_web_config + del_web_config "$WEB_SYSTEM" "$TPL.stpl" + add_web_config "$WEB_SYSTEM" "$TPL.stpl" fi -# Checking proxy -if [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" - conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" - del_web_config - add_web_config -fi - -# Checking SSL proxy -if [ ! -z "$PROXY" ] && [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" - del_web_config - add_web_config +# Rebuilding proxy configuration +if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + if [ "$SSL" = 'yes' ]; then + del_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + add_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + fi fi @@ -81,24 +74,18 @@ fi # Vesta # #----------------------------------------------------------# -# Update config +# Updating config update_object_value 'web' 'DOMAIN' "$domain" '$SUSPENDED' 'no' decrease_user_value "$user" '$SUSPENDED_WEB' -# Restart web erver -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-unsuspend-web-domains b/bin/v-unsuspend-web-domains index 15c860260..2d2676d06 100755 --- a/bin/v-unsuspend-web-domains +++ b/bin/v-unsuspend-web-domains @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 restart=$2 @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER [RESTART]' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -43,20 +43,14 @@ done # Vesta # #----------------------------------------------------------# -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-database-disk b/bin/v-update-database-disk index fe0346192..5365177a3 100755 --- a/bin/v-update-database-disk +++ b/bin/v-update-database-disk @@ -2,14 +2,14 @@ # info: update database disk usage # options: USER DATABASE # -# The function recalculates disk usage for speciefic database. +# The function recalculates disk usage for specific database. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 database=$2 @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '2' "$#" 'USER DATABASE' -validate_format 'user' 'database' +is_format_valid 'user' 'database' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -55,6 +55,6 @@ update_object_value 'db' 'DB' "$database" '$U_DISK' "$usage" recalc_user_disk_usage # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-databases-disk b/bin/v-update-databases-disk index a6ca5b94a..fd2c34748 100755 --- a/bin/v-update-databases-disk +++ b/bin/v-update-databases-disk @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -42,6 +42,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-dns-templates b/bin/v-update-dns-templates index 3d3692c81..31361d001 100755 --- a/bin/v-update-dns-templates +++ b/bin/v-update-dns-templates @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition restart=$1 # Includes @@ -25,10 +25,10 @@ source $VESTA/conf/vesta.conf tmpdir=$(mktemp -d --dry-run) mkdir $tmpdir cd $tmpdir -wget http://c.vestacp.com/$VERSION/rhel/templates.tar.gz -q +wget http://c.vestacp.com/rhel/7/templates.tar.gz -q if [ "$?" -ne 0 ]; then echo "Error: can't download template.tar.gz" - log_event "$E_CONNECT" "$EVENT" + log_event "$E_CONNECT" "$ARGUMENTS" rm -rf $tmpdir exit $E_CONNECT fi diff --git a/bin/v-update-firewall b/bin/v-update-firewall index a28a8a7e0..46e2073a3 100755 --- a/bin/v-update-firewall +++ b/bin/v-update-firewall @@ -12,6 +12,7 @@ # Defining absolute path for iptables and modprobe iptables="/sbin/iptables" modprobe="/sbin/modprobe" +sysctl="/sbin/sysctl" # Includes source /etc/profile.d/vesta.sh @@ -38,13 +39,19 @@ if [ ! -e "$rules" ]; then exit fi +$sysctl net.netfilter.nf_conntrack_max >/dev/null 2>&1 +if [ $? -ne 0 ]; then + conntrack='no' +fi + # Checking conntrack module avaiabilty $modprobe nf_conntrack >/dev/null 2>&1 $modprobe nf_conntrack_ftp >/dev/null 2>&1 if [ $? -ne 0 ]; then - stateful='no' + conntrack_ftp='no' fi + # Creating temporary file tmp=$(mktemp) @@ -52,6 +59,19 @@ tmp=$(mktemp) echo "$iptables -P INPUT ACCEPT" >> $tmp echo "$iptables -F INPUT" >> $tmp +# Enabling stateful support +if [ "$conntrack" != 'no' ]; then + str="$iptables -A INPUT -m state" + str="$str --state ESTABLISHED,RELATED -j ACCEPT" + echo "$str" >> $tmp +fi + +# Handling local traffic +for ip in $(ls $VESTA/data/ips); do + echo "$iptables -A INPUT -s $ip -j ACCEPT" >> $tmp +done +echo "$iptables -A INPUT -s 127.0.0.1 -j ACCEPT" >> $tmp + # Pasring iptables rules IFS=$'\n' for line in $(sort -r -n -k 2 -t \' $rules); do @@ -75,7 +95,7 @@ for line in $(sort -r -n -k 2 -t \' $rules); do # Checking FTP for contrack module if [ "$TYPE" = "FTP" ] || [ "$PORT" = '21' ]; then - if [ "$stateful" != 'no' ]; then + if [ "$conntrack_ftp" != 'no' ]; then state="-m conntrack --ctstate NEW" else port="-m multiport --dports 20,21,12000:12100" @@ -88,25 +108,6 @@ for line in $(sort -r -n -k 2 -t \' $rules); do fi done -# Handling local traffic -for ip in $(ls $VESTA/data/ips); do - echo "$iptables -A INPUT -s $ip -j ACCEPT" >> $tmp -done -echo "$iptables -A INPUT -s 127.0.0.1 -j ACCEPT" >> $tmp -IFS=$'\n' -for p_rule in $(cat $ports); do - eval $p_rule - rule="$iptables -A INPUT -p $PROTOCOL" - echo "$rule --sport $PORT -j ACCEPT" >> $tmp -done - -# Enabling stateful support -if [ "$stateful" != 'no' ]; then - str="$iptables -A INPUT -p tcp -m state" - str="$str --state ESTABLISHED,RELATED -j ACCEPT" - echo "$str" >> $tmp -fi - # Switching chain policy to DROP echo "$iptables -P INPUT DROP" >> $tmp @@ -126,22 +127,32 @@ fi # Checking fail2ban support if [ ! -z "$FIREWALL_EXTENSION" ]; then - chains=$(cat $VESTA/data/firewall/chains.conf 2>/dev/null) -fi -for chain in $chains; do - eval $chain - if [[ "$PORT" =~ ,|-|: ]] ; then - port="-m multiport --dports $PORT" - else - port="--dport $PORT" - fi - echo "$iptables -I INPUT -p $PROTOCOL $port -j fail2ban-$CHAIN" > $tmp - bash $tmp + for chain in $(cat $VESTA/data/firewall/chains.conf 2>/dev/null); do + eval $chain + if [[ "$PORT" =~ ,|-|: ]] ; then + port="-m multiport --dports $PORT" + else + port="--dport $PORT" + fi + echo "$iptables -N fail2ban-$CHAIN" >> $tmp + echo "$iptables -F fail2ban-$CHAIN" >> $tmp + echo "$iptables -I fail2ban-$CHAIN -s 0.0.0.0/0 -j RETURN" >> $tmp + echo "$iptables -I INPUT -p $PROTOCOL $port -j fail2ban-$CHAIN" >>$tmp + done + bash $tmp 2>/dev/null rm -f $tmp -done + + for ban in $(cat $VESTA/data/firewall/banlist.conf 2>/dev/null); do + eval $ban + echo -n "$iptables -I fail2ban-$CHAIN 1 -s $IP" >> $tmp + echo " -j REJECT --reject-with icmp-port-unreachable" >> $tmp + done + bash $tmp 2>/dev/null + rm -f $tmp +fi # Saving rules to the master iptables file -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then /sbin/iptables-save > /etc/sysconfig/iptables if [ -z "$(ls /etc/rc3.d/S*iptables 2>/dev/null)" ]; then /sbin/chkconfig iptables on @@ -157,6 +168,14 @@ else fi fi +# Worarkound for OpenVZ +if [ -e "/proc/vz/veinfo" ]; then + dig @8.8.8.8 google.com +time=1 +tries=1 >/dev/null 2>&1 + if [ "$?" -ne 0 ]; then + $BIN/v-stop-firewall + fi +fi + #----------------------------------------------------------# # Vesta # diff --git a/bin/v-update-host-certificate b/bin/v-update-host-certificate new file mode 100755 index 000000000..71a87709a --- /dev/null +++ b/bin/v-update-host-certificate @@ -0,0 +1,93 @@ +#!/bin/bash +# info: update hosts certificates for exim, dovecot & vesta-nginx +# options: user +# options: hostname +# +# Function updates certificates for vesta + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +whoami=$(whoami) +if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then + echo "You must be root or admin to execute this script"; + exit 1; +fi + + +# Argument definition +user=$1 +hostname=$2 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/ip.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '1' "$#" '[USER] [HOSTNAME]' +is_format_valid 'user' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_system_enabled "$WEB_SSL" 'SSL_SUPPORT' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$hostname" +is_object_unsuspended 'web' 'DOMAIN' "$hostname" + +if [ ! -f "/home/$user/conf/web/ssl.$hostname.pem" ]; then + echo "This domain does not have certificate"; + exit 1; +fi + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Get current datetime for backup of old files +backup_datetime=`date '+%Y-%m-%d_%H-%M-%S'` + +# Keep a backup of the old certificate - todo: remove in production +#mv $VESTA/ssl/certificate.crt $VESTA/ssl/certificate.crt_backup_$backup_datetime +#mv $VESTA/ssl/certificate.key $VESTA/ssl/certificate.key_backup_$backup_datetime + +# Copy hostnames certificates from user dir +cp /home/$user/conf/web/ssl.$hostname.pem $VESTA/ssl/certificate.crt +cp /home/$user/conf/web/ssl.$hostname.key $VESTA/ssl/certificate.key + +# Checking exim username for later chowning +exim_user="exim"; +check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd) +if [ "$check_exim_username" -eq 1 ]; then + exim_user="Debian-exim" +fi + +# Assign exim permissions +chown $exim_user:mail $VESTA/ssl/certificate.crt +chown $exim_user:mail $VESTA/ssl/certificate.key + +# Restart exim, dovecot & vesta +$BIN/v-restart-mail +if [ ! -z "$IMAP_SYSTEM" ]; then + $BIN/v-restart-service "$IMAP_SYSTEM" +fi +if [ ! -z "$FTP_SYSTEM" ]; then + $BIN/v-restart-service "$FTP_SYSTEM" +fi +if [ -f "/var/run/vesta-nginx.pid" ]; then + kill -HUP $(cat /var/run/vesta-nginx.pid) +fi + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit 0; diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl new file mode 100755 index 000000000..ac3e2eda9 --- /dev/null +++ b/bin/v-update-letsencrypt-ssl @@ -0,0 +1,93 @@ +#!/bin/bash +# info: update letsencrypt ssl certificates +# options: NONE +# +# The function for renew letsencrypt expired ssl certificate for all users + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Importing system enviroment as we run this script +# mostly by cron wich not read it by itself +source /etc/profile + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +lecounter=0 +hostname=$(hostname) + +echo "[$(date)] : -----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt_cron.log + +# Checking user certificates +for user in $($BIN/v-list-users plain |cut -f 1); do + USER_DATA=$VESTA/data/users/$user + + for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do + + limit_check=1 + fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT') + + if [[ "$hostname" = "$domain" ]]; then + if [[ "$fail_counter" -eq 7 ]]; then + limit_check=0 + fi + if [[ "$fail_counter" -eq 8 ]]; then + fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT') + send_email_to_admin "LetsEncrypt renewing hostname $hostname" "Warning: hostname $domain failed for LetsEncrypt renewing" + fi + fi + + if [[ "$fail_counter" -ge 7 ]] && [[ "$limit_check" -eq 1 ]]; then + # echo "$domain failed $fail_counter times for LetsEncrypt renewing, skipping" + echo "[$(date)] : $domain failed $fail_counter times for LetsEncrypt renewing, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log + continue; + fi + crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt) + not_after=$(echo "$crt_data" |grep "Not After" |cut -f 2,3,4 -d :) + expiration=$(date -d "$not_after" +%s) + now=$(date +%s) + seconds_valid=$((expiration - now)) + days_valid=$((seconds_valid / 86400)) + if [[ "$days_valid" -lt 31 ]]; then + if [ $lecounter -gt 0 ]; then + sleep 120 + fi + ((lecounter++)) + aliases=$(echo "$crt_data" |grep DNS:) + aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//g") + aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d") + aliases=$(echo "$aliases" |egrep -v "^$domain,?$") + aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g') + msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases) + if [ $? -ne 0 ]; then + if [[ $msg == *"is suspended" ]]; then + echo "[$(date)] : SUSPENDED: $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log + else + echo "[$(date)] : $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log + echo "$domain $msg" + fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT') + echo "[$(date)] : fail_counter = $fail_counter" >> /usr/local/vesta/log/letsencrypt_cron.log + echo "fail_counter = $fail_counter" + fi + fi + fi + done +done + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# No Logging +#log_event "$OK" "$EVENT" + +exit diff --git a/bin/v-update-mail-domain-disk b/bin/v-update-mail-domain-disk index e3c79dcc0..451dbd37d 100755 --- a/bin/v-update-mail-domain-disk +++ b/bin/v-update-mail-domain-disk @@ -9,23 +9,27 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain=$(echo $domain | tr '[:upper:]' '[:lower:]') -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -62,6 +66,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$U_DISK' "$dom_diks" recalc_user_disk_usage # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-mail-domains-disk b/bin/v-update-mail-domains-disk index 49494cd9a..ca93627f3 100755 --- a/bin/v-update-mail-domains-disk +++ b/bin/v-update-mail-domains-disk @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" if [ -z "$MAIL_SYSTEM" ] || [ "$MAIL_SYSTEM" = 'remote' ]; then @@ -60,6 +60,6 @@ done recalc_user_disk_usage # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-sys-ip b/bin/v-update-sys-ip index 9df7c41b2..6c07edc6f 100755 --- a/bin/v-update-sys-ip +++ b/bin/v-update-sys-ip @@ -1,6 +1,6 @@ #!/bin/bash # info: update system ip -# options: [USER] [IP_STATUS] +# options: [NONE] # # The function scans configured ip in the system and register them with vesta # internal database. This call is intended for use on vps servers, where ip is @@ -11,13 +11,12 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition -user=${1-admin} -ip_status=${2-shared} +# Importing system variables +source /etc/profile # Includes -source /etc/profile.d/vesta.sh source $VESTA/func/main.sh +source $VESTA/func/ip.sh source $VESTA/conf/vesta.conf @@ -25,76 +24,99 @@ source $VESTA/conf/vesta.conf # Verifications # #----------------------------------------------------------# -check_args '0' "$#" '[USER] [IP_STATUS]' -validate_format 'user' 'ip_status' -is_object_valid 'user' 'USER' "$user" "$user" - #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Get list of ip addresses -ip_list=$(/sbin/ifconfig | grep 'inet addr:' | cut -f 2 -d : | \ - cut -f 1 -d ' '| grep -v 127.0.0.1 | grep -v "^0.0.0.") -ip_num=$(echo "$ip_list" | wc -l) +# Listing system ip addresses +ips=$(/sbin/ip addr |grep 'inet ' |grep global |awk '{print $2}' |cut -f1 -d/) +v_ips=$(ls $VESTA/data/ips/) +ip_num=$(echo "$ips" |wc -l) +v_ip_num=$(echo "$v_ips" |wc -l) -# WorkAround for DHCP IP address -vst_ip_list=$(ls $VESTA/data/ips/) -vst_ip_num=$(echo "$vst_ip_list" | wc -l) - -if [ ! -z "$vst_ip_list" ] && [ "$vst_ip_num" -eq '1' ]; then - if [ $ip_num -eq 1 ] && [ "$ip_list" != "$vst_ip_list" ]; then - new=$ip_list - old=$vst_ip_list - mv $VESTA/data/ips/$old $VESTA/data/ips/$new - if [ ! -z "$PROXY_SYSTEM" ]; then - mv /etc/$PROXY_SYSTEM/conf.d/$old.conf \ - /etc/$PROXY_SYSTEM/conf.d/$new.conf - sed -i "s/$old/$new/g" /etc/$PROXY_SYSTEM/conf.d/$new.conf - fi - if [ ! -z "$WEB_SYSTEM" ]; then - mv /etc/$WEB_SYSTEM/conf.d/$old.conf \ - /etc/$WEB_SYSTEM/conf.d/$new.conf - sed -i "s/$old/$new/g" /etc/$WEB_SYSTEM/conf.d/$new.conf - sed -i "s/$old/$new/g" $VESTA/data/users/*/web.conf - - # Rebuild web domains - for user in $(ls $VESTA/data/users/); do - $BIN/v-rebuild-web-domains $user no - done - fi - $BIN/v-restart-web - $BIN/v-restart-proxy - - if [ ! -z "$DNS_SYSTEM" ]; then - # Rebuild dns domains - for user in $(ls $VESTA/data/users/); do - sed -i "s/$old/$new/g" $VESTA/data/users/$user/dns.conf - sed -i "s/$old/$new/g" $VESTA/data/users/$user/dns/*.conf - $BIN/v-rebuild-dns-domains $user no - done - $BIN/v-restart-dns - if [ $? -ne 0 ]; then - exit $E_RESTART - fi - fi - - # No further comparation is needed - exit +# Checking primary IP change +if [[ "$ip_num" -eq '1' ]] && [[ "$v_ip_num" -eq 1 ]]; then + if [ "$ips" != "$v_ips" ]; then + new=$ips + old=$v_ips fi fi -# Compare ips -for ip in $ip_list; do - if [ ! -e "$VESTA/data/ips/$ip" ]; then - iface=$(/sbin/ifconfig |grep -B1 -w $ip |head -n1 |cut -f1 -d ' ') - interface=$(echo "$iface" | cut -f 1 -d :) - mask=$(/sbin/ifconfig |grep -w $ip |awk -F "Mask:" '{print $2}') - $BIN/v-add-sys-ip $ip $mask $interface +# Updating configs +if [ ! -z "$old" ]; then + mv $VESTA/data/ips/$old $VESTA/data/ips/$new + + # Updating PROXY + if [ ! -z "$PROXY_SYSTEM" ]; then + cd /etc/$PROXY_SYSTEM/conf.d + if [ -e "$old.conf" ]; then + mv $old.conf $new.conf + sed -i "s/$old/$new/g" $new.conf + fi + fi + + # Updating WEB + if [ ! -z "$WEB_SYSTEM" ]; then + cd /etc/$WEB_SYSTEM/conf.d + if [ -e "$old.conf" ]; then + mv $old.conf $new.conf + sed -i "s/$old/$new/g" $new.conf + fi + sed -i "s/$old/$new/g" $VESTA/data/users/*/web.conf + for user in $(ls $VESTA/data/users/); do + $BIN/v-rebuild-web-domains $user no + done + $BIN/v-restart-proxy + $BIN/v-restart-web + fi + + # Updating DNS + if [ ! -z "$DNS_SYSTEM" ]; then + sed -i "s/$old/$new/g" $VESTA/data/users/*/dns.conf + sed -i "s/$old/$new/g" $VESTA/data/users/*/dns/*.conf + for user in $(ls $VESTA/data/users/); do + $BIN/v-rebuild-dns-domains $user no + done + $BIN/v-restart-dns + fi + + # Updating FTP + if [ ! -z "$FTP_SYSTEM" ] && [ "$FTP_SYSTEM" = 'vsftpd' ]; then + conf=$(find /etc/ -maxdepth 2 -name $FTP_SYSTEM.conf) + if [ ! -z "$conf" ]; then + sed -i "s/$old/$new/g" $conf + $BIN/v-restart-ftp + fi + fi + + # Updating firewall + if [ ! -z "$FIREWALL_SYSTEM" ]; then + sed -i "s/$old/$new/g" $VESTA/data/firewall/*.conf + $BIN/v-update-firewall + fi +fi + +# Adding system IP +for ip in $ips; do + check_ifconfig=$(/sbin/ifconfig |grep "$ip") + if [ ! -e "$VESTA/data/ips/$ip" ] && [ ! -z "$check_ifconfig" ]; then + interface=$(/sbin/ip addr |grep $ip |awk '{print $NF}' |uniq) + interface=$(echo "$interface" |cut -f 1 -d : |head -n 1) + netmask=$(/sbin/ip addr |grep $ip |cut -f 2 -d / |cut -f 1 -d \ ) + netmask=$(convert_cidr $netmask) + $BIN/v-add-sys-ip $ip $netmask $interface fi done +# Updating NAT +pub_ip=$(curl -s vestacp.com/what-is-my-ip/) +if [ ! -e "$VESTA/data/ips/$pub_ip" ]; then + if [ -z "$(grep -R "$pub_ip" $VESTA/data/ips/)" ]; then + ip=$(ls -t $VESTA/data/ips/ |head -n1) + $BIN/v-change-sys-ip-nat $ip $pub_ip + fi +fi #----------------------------------------------------------# diff --git a/bin/v-update-sys-ip-counters b/bin/v-update-sys-ip-counters index dd51f9e9a..54711f924 100755 --- a/bin/v-update-sys-ip-counters +++ b/bin/v-update-sys-ip-counters @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition ip=$1 # Includes @@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf check_args '0' "$#" 'IP' if [ ! -z "$ip" ]; then - validate_format 'ip' + is_format_valid 'ip' is_ip_valid fi @@ -45,7 +45,7 @@ for ip in $ip_list; do # Calculate usage ip_usage=$(grep -H $ip $VESTA/data/users/*/web.conf) - web_domains=$(echo "$ip_usage"| wc -l) + web_domains=$(echo "$ip_usage" | sed '/^$/d' | wc -l) sys_users=$(echo "$ip_usage" | cut -f7 -d/ | sort -u |\ tr '\n' ',' | sed "s/,$//g") @@ -60,6 +60,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-sys-queue b/bin/v-update-sys-queue index 67225e6b9..08e940ecd 100755 --- a/bin/v-update-sys-queue +++ b/bin/v-update-sys-queue @@ -12,10 +12,10 @@ #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition queue=$1 -# Importing system enviroment as we run this script +# Importing system environment as we run this script # mostly by cron wich not read it by itself source /etc/profile @@ -48,12 +48,13 @@ fi # Defining pipe functions case $queue in - restart) bash $VESTA/data/queue/$queue.pipe ;; + restart) bash $VESTA/data/queue/$queue.pipe > /dev/null 2>&1;; webstats) bash $VESTA/data/queue/$queue.pipe > /dev/null 2>&1 ;; backup) bash $VESTA/data/queue/$queue.pipe > /dev/null 2>&1 ;; - disk) bash $VESTA/data/queue/$queue.pipe ;; - traffic) bash $VESTA/data/queue/$queue.pipe ;; + disk) bash $VESTA/data/queue/$queue.pipe > /dev/null 2>&1;; + traffic) bash $VESTA/data/queue/$queue.pipe > /dev/null 2>&1;; dns-cluster) bash $VESTA/data/queue/$queue.pipe > /dev/null 2>&1 ;; + letsencrypt) bash $VESTA/data/queue/$queue.pipe > /dev/null 2>&1 ;; *) check_args '1' '0' 'QUEUE' ;; esac @@ -63,6 +64,6 @@ esac #----------------------------------------------------------# # No Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-sys-rrd b/bin/v-update-sys-rrd index 81cc6d64e..77412eaf1 100755 --- a/bin/v-update-sys-rrd +++ b/bin/v-update-sys-rrd @@ -10,7 +10,7 @@ # Variable&Function # #----------------------------------------------------------# -# Importing system enviroment as we run this script +# Importing system environment as we run this script # mostly by cron wich do not read it by itself source /etc/profile @@ -18,7 +18,7 @@ source /etc/profile source $VESTA/func/main.sh source $VESTA/conf/vesta.conf -# Another workaround for cron enviroment +# Another workaround for cron environment PATH="$PATH:$BIN" export PATH @@ -138,6 +138,6 @@ done #----------------------------------------------------------# # No Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-sys-rrd-apache2 b/bin/v-update-sys-rrd-apache2 index 885882be3..d03a862de 100755 --- a/bin/v-update-sys-rrd-apache2 +++ b/bin/v-update-sys-rrd-apache2 @@ -1,5 +1,5 @@ #!/bin/bash -# info: update apach2 rrd +# info: update apache2 rrd # options: PERIOD # # The function is for updating apache rrd database and graphic. @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -69,16 +69,16 @@ fi # Updating rrd graph rrdtool graph $RRD/web/$period-apache2.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Connections" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-rrd-ftp b/bin/v-update-sys-rrd-ftp index 8f926a4ee..ff1a642f6 100755 --- a/bin/v-update-sys-rrd-ftp +++ b/bin/v-update-sys-rrd-ftp @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -63,16 +63,16 @@ fi # Updating rrd graph rrdtool graph $RRD/ftp/$period-ftp.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Connections" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-rrd-httpd b/bin/v-update-sys-rrd-httpd index fefcb0057..4e9af2817 100755 --- a/bin/v-update-sys-rrd-httpd +++ b/bin/v-update-sys-rrd-httpd @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -69,16 +69,16 @@ fi # Updating rrd graph rrdtool graph $RRD/web/$period-httpd.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Connections" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-rrd-la b/bin/v-update-sys-rrd-la index d0093777b..c6343e3d2 100755 --- a/bin/v-update-sys-rrd-la +++ b/bin/v-update-sys-rrd-la @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -64,21 +64,21 @@ fi # Updating graph rrdtool graph $RRD/la/$period-la.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Points" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ - -c "FRAME#484243" \ - -c "ARROW#FFFFFF" \ + -c "FRAME#777777" \ + -c "ARROW#555555" \ DEF:la=$RRD/la/la.rrd:LA:AVERAGE \ DEF:pr=$RRD/la/la.rrd:PR:AVERAGE \ COMMENT:'\r' \ diff --git a/bin/v-update-sys-rrd-mail b/bin/v-update-sys-rrd-mail index 1f01b52d3..50cd05c34 100755 --- a/bin/v-update-sys-rrd-mail +++ b/bin/v-update-sys-rrd-mail @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -62,16 +62,16 @@ fi # Updating daily graph rrdtool graph $RRD/mail/$period-mail.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Queue Size" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-rrd-mem b/bin/v-update-sys-rrd-mem index 515ec2802..018acfb74 100755 --- a/bin/v-update-sys-rrd-mem +++ b/bin/v-update-sys-rrd-mem @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -61,9 +61,13 @@ fi # Parsing data if [ "$period" = 'daily' ]; then mem=$(free -m) - used=$(echo "$mem" |awk '{print $3}'|head -n3 |tail -n1) - free=$(echo "$mem" |awk '{print $4}'|head -n3 |tail -n1) - swap=$(echo "$mem" |awk '{print $3}'|tail -n1) + used=$(echo "$mem" |awk '(NR == 2)' |awk '{print $3}') + if [ -z "$(echo "$mem" | grep available)" ]; then + free=$(echo "$mem" |grep buff/cache |awk '{print $4}') + else + free=$(echo "$mem" |awk '(NR == 2)' |awk '{print $7}') + fi + swap=$(echo "$mem" |awk '(NR == 3)' |awk '{print $3}') # Updating rrd rrdtool update $RRD/mem/mem.rrd N:$used:$swap:$free @@ -72,16 +76,16 @@ fi # Updating rrd graph rrdtool graph $RRD/mem/$period-mem.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Mbytes" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-rrd-mysql b/bin/v-update-sys-rrd-mysql index d2f248242..8c6bb75e2 100755 --- a/bin/v-update-sys-rrd-mysql +++ b/bin/v-update-sys-rrd-mysql @@ -9,11 +9,12 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes source $VESTA/func/main.sh +source $VESTA/func/db.sh source $VESTA/conf/vesta.conf @@ -37,9 +38,7 @@ fi # Parsing db hosts conf="$VESTA/conf/mysql.conf" -fields='$HOST' -nohead=1 -hosts=$(shell_list) +hosts=$(grep HOST $conf |awk '{print $1}' |cut -f 2 -d \') check_row=$(echo "$hosts" |wc -l) if [ 0 -eq "$check_row" ]; then exit @@ -68,23 +67,10 @@ for host in $hosts; do fi if [ "$period" = 'daily' ]; then - # Defining host credentials - host_str=$(grep "HOST='$host'" $conf) - for key in $host_str; do - eval ${key%%=*}=${key#*=} - done - sql="mysql -h $HOST -u $USER -p$PASSWORD -e" - - # Checking empty vars - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - echo "Error: config is broken" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - # Parsing data - status=$($sql "SHOW GLOBAL STATUS" 2>/dev/null); code="$?" - if [ '0' -ne "$code" ]; then + mysql_connect $host + query='SHOW GLOBAL STATUS' + status=$(mysql_query "$query" 2>/dev/null) + if [ $? -ne 0 ]; then active=0 slow=0 else @@ -99,16 +85,16 @@ for host in $hosts; do # Updating daily graph rrdtool graph $RRD/db/$period-mysql_$host.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Queries" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-rrd-net b/bin/v-update-sys-rrd-net index d8daaa17e..e9c642e4a 100755 --- a/bin/v-update-sys-rrd-net +++ b/bin/v-update-sys-rrd-net @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -40,6 +40,9 @@ ndev=$(cat /proc/net/dev) ifaces=$(echo "$ndev" |grep : |cut -f 1 -d : | sed "s/ //g") # Parsing excludes +if [ -z "$RRD_IFACE_EXCLUDE" ]; then + RRD_IFACE_EXCLUDE='lo' +fi for exclude in $(echo ${RRD_IFACE_EXCLUDE//,/ }); do ifaces=$(echo "$ifaces" |grep -vw "$exclude" ) done @@ -74,16 +77,16 @@ for iface in $ifaces; do # Updating rrd graph rrdtool graph $RRD/net/$period-$iface.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "KBytes" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-rrd-nginx b/bin/v-update-sys-rrd-nginx index 7b75f7a73..85bf30b8c 100755 --- a/bin/v-update-sys-rrd-nginx +++ b/bin/v-update-sys-rrd-nginx @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -61,16 +61,16 @@ fi # Updating rrd graph rrdtool graph $RRD/web/$period-nginx.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Connections" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-rrd-pgsql b/bin/v-update-sys-rrd-pgsql index 18eaa2ef6..de2fec8f8 100755 --- a/bin/v-update-sys-rrd-pgsql +++ b/bin/v-update-sys-rrd-pgsql @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -37,9 +37,7 @@ fi # Parsing db hosts conf="$VESTA/conf/pgsql.conf" -fields='$HOST' -nohead=1 -hosts=$(shell_list) +hosts=$(grep HOST $conf |awk '{print $1}' |cut -f 2 -d \') check_row=$(echo "$hosts" |wc -l) if [ 0 -eq "$check_row" ]; then exit @@ -80,14 +78,14 @@ for host in $hosts; do # Checking empty vars if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then echo "Error: config is broken" - log_event "$E_PARSING" "$EVENT" + log_event "$E_PARSING" "$ARGUMENTS" exit $E_PARSING fi # Parsing data q='SELECT SUM(xact_commit + xact_rollback), SUM(numbackends) FROM pg_stat_database;' - status=$($sql plsql -d postgres -c "$q" 2>/dev/null); code="$?" + status=$($sql psql -d postgres -c "$q" 2>/dev/null); code="$?" if [ '0' -ne "$code" ]; then active=0 slow=0 @@ -104,16 +102,16 @@ for host in $hosts; do # Updating rrd graph rrdtool graph $RRD/db/$period-pgsql_$host.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Queries" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-rrd-ssh b/bin/v-update-sys-rrd-ssh index aaaa8b972..a421b62dd 100755 --- a/bin/v-update-sys-rrd-ssh +++ b/bin/v-update-sys-rrd-ssh @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition period=${1-daily} # Includes @@ -62,16 +62,16 @@ fi # Updating daily graph rrdtool graph $RRD/ssh/$period-ssh.png \ --imgformat PNG \ - --height="120" \ - --width="440" \ + --height="150" \ + --width="670" \ --start "$start" \ --end "$end" \ --vertical-label "Connections" \ --x-grid "$grid" \ - -c "BACK#7a766d" \ - -c "SHADEA#7a766d" \ - -c "SHADEB#7a766d" \ - -c "FONT#FFFFFF" \ + -c "BACK#ffffff" \ + -c "SHADEA#ffffff" \ + -c "SHADEB#ffffff" \ + -c "FONT#555555" \ -c "CANVAS#302c2d" \ -c "GRID#666666" \ -c "MGRID#AAAAAA" \ diff --git a/bin/v-update-sys-vesta b/bin/v-update-sys-vesta index d47fb9f06..da026ed13 100755 --- a/bin/v-update-sys-vesta +++ b/bin/v-update-sys-vesta @@ -10,10 +10,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition package=$1 -# Importing system enviroment +# Importing system environment source /etc/profile # Includes @@ -28,12 +28,32 @@ source $VESTA/conf/vesta.conf # Checking arg number check_args '1' "$#" 'PACKAGE' +valid=0 +if [ "$package" = "vesta" ]; then + valid=1 +fi +if [ "$package" = "vesta-nginx" ]; then + valid=1 +fi +if [ "$package" = "vesta-php" ]; then + valid=1 +fi +if [ "$package" = "vesta-ioncube" ]; then + valid=1 +fi +if [ "$package" = "vesta-softaculous" ]; then + valid=1 +fi +if [ $valid -eq 0 ]; then + echo "Package $package is not valid" + exit 1 +fi #----------------------------------------------------------# # Action # #----------------------------------------------------------# -if [ -e "/etc/redhat-release" ]; then +if [ -n "$(command -v yum)" ]; then # Clean yum chache yum -q clean all @@ -42,11 +62,7 @@ if [ -e "/etc/redhat-release" ]; then # Update vesta package $yum update $package > /dev/null 2>&1 - if [ $? -ne 0 ]; then - echo "Error: $package update failed" - log_event "$E_UPDATE" "$EVENT" - exit $E_UPDATE - fi + check_result $? "$package update failed" $E_UPDATE else # Update repo apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" \ @@ -54,11 +70,7 @@ else # Update vesta package apt-get install $package -qq > /dev/null 2>&1 - if [ $? -ne 0 ]; then - echo "Error: $package update failed" - log_event "$E_UPDATE" "$EVENT" - exit $E_UPDATE - fi + check_result $? "$package update failed" $E_UPDATE fi @@ -67,6 +79,6 @@ fi #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-sys-vesta-all b/bin/v-update-sys-vesta-all index 75bc036f1..b43fc7930 100755 --- a/bin/v-update-sys-vesta-all +++ b/bin/v-update-sys-vesta-all @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# # Starting update loop -for package in vesta vesta-nginx vesta-php; do +for package in vesta vesta-nginx vesta-php vesta-ioncube vesta-softaculous; do $BIN/v-update-sys-vesta "$package" done diff --git a/bin/v-update-user-backup-exclusions b/bin/v-update-user-backup-exclusions index 898a1d55b..eefad8c31 100755 --- a/bin/v-update-user-backup-exclusions +++ b/bin/v-update-user-backup-exclusions @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 vfile=$2 @@ -19,19 +19,14 @@ source $VESTA/conf/vesta.conf is_file_available() { if [ ! -e "$vfile" ]; then - echo "Error: file $vfile doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + check_result $E_NOTEXIST "file $vfile doesn't exist" fi } is_file_valid() { - exclude="[!$#&;()\]" - vcontent=$(cat $vfile) - if [[ "$vcontent" =~ $exclude ]]; then - echo "Error: invalid characters in the exlusion list" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID + exclude="[!|#|$|^|&|(|)|{|}|<|>|?|\|\"|;|%|\`]" + if [[ "$(cat $vfile)" =~ $exclude ]]; then + check_result $E_INVALID "invalid characters in the exlusion list" fi } @@ -41,7 +36,7 @@ is_file_valid() { #----------------------------------------------------------# check_args '2' "$#" 'USER FILE' -validate_format 'user' 'vfile' +is_format_valid 'user' 'vfile' is_object_valid 'user' 'USER' "$user" is_file_available is_file_valid @@ -78,6 +73,6 @@ chmod 660 $USER_DATA/backup-excludes.conf # Logging log_history "updated exlusion list" -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-user-backups b/bin/v-update-user-backups deleted file mode 100755 index df2c920d2..000000000 --- a/bin/v-update-user-backups +++ /dev/null @@ -1,278 +0,0 @@ -#!/bin/bash -# info: update user backups -# options: USER -# -# The function rescan backup directory and updates backup database. - - -#----------------------------------------------------------# -# Variable&Function # -#----------------------------------------------------------# - -# Includes -source $VESTA/func/main.sh -source $VESTA/conf/vesta.conf - -# Argument defenition -user=$1 -type="${2-$BACKUP_SYSTEM}" - -# Defining tar parser function -get_backup_info() { - backup=$1 - backup_type="$2" - - backup_name=$(basename $backup ) - backup_date=$(echo $backup_name |cut -f 2 -d '.' ) - backup_time=$(stat --printf=%y $backup |cut -f 2 -d ' ' |cut -f 1 -d '.') - backup_size=$(du -sm $backup |cut -f 1 ) - backup_data=$(tar -tf $backup) - - vst_data=$(echo "$backup_data" |grep "^./vesta/" |grep -v "^./vesta/$") - if [ -z "$vst_data" ]; then - vst='' - else - vst='yes' - fi - - pam_data=$(echo "$backup_data" |grep "^./pam/" |grep -v "^./pam/$") - if [ -z "$pam_data" ]; then - pam='' - else - pam='yes' - fi - - web_data=$(echo "$backup_data" |grep "^./web/" |grep -v "^./web/$" |sort) - if [ -z "$web_data" ]; then - web='' - else - i=1 - for domain in $web_data; do - domain="$(basename $domain |sed 's/.tar.gz$//')" - if [ "$i" -eq 1 ]; then - web="$domain" - i=2 - else - web="$web,$domain" - fi - done - fi - - dns_data=$(echo "$backup_data" |grep "^./dns/" |grep ".db$" |sort) - if [ -z "$dns_data" ]; then - dns='' - else - i=1 - for domain in $dns_data; do - domain="$(basename $domain |sed 's/.db$//')" - if [ "$i" -eq 1 ]; then - dns="$domain" - i=2 - else - dns="$dns,$domain" - fi - done - fi - - mail_data=$(echo "$backup_data"|grep "^./mail/"|grep -v "^./mail/$"|sort) - if [ -z "$mail_data" ]; then - ml='' - else - i=1 - for domain in $mail_data; do - domain="$(basename $domain |sed 's/.tar.gz$//')" - if [ "$i" -eq 1 ]; then - ml="$domain" - i=2 - else - ml="$ml,$domain" - fi - done - fi - - db_data=$(echo "$backup_data"|grep "^./db/"|grep ".sql.gz$"|sort) - if [ -z "$db_data" ]; then - db='' - else - i=1 - for dbase in $db_data; do - dbase=$(basename $dbase |sed "s/.\(my\|pg\)sql.sql.gz$//") - if [ "$i" -eq 1 ]; then - db="$dbase" - i=2 - else - db="$db,$dbase" - fi - done - fi - - ssl_data=$(echo "$backup_data"|grep "^./ssl/"|grep ".crt$"|sort) - if [ -z "$ssl_data" ]; then - ssl='' - else - i=1 - for certificate in $ssl_data; do - certificate=$(basename $certificate |sed "s/.crt$//") - if [ "$i" -eq 1 ]; then - ssl="$certificate" - i=2 - else - ssl="$ssl,$certificate" - fi - done - fi - - cron_data=$(echo "$backup_data" |grep "^./cron/" |grep -v "^./cron/$") - if [ -z "$cron_data" ]; then - cron='' - else - cron='yes' - fi - - echo -n "DATE='$backup_date' TIME='$backup_time' RUNTIME='0'" - echo -n " SIZE='$backup_size' TYPE='$backup_type' VESTA='$vst' PAM='$pam'" - echo " WEB='$web' DNS='$dns' MAIL='$ml' DB='$db' SSL='$ssl' CRON='$cron'" -} - -# Defining ftp command function -ftpc() { - ftp -n $HOST $PORT <> $tmp_file - done -fi - -# Checking ftp -if [ "$type" = 'ftp' ]; then - tmpdir=$(mktemp -p $BACKUP -d) - ftmpdir=$(basename $tmpdir) - init_ftp_variables - check_ftp_connection - backups=$(ftpc ls|awk '{print $9}'|grep "^$user.") - - for backup in $backups; do - cd $tmpdir - if [ ! -z "$(ftpc "get $backup")" ]; then - echo "Error: FTP transfer error" - log_event "$E_FTP" "$EVENT" - exit $E_FTP - fi - get_backup_info $tmpdir/$backup $type >> $tmp_file - rm -f $tmpdir/$backup - done - rm -rf $tmpdir -fi - -# Checking both local and ftp -if [ "$type" = 'ftp,local' ] || [ "$type" = 'local,ftp' ]; then - - tmpdir=$(mktemp -p $BACKUP -d) - ftmpdir=$(basename $tmpdir) - init_ftp_variables - check_ftp_connection - ftp_backups=$(ftpc ls|awk '{print $9}'|grep "^$user.") - local_backups=$(ls $BACKUP/ |grep "^$user." |sort) - backups=$(echo -e "$local_backups\n$ftp_backups" |\ - sort |uniq -c | awk '{print $1" "$2}') - - for backup in $(echo "$backups"|grep "^1 "|cut -f 2 -d ' '); do - check_ftp=$(echo $ftp_backups|grep -w $backup) - if [ ! -z "$check_ftp" ]; then - cd $tmpdir - if [ ! -z "$(ftpc "get $backup")" ]; then - echo "Error: FTP transfer error" - log_event "$E_FTP" "$EVENT" - exit $E_FTP - fi - get_backup_info $tmpdir/$backup ftp >> $tmp_file - rm -f $tmpdir/$backup - else - get_backup_info $BACKUP/$backup local >> $tmp_file - fi - done - - for backup in $(echo "$backups"|grep "^2 "|cut -f 2 -d ' '); do - get_backup_info $BACKUP/$backup $type >> $tmp_file - done - rm -rf $tmpdir -fi - -# Checking if there was any output -if [ -e "$tmp_file" ]; then - cat $tmp_file | sort > $USER_DATA/backup.conf - rm $tmp_file -else - rm $USER_DATA/backup.conf - touch $USER_DATA/backup.conf -fi - - -#----------------------------------------------------------# -# Vesta # -#----------------------------------------------------------# - -# Logging -log_event "$OK" "$EVENT" - -exit diff --git a/bin/v-update-user-counters b/bin/v-update-user-counters index 0805c154c..b0f944302 100755 --- a/bin/v-update-user-counters +++ b/bin/v-update-user-counters @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf check_args '0' "$#" 'USER' if [ ! -z "$user" ]; then - validate_format 'user' + is_format_valid 'user' is_object_valid 'user' 'USER' "$user" fi @@ -53,6 +53,7 @@ for user in $user_list; do IP_OWNED=0 U_USERS=0 U_DISK=0 + DISK=0 U_DISK_DIRS=$(get_user_value '$U_DISK_DIRS') if [ -z "$U_DISK_DIRS" ]; then U_DISK_DIRS=0 @@ -211,6 +212,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-user-disk b/bin/v-update-user-disk index d129a94ca..a99eaf379 100755 --- a/bin/v-update-user-disk +++ b/bin/v-update-user-disk @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -60,6 +60,6 @@ update_user_value "$user" '$U_DISK_DIRS' "$disk_usage" recalc_user_disk_usage # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-user-package b/bin/v-update-user-package index 1b524b09e..fa9e5ce09 100755 --- a/bin/v-update-user-package +++ b/bin/v-update-user-package @@ -1,15 +1,15 @@ #!/bin/bash # info: update user package -# options: PACAKGE +# options: PACKAGE # -# The function propogates package to connected users. +# The function propagates package to connected users. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition package=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'PACKAGE' -validate_format 'package' +is_format_valid 'package' is_package_valid @@ -42,6 +42,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-user-quota b/bin/v-update-user-quota index f248662ed..3483bca5b 100755 --- a/bin/v-update-user-quota +++ b/bin/v-update-user-quota @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" @@ -31,12 +31,20 @@ is_object_valid 'user' 'USER' "$user" #----------------------------------------------------------# # Updating disk quota -soft=$(get_user_value '$DISK_QUOTA') -soft=$((soft * 1000)) -hard=$((soft + 50000)) +# Had quota equals package value. Soft quota equals 90% of package value for warnings. +quota=$(get_user_value '$DISK_QUOTA') +soft=$(echo "$quota * 1024"|bc |cut -f 1 -d .) +hard=$(echo "$quota * 1024"|bc |cut -f 1 -d .) +# Searching home mount point mnt=$(df -P /home |awk '{print $6}' |tail -n1) -setquota $user $soft $hard 0 0 $mnt + +# Checking unlinmited quota +if [ "$quota" = 'unlimited' ]; then + setquota $user 0 0 0 0 $mnt 2>/dev/null +else + setquota $user $soft $hard 0 0 $mnt 2>/dev/null +fi #----------------------------------------------------------# @@ -44,6 +52,6 @@ setquota $user $soft $hard 0 0 $mnt #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-user-stats b/bin/v-update-user-stats index b6b3c9996..23854328d 100755 --- a/bin/v-update-user-stats +++ b/bin/v-update-user-stats @@ -9,10 +9,10 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -# Importing system enviroment as we run this script +# Importing system environment as we run this script # mostly by cron wich not read it by itself source /etc/profile @@ -28,7 +28,7 @@ source $VESTA/conf/vesta.conf check_args '0' "$#" 'USER' if [ ! -z "$user" ]; then - validate_format 'user' + is_format_valid 'user' is_object_valid 'user' 'USER' "$user" fi @@ -39,7 +39,7 @@ fi # Creating user_list if [ -z "$user" ]; then - user_list=$(ls $VESTA/data/users) + user_list=$(grep '@' /etc/passwd |cut -f1 -d:) else user_list="$user" fi @@ -63,25 +63,30 @@ TOTAL_U_MAIL_ACCOUNTS=0 TOTAL_U_DATABASES=0 TOTAL_U_CRON_JOBS=0 TOTAL_U_BACKUPS=0 +TOTAL_USERS=0 # Updating user stats for user in $user_list; do + if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then + continue; + fi USER_DATA=$VESTA/data/users/$user source $USER_DATA/user.conf next_month=$(date +'%m/01/%y' -d '+ 1 month') DATE=$(date -d "$next_month -1day" +%F) # Compiling report string - s="DATE='$DATE' TIME='$TIME' PACKAGE='$PACKAGE' IP_OWNED='$IP_OWNED'" - s="$s DISK_QUOTA='$DISK_QUOTA' U_DISK='$U_DISK' U_DISK_DIRS='$U_DISK_DIRS'" - s="$s U_DISK_WEB='$U_DISK_WEB' U_DISK_MAIL='$U_DISK_MAIL'" - s="$s U_DISK_DB='$U_DISK_DB' BANDWIDTH='$BANDWIDTH'" - s="$s U_BANDWIDTH='$U_BANDWIDTH' U_WEB_DOMAINS='$U_WEB_DOMAINS'" - s="$s U_WEB_SSL='$U_WEB_SSL' U_WEB_ALIASES='$U_WEB_ALIASES'" - s="$s U_DNS_DOMAINS='$U_DNS_DOMAINS' U_DNS_RECORDS='$U_DNS_RECORDS'" - s="$s U_MAIL_DOMAINS='$U_MAIL_DOMAINS' U_MAIL_DKIM='$U_MAIL_DKIM'" - s="$s U_MAIL_ACCOUNTS='$U_MAIL_ACCOUNTS' U_DATABASES='$U_DATABASES'" - s="$s U_CRON_JOBS='$U_CRON_JOBS' U_BACKUPS='$U_BACKUPS'" + s="DATE='$DATE' TIME='$TIME' PACKAGE='$PACKAGE' IP_OWNED='$IP_OWNED'" + s="$s DISK_QUOTA='$DISK_QUOTA' U_DISK='$U_DISK'" + s="$s U_DISK_DIRS='$U_DISK_DIRS' U_DISK_WEB='$U_DISK_WEB'" + s="$s U_DISK_MAIL='$U_DISK_MAIL' U_DISK_DB='$U_DISK_DB'" + s="$s BANDWIDTH='$BANDWIDTH' U_BANDWIDTH='$U_BANDWIDTH'" + s="$s U_WEB_DOMAINS='$U_WEB_DOMAINS' U_WEB_SSL='$U_WEB_SSL'" + s="$s U_WEB_ALIASES='$U_WEB_ALIASES' U_DNS_DOMAINS='$U_DNS_DOMAINS'" + s="$s U_DNS_RECORDS='$U_DNS_RECORDS' U_MAIL_DOMAINS='$U_MAIL_DOMAINS'" + s="$s U_MAIL_DKIM='$U_MAIL_DKIM' U_MAIL_ACCOUNTS='$U_MAIL_ACCOUNTS'" + s="$s U_DATABASES='$U_DATABASES' U_CRON_JOBS='$U_CRON_JOBS'" + s="$s U_BACKUPS='$U_BACKUPS'" # Updating user stats log stats="$USER_DATA/stats.log" @@ -121,24 +126,27 @@ for user in $user_list; do TOTAL_U_DATABASES=$((TOTAL_U_DATABASES + U_DATABASES)) TOTAL_U_CRON_JOBS=$((TOTAL_U_CRON_JOBS + U_CRON_JOBS)) TOTAL_U_BACKUPS=$((TOTAL_U_BACKUPS + U_BACKUPS)) + TOTAL_USERS=$((TOTAL_USERS + 1)) done # Updating overall stats stats="$VESTA/data/users/admin/overall_stats.log" -s="DATE='$DATE' TIME='$TIME' PACKAGE='default' IP_OWNED='$TOTAL_IP_OWNED'" +s="DATE='$DATE' TIME='$TIME' PACKAGE='default' IP_OWNED='$TOTAL_IP_OWNED'" s="$s DISK_QUOTA='0' U_DISK='$TOTAL_U_DISK' U_DISK_DIRS='$TOTAL_U_DISK_DIRS'" -s="$s U_DISK_WEB='$TOTAL_U_DISK_WEB' U_DISK_MAIL='$TOTAL_U_DISK_MAIL'" +s="$s U_DISK_WEB='$TOTAL_U_DISK_WEB' U_DISK_MAIL='$TOTAL_U_DISK_MAIL'" s="$s U_DISK_DB='$TOTAL_U_DISK_DB' BANDWIDTH='0'" s="$s U_BANDWIDTH='$TOTAL_U_BANDWIDTH' U_WEB_DOMAINS='$TOTAL_U_WEB_DOMAINS'" s="$s U_WEB_SSL='$TOTAL_U_WEB_SSL' U_WEB_ALIASES='$TOTAL_U_WEB_ALIASES'" s="$s U_DNS_DOMAINS='$TOTAL_U_DNS_DOMAINS'" s="$s U_DNS_RECORDS='$TOTAL_U_DNS_RECORDS'" -s="$s U_MAIL_DOMAINS='$TOTAL_U_MAIL_DOMAINS' U_MAIL_DKIM='$TOTAL_U_MAIL_DKIM'" +s="$s U_MAIL_DOMAINS='$TOTAL_U_MAIL_DOMAINS'" +s="$s U_MAIL_DKIM='$TOTAL_U_MAIL_DKIM'" s="$s U_MAIL_ACCOUNTS='$TOTAL_U_MAIL_ACCOUNTS'" -s="$s U_DATABASES='$TOTAL_U_DATABASES'" +s="$s U_DATABASES='$TOTAL_U_DATABASES'" s="$s U_CRON_JOBS='$TOTAL_U_CRON_JOBS' U_BACKUPS='$TOTAL_U_BACKUPS'" +s="$s U_USERS='$TOTAL_USERS'" if [ -e "$stats" ]; then # Checking dublicates @@ -164,6 +172,6 @@ fi #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-web-domain-disk b/bin/v-update-web-domain-disk index 6ffdee828..ac851b922 100755 --- a/bin/v-update-web-domain-disk +++ b/bin/v-update-web-domain-disk @@ -2,30 +2,35 @@ # info: update disk usage for domain # options: USER DOMAIN # -# The function recalculates disk usage for speciefic webdomain. +# The function recalculates disk usage for specific webdomain. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -55,6 +60,6 @@ update_object_value 'web' 'DOMAIN' "$domain" '$U_DISK' "$disk_usage" recalc_user_disk_usage # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-web-domain-ssl b/bin/v-update-web-domain-ssl new file mode 100755 index 000000000..877005c40 --- /dev/null +++ b/bin/v-update-web-domain-ssl @@ -0,0 +1,92 @@ +#!/bin/bash +# info: updating ssl certificate for domain +# options: USER DOMAIN SSL_DIR [RESTART] +# +# The function updates the SSL certificate for a domain. Parameter ssl_dir is a path +# to directory where 2 or 3 ssl files can be found. Certificate file +# domain.tld.crt and its key domain.tld.key are mandatory. Certificate +# authority domain.tld.ca file is optional. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +domain_idn=$2 +ssl_dir=$3 +restart=$4 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/func/ip.sh +source $VESTA/conf/vesta.conf + +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '3' "$#" 'USER DOMAIN SSL_DIR [RESTART]' +validate_format 'user' 'domain' 'ssl_dir' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_system_enabled "$WEB_SSL" 'SSL_SUPPORT' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" +is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL' +is_web_domain_cert_valid + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Adding certificate to user data directory +cp -f $ssl_dir/$domain.crt $USER_DATA/ssl/$domain.crt +cp -f $ssl_dir/$domain.key $USER_DATA/ssl/$domain.key +cp -f $ssl_dir/$domain.crt $USER_DATA/ssl/$domain.pem +if [ -e "$ssl_dir/$domain.ca" ]; then + cp -f $ssl_dir/$domain.ca $USER_DATA/ssl/$domain.ca + echo >> $USER_DATA/ssl/$domain.pem + cat $USER_DATA/ssl/$domain.ca >> $USER_DATA/ssl/$domain.pem +fi +chmod 660 $USER_DATA/ssl/$domain.* + + + +# Adding certificate to user dir +cp -f $USER_DATA/ssl/$domain.crt $HOMEDIR/$user/conf/web/ssl.$domain.crt +cp -f $USER_DATA/ssl/$domain.key $HOMEDIR/$user/conf/web/ssl.$domain.key +cp -f $USER_DATA/ssl/$domain.pem $HOMEDIR/$user/conf/web/ssl.$domain.pem +if [ -e "$USER_DATA/ssl/$domain.ca" ]; then + cp -f $USER_DATA/ssl/$domain.ca $HOMEDIR/$user/conf/web/ssl.$domain.ca +fi + + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "Web restart failed" >/dev/null + +$BIN/v-restart-proxy $restart +check_result $? "Proxy restart failed" >/dev/null + +# Logging +log_history "update ssl certificate for $domain" +log_event "$OK" "$EVENT" + +exit diff --git a/bin/v-update-web-domain-stat b/bin/v-update-web-domain-stat index 0443d187b..c2c793e3c 100755 --- a/bin/v-update-web-domain-stat +++ b/bin/v-update-web-domain-stat @@ -2,30 +2,34 @@ # info: update domain statistics # options: USER DOMAIN # -# The function runs log analyzer for speciefic webdomain. +# The function runs log analyzer for specific webdomain. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -43,9 +47,7 @@ get_domain_values 'web' # Checking config config="$HOMEDIR/$user/conf/web/$STATS.$domain.conf" if [ ! -e "$config" ]; then - echo "Error: Parsing error" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING + check_result $E_NOTEXISTS "$config doesn't exist" fi # Checking statistics directory @@ -60,7 +62,7 @@ build_webalizer() { } build_awstats() { - if [ -e "/etc/redhat-release" ]; then + if [ -d "/etc/sysconfig" ]; then awstats="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl" wwwroot="/usr/share/awstats/wwwroot" if [ ! -e "$awstats" ]; then @@ -146,6 +148,6 @@ chown -R $user:$(groups $user| cut -f 3 -d ' ') $dir #----------------------------------------------------------# # No Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-web-domain-traff b/bin/v-update-web-domain-traff index 47f2ae927..ce18707d7 100755 --- a/bin/v-update-web-domain-traff +++ b/bin/v-update-web-domain-traff @@ -2,30 +2,35 @@ # info: update domain bandwidth usage # options: USER DOMAIN # -# The function recalculates bandwidth usage for speciefic domain. +# The function recalculates bandwidth usage for specific domain. #----------------------------------------------------------# # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 -domain=$(idn -t --quiet -u "$2" ) -domain_idn=$(idn -t --quiet -a "$domain") +domain=$2 +domain_idn=$2 # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_domain +format_domain_idn +# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN' -validate_format 'user' 'domain' +is_format_valid 'user' 'domain' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -79,6 +84,6 @@ bandwidth=$((U_BANDWIDTH + mb)) update_object_value 'web' 'DOMAIN' "$domain" '$U_BANDWIDTH' "$bandwidth" # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-web-domains-disk b/bin/v-update-web-domains-disk index 9f8c2a523..5951f289a 100755 --- a/bin/v-update-web-domains-disk +++ b/bin/v-update-web-domains-disk @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" @@ -49,6 +49,6 @@ done recalc_user_disk_usage # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-web-domains-stat b/bin/v-update-web-domains-stat index 6f2f20f40..acd24f16f 100755 --- a/bin/v-update-web-domains-stat +++ b/bin/v-update-web-domains-stat @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" @@ -47,6 +47,6 @@ done #----------------------------------------------------------# # Logging -log_event "$OK" "$EVENT" +log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-web-domains-traff b/bin/v-update-web-domains-traff index d8a2e9240..ebecf1def 100755 --- a/bin/v-update-web-domains-traff +++ b/bin/v-update-web-domains-traff @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition user=$1 # Includes @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# check_args '1' "$#" 'USER' -validate_format 'user' +is_format_valid 'user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" "$user" @@ -74,6 +74,6 @@ done recalc_user_bandwidth_usage # No Logging -#log_event "$OK" "$EVENT" +#log_event "$OK" "$ARGUMENTS" exit diff --git a/bin/v-update-web-templates b/bin/v-update-web-templates index 65c2d0a3a..df882dd7f 100755 --- a/bin/v-update-web-templates +++ b/bin/v-update-web-templates @@ -1,5 +1,5 @@ #!/bin/bash -# info: updates web templates +# info: update web templates # options: [RESTART] # # The function for obtaining updated pack of web templates. @@ -9,7 +9,7 @@ # Variable&Function # #----------------------------------------------------------# -# Argument defenition +# Argument definition restart=$1 # Includes @@ -21,37 +21,44 @@ source $VESTA/conf/vesta.conf # Action # #----------------------------------------------------------# -# Find out OS name -if [ -e "/etc/redhat-release" ]; then - os="rhel" -else - os="ubuntu" -fi +# Defining config host +chost='c.vestacp.com' -# Get new archive -tmpdir=$(mktemp -d --dry-run) -mkdir $tmpdir -cd $tmpdir -wget http://c.vestacp.com/$VERSION/$os/templates.tar.gz -q -if [ "$?" -ne 0 ]; then - echo "Error: can't download template.tar.gz" - log_event "$E_CONNECT" "$EVENT" - rm -rf $tmpdir - exit $E_CONNECT -fi +# Detcing OS +case $(head -n1 /etc/issue |cut -f 1 -d ' ') in + Debian) version="debian" ;; + Ubuntu) version="ubuntu" ;; + *) version="rhel" ;; +esac -# Update templates -tar -xzpf templates.tar.gz -C $VESTA/data/ templates/web - -# Replace includes for apache2.4 -if [ "$os" = 'ubuntu' ]; then - if [ ! -z "$(apache2 -v|grep 'Apache/2.4')" ]; then - sed -i "s/Include /IncludeOptional /g" \ - $VESTA/data/templates/web/apache2/*tpl +# Detecting release +if [ "$version" = 'rhel' ]; then + if [ -e '/etc/redhat-release' ]; then + release=$(grep -o "[0-9]" /etc/redhat-release |head -n1) + else + release=6 fi fi +if [ "$version" = 'ubuntu' ]; then + release=$(lsb_release -r |awk '{print $2}') +fi +if [ "$version" = 'debian' ]; then + release=$(cat /etc/issue|grep -o [0-9]|head -n1) +fi -# Rebuild web domains +# Defining download url +vestacp="http://$chost/$version/$release" + +# Downloading template archive +cd $(mktemp -d) +wget $vestacp/templates.tar.gz -q + +check_result $? "can't download template.tar.gz" $E_CONNECT + +# Updating templates +tar -xzpf templates.tar.gz -C $VESTA/data/ templates/web + +# Rebuilding web domains for user in $($BIN/v-list-sys-users plain); do $BIN/v-rebuild-web-domains $user no done @@ -61,20 +68,14 @@ done # Vesta # #----------------------------------------------------------# -# Restart web server -if [ "$restart" != 'no' ]; then - $BIN/v-restart-web - if [ $? -ne 0 ]; then - exit $E_RESTART - fi +# Restarting web server +$BIN/v-restart-web $restart +check_result $? "restart" >/dev/null 2>&1 - $BIN/v-restart-proxy - if [ $? -ne 0 ]; then - exit $E_RESTART - fi -fi +$BIN/v-restart-proxy $restart +check_result $? "restart" >/dev/null 2>&1 -# Delete tmpdir -rm -rf $tmpdir +$BIN/v-restart-proxy $restart +check_result $? "restart" >/dev/null 2>&1 exit diff --git a/func/db.sh b/func/db.sh index 2489e3d91..b0ff73b93 100644 --- a/func/db.sh +++ b/func/db.sh @@ -1,3 +1,117 @@ +# MySQL +mysql_connect() { + host_str=$(grep "HOST='$1'" $VESTA/conf/mysql.conf) + eval $host_str + if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then + echo "Error: mysql config parsing failed" + log_event "$E_PARSING" "$ARGUMENTS" + exit $E_PARSING + fi + + mycnf="$VESTA/conf/.mysql.$HOST" + if [ ! -e "$mycnf" ]; then + echo "[client]">$mycnf + echo "host='$HOST'" >> $mycnf + echo "user='$USER'" >> $mycnf + echo "password='$PASSWORD'" >> $mycnf + chmod 600 $mycnf + else + mypw=$(grep password $mycnf|cut -f 2 -d \') + if [ "$mypw" != "$PASSWORD" ]; then + echo "[client]">$mycnf + echo "host='$HOST'" >> $mycnf + echo "user='$USER'" >> $mycnf + echo "password='$PASSWORD'" >> $mycnf + chmod 660 $mycnf + fi + fi + mysql_out=$(mktemp) + mysql --defaults-file=$mycnf -e 'SELECT VERSION()' > $mysql_out 2>&1 + if [ '0' -ne "$?" ]; then + if [ "$notify" != 'no' ]; then + echo -e "Can't connect to MySQL $HOST\n$(cat $mysql_out)" |\ + $SENDMAIL -s "$subj" $email + fi + rm -f $mysql_out + echo "Error: Connection to $HOST failed" + log_event "$E_CONNECT" "$ARGUMENTS" + exit $E_CONNECT + fi + mysql_ver=$(cat $mysql_out |tail -n1 |cut -f 1 -d -) + mysql_fork="mysql" + check_mysql_fork=$(grep "MariaDB" $mysql_out) + if [ ! -z "$check_mysql_fork" ]; then + mysql_fork="mariadb" + fi + rm -f $mysql_out +} + +mysql_query() { + sql_tmp=$(mktemp) + echo "$1" > $sql_tmp + mysql --defaults-file=$mycnf < "$sql_tmp" 2>/dev/null + rm -f "$sql_tmp" +} + +mysql_dump() { + err="/tmp/e.mysql" + mysqldump --defaults-file=$mycnf --single-transaction --max_allowed_packet=100M -r $1 $2 2> $err + if [ '0' -ne "$?" ]; then + rm -rf $tmpdir + if [ "$notify" != 'no' ]; then + echo -e "Can't dump database $database\n$(cat $err)" |\ + $SENDMAIL -s "$subj" $email + fi + echo "Error: dump $database failed\n$(cat $err)" + log_event "$E_DB" "$ARGUMENTS" + exit $E_DB + fi +} + +# PostgreSQL +psql_connect() { + host_str=$(grep "HOST='$1'" $VESTA/conf/pgsql.conf) + eval $host_str + export PGPASSWORD="$PASSWORD" + if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then + echo "Error: postgresql config parsing failed" + log_event "$E_PARSING" "$ARGUMENTS" + exit $E_PARSING + fi + + psql -h $HOST -U $USER -c "SELECT VERSION()" > /dev/null 2>/tmp/e.psql + if [ '0' -ne "$?" ]; then + if [ "$notify" != 'no' ]; then + echo -e "Can't connect to PostgreSQL $HOST\n$(cat /tmp/e.psql)" |\ + $SENDMAIL -s "$subj" $email + fi + echo "Error: Connection to $HOST failed" + log_event "$E_CONNECT" "$ARGUMENTS" + exit $E_CONNECT + fi +} + +psql_query() { + sql_tmp=$(mktemp) + echo "$1" > $sql_tmp + psql -h $HOST -U $USER -f "$sql_tmp" 2>/dev/null + rm -f $sql_tmp +} + +psql_dump() { + pg_dump -h $HOST -U $USER -c --inserts -O -x -f $1 $2 2>/tmp/e.psql + if [ '0' -ne "$?" ]; then + rm -rf $tmpdir + if [ "$notify" != 'no' ]; then + echo -e "Can't dump database $database\n$(cat /tmp/e.psql)" |\ + $SENDMAIL -s "$subj" $email + fi + echo "Error: dump $database failed" + log_event "$E_DB" "$ARGUMENTS" + exit $E_DB + fi +} + # Get database host get_next_dbhost() { if [ -z "$host" ] || [ "$host" == 'default' ]; then @@ -37,7 +151,7 @@ is_charset_valid() { if [ -z "$(echo $CHARSETS | grep -wi $charset )" ]; then echo "Error: charset $charset not exist" - log_event "$E_NOTEXIST $EVENT" + log_event "$E_NOTEXIST" "$ARGUMENTS" exit $E_NOTEXIST fi } @@ -86,59 +200,34 @@ decrease_dbhost_values() { # Create MySQL database add_mysql_database() { - host_str=$(grep "HOST='$host'" $VESTA/conf/mysql.conf) - eval $host_str - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - echo "Error: mysql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi + mysql_connect $host query="CREATE DATABASE \`$database\` CHARACTER SET $charset" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null query="GRANT ALL ON \`$database\`.* TO \`$dbuser\`@\`%\` IDENTIFIED BY '$dbpass'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null query="GRANT ALL ON \`$database\`.* TO \`$dbuser\`@localhost IDENTIFIED BY '$dbpass'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null - query="SHOW GRANTS FOR \`$dbuser\`" - md5=$(mysql -h $HOST -u $USER -p$PASSWORD -e "$query") - md5=$(echo "$md5" |grep 'PASSWORD' |tr ' ' '\n' |tail -n1 |cut -f 2 -d \') + if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ]; then + md5=$(mysql_query "SHOW CREATE USER \`$dbuser\`" 2>/dev/null) + md5=$(echo "$md5" |grep password |cut -f8 -d \') + else + md5=$(mysql_query "SHOW GRANTS FOR \`$dbuser\`" 2>/dev/null) + md5=$(echo "$md5" |grep PASSW|tr ' ' '\n' |tail -n1 |cut -f 2 -d \') + fi } # Create PostgreSQL database add_pgsql_database() { - host_str=$(grep "HOST='$host'" $VESTA/conf/pgsql.conf) - eval $host_str - export PGPASSWORD="$PASSWORD" - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then - echo "Error: postgresql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi + psql_connect $host query="CREATE ROLE $dbuser WITH LOGIN PASSWORD '$dbpass'" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null query="CREATE DATABASE $database OWNER $dbuser" if [ "$TPL" = 'template0' ]; then @@ -146,16 +235,16 @@ add_pgsql_database() { else query="$query TEMPLATE $TPL" fi - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null query="GRANT ALL PRIVILEGES ON DATABASE $database TO $dbuser" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null query="GRANT CONNECT ON DATABASE template1 to $dbuser" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null query="SELECT rolpassword FROM pg_authid WHERE rolname='$dbuser';" - md5=$(psql -h $HOST -U $USER -c "$query"|grep md5|cut -f 2 -d \ ) + md5=$(psql_query "$query" | grep md5 | cut -f 2 -d \ ) } # Check if database host do not exist in config @@ -164,247 +253,109 @@ is_dbhost_new() { check_host=$(grep "HOST='$host'" $VESTA/conf/$type.conf) if [ ! -z "$check_host" ]; then echo "Error: db host exist" - log_event "$E_EXISTS" "$EVENT" + log_event "$E_EXISTS" "$ARGUMENTS" exit $E_EXISTS fi fi } -# Check MySQL database host -is_mysql_host_alive() { - query='SELECT VERSION()' - mysql -h $host -u $dbuser -p$dbpass -e "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection to $host failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi -} - -# Check PostgreSQL database host -is_pgsql_host_alive() { - export PGPASSWORD="$dbpass" - psql -h $host -U $dbuser -c "SELECT VERSION()" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection to $host failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi -} - # Get database values get_database_values() { - db_str=$(grep "DB='$database'" $USER_DATA/db.conf) - eval $db_str + eval $(grep "DB='$database'" $USER_DATA/db.conf) } # Change MySQL database password change_mysql_password() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/mysql.conf) - eval $host_str - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - echo "Error: mysql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - + mysql_connect $HOST query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@\`%\` IDENTIFIED BY '$dbpass'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@localhost IDENTIFIED BY '$dbpass'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - - query="SHOW GRANTS FOR '$DBUSER'" - md5=$(mysql -h $HOST -u $USER -p$PASSWORD -e "$query") - md5=$(echo "$md5" |grep 'PASSWORD' |tr ' ' '\n' |tail -n1 |cut -f 2 -d \') + mysql_query "$query" > /dev/null + +if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ]; then + + md5=$(mysql_query "SHOW CREATE USER \`$DBUSER\`" 2>/dev/null) + md5=$(echo "$md5" |grep password |cut -f8 -d \') +else + md5=$(mysql_query "SHOW GRANTS FOR \`$DBUSER\`" 2>/dev/null) + md5=$(echo "$md5" |grep PASSW|tr ' ' '\n' |tail -n1 |cut -f 2 -d \') +fi } # Change PostgreSQL database password change_pgsql_password() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/pgsql.conf) - eval $host_str - export PGPASSWORD="$PASSWORD" - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then - echo "Error: postgresql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi - + psql_connect $HOST query="ALTER ROLE $DBUSER WITH LOGIN PASSWORD '$dbpass'" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null query="SELECT rolpassword FROM pg_authid WHERE rolname='$DBUSER';" - md5=$(psql -h $HOST -U $USER -c "$query"|grep md5|cut -f 2 -d \ ) + md5=$(psql_query "$query" | grep md5 |cut -f 2 -d \ ) } # Delete MySQL database delete_mysql_database() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/mysql.conf) - eval $host_str - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - echo "Error: mysql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi + mysql_connect $HOST query="DROP DATABASE \`$database\`" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null query="REVOKE ALL ON \`$database\`.* FROM \`$DBUSER\`@\`%\`" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null query="REVOKE ALL ON \`$database\`.* FROM \`$DBUSER\`@localhost" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null if [ "$(grep "DBUSER='$DBUSER'" $USER_DATA/db.conf |wc -l)" -lt 2 ]; then query="DROP USER '$DBUSER'@'%'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null query="DROP USER '$DBUSER'@'localhost'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null fi } # Delete PostgreSQL database delete_pgsql_database() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/pgsql.conf) - eval $host_str - export PGPASSWORD="$PASSWORD" - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then - echo "Error: postgresql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi + psql_connect $HOST query="REVOKE ALL PRIVILEGES ON DATABASE $database FROM $DBUSER" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null query="DROP DATABASE $database" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null if [ "$(grep "DBUSER='$DBUSER'" $USER_DATA/db.conf |wc -l)" -lt 2 ]; then query="REVOKE CONNECT ON DATABASE template1 FROM $db_user" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null query="DROP ROLE $db_user" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null fi } # Dump MySQL database dump_mysql_database() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/mysql.conf) - eval $host_str - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - rm -rf $tmpdir - echo "Can't parse mysql config" | $send_mail -s "$subj" $email - echo "Error: mysql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi + mysql_connect $HOST - query='SELECT VERSION()' - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" >/dev/null 2>/tmp/e.mysql - if [ '0' -ne "$?" ]; then - rm -rf $tmpdir - echo -e "Can't connect to $HOST\n$(cat /tmp/e.mysql)" |\ - $send_mail -s "$subj" $email - echo "Error: Connection failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - - mysqldump -h $HOST -u $USER -p$PASSWORD -r $dump $database 2>/tmp/e.mysql - if [ '0' -ne "$?" ]; then - rm -rf $tmpdir - echo -e "Can't dump database $database\n$(cat /tmp/e.mysql)" |\ - $send_mail -s "$subj" $email - echo "Error: dump $database failed" - log_event "$E_DB $EVENT" - exit $E_DB - fi + mysql_dump $dump $database query="SHOW GRANTS FOR '$DBUSER'@'localhost'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" |\ - grep -v "Grants for" > $grants + mysql_query "$query" | grep -v "Grants for" > $grants query="SHOW GRANTS FOR '$DBUSER'@'%'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" |\ - grep -v "Grants for" > $grants + mysql_query "$query" | grep -v "Grants for" > $grants } # Dump PostgreSQL database dump_pgsql_database() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/pgsql.conf) - eval $host_str - export PGPASSWORD="$PASSWORD" - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then - rm -rf $tmpdir - echo "Can't parse pgsql config" |\ - $send_mail -s "$subj" $email - echo "Error: postgresql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi + psql_connect $HOST - query='SELECT VERSION()' - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - rm -rf $tmpdir - echo "Can't connect to pgsql server $HOST" |\ - $send_mail -s "$subj" $email - echo "Error: Connection failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi - - pg_dump -h $HOST -U $USER -c --inserts -O -x -i -f $dump $database \ - 2> /dev/null - - if [ '0' -ne "$?" ]; then - rm -rf $tmpdir - echo "Can't dump pgsql database $database" |\ - $send_mail -s "$subj" $email - echo "Error: dump $database failed" - log_event "$E_DB $EVENT" - exit $E_DB - fi + psql_dump $dump $database query="SELECT rolpassword FROM pg_authid WHERE rolname='$DBUSER';" - md5=$(psql -h $HOST -U $USER -c "$query" | head -n1 | cut -f 2 -d \ ) + md5=$(psql_query "$query" | head -n1 | cut -f 2 -d \ ) pw_str="UPDATE pg_authid SET rolpassword='$md5' WHERE rolname='$DBUSER';" gr_str="GRANT ALL PRIVILEGES ON DATABASE $database to '$DBUSER'" echo -e "$pw_str\n$gr_str" >> $grants @@ -416,129 +367,50 @@ is_dbhost_free() { eval $host_str if [ 0 -ne "$U_DB_BASES" ]; then echo "Error: host $HOST is used" - log_event "$E_INUSE" "$EVENT" + log_event "$E_INUSE" "$ARGUMENTS" exit $E_INUSE fi } # Suspend MySQL database suspend_mysql_database() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/mysql.conf) - eval $host_str - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - echo "Error: mysql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - + mysql_connect $HOST query="REVOKE ALL ON \`$database\`.* FROM \`$DBUSER\`@\`%\`" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - + mysql_query "$query" > /dev/null query="REVOKE ALL ON \`$database\`.* FROM \`$DBUSER\`@localhost" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null } # Suspend PostgreSQL database suspend_pgsql_database() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/pgsql.conf) - eval $host_str - export PGPASSWORD="$PASSWORD" - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then - echo "Error: postgresql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi - + psql_connect $HOST query="REVOKE ALL PRIVILEGES ON $database FROM $DBUSER" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null } # Unsuspend MySQL database unsuspend_mysql_database() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/mysql.conf) - eval $host_str - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - echo "Error: mysql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - + mysql_connect $HOST query="GRANT ALL ON \`$database\`.* FROM \`$DBUSER\`@\`%\`" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - + mysql_query "$query" > /dev/null query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@localhost" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null } # Unsuspend PostgreSQL database unsuspend_pgsql_database() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/pgsql.conf) - eval $host_str - export PGPASSWORD="$PASSWORD" - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then - echo "Error: postgresql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi - + psql_connect $HOST query="GRANT ALL PRIVILEGES ON DATABASE $database TO $DBUSER" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null } # Get MySQL disk usage get_mysql_disk_usage() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/mysql.conf) - eval $host_str - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - echo "Error: mysql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi - - query="SELECT SUM( data_length + index_length ) / 1024 / 1024 \"Size\" + mysql_connect $HOST + query="SELECT SUM( data_length + index_length ) / 1024 / 1024 'Size' FROM information_schema.TABLES WHERE table_schema='$database'" - usage=$(mysql -h $HOST -u $USER -p$PASSWORD -e "$query" |tail -n1) - if [ "$usage" == 'NULL' ] || [ "${usage:0:1}" -eq '0' ]; then + usage=$(mysql_query "$query" |tail -n1) + if [ "$usage" == '' ] || [ "$usage" == 'NULL' ] || [ "${usage:0:1}" -eq '0' ]; then usage=1 fi export LC_ALL=C @@ -547,25 +419,10 @@ get_mysql_disk_usage() { # Get PostgreSQL disk usage get_pgsql_disk_usage() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/pgsql.conf) - eval $host_str - export PGPASSWORD="$PASSWORD" - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then - echo "Error: postgresql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi + psql_connect $HOST query="SELECT pg_database_size('$database');" - usage=$(psql -h $HOST -U $USER -c "$query") + usage=$(psql_query "$query") usage=$(echo "$usage" | grep -v "-" | grep -v 'row' | sed "/^$/d") usage=$(echo "$usage" | grep -v "pg_database_size" | awk '{print $1}') if [ -z "$usage" ]; then @@ -579,59 +436,31 @@ get_pgsql_disk_usage() { # Delete MySQL user delete_mysql_user() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/mysql.conf) - eval $host_str - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - echo "Error: mysql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT $EVENT" - exit $E_CONNECT - fi + mysql_connect $HOST query="REVOKE ALL ON \`$database\`.* FROM \`$old_dbuser\`@\`%\`" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null query="REVOKE ALL ON \`$database\`.* FROM \`$old_dbuser\`@localhost" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null query="DROP USER '$old_dbuser'@'%'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null query="DROP USER '$old_dbuser'@'localhost'" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "$query" > /dev/null } # Delete PostgreSQL user delete_pgsql_user() { - host_str=$(grep "HOST='$HOST'" $VESTA/conf/pgsql.conf) - eval $host_str - export PGPASSWORD="$PASSWORD" - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then - echo "Error: postgresql config parsing failed" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Connection failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi + psql_connect $HOST query="REVOKE ALL PRIVILEGES ON DATABASE $database FROM $old_dbuser" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null query="REVOKE CONNECT ON DATABASE template1 FROM $old_dbuser" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null + query="DROP ROLE $old_dbuser" - psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 + psql_query "$query" > /dev/null } diff --git a/func/domain.sh b/func/domain.sh index 58f35eb66..6bd05b910 100644 --- a/func/domain.sh +++ b/func/domain.sh @@ -1,166 +1,446 @@ +#----------------------------------------------------------# +# WEB # +#----------------------------------------------------------# + # Web template check is_web_template_valid() { - t="$WEBTPL/$WEB_SYSTEM/$template.tpl" - s="$WEBTPL/$WEB_SYSTEM/$template.stpl" - if [ ! -e $t ] || [ ! -e $s ]; then - echo "Error: web template $template not found" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + if [ ! -z "$WEB_SYSTEM" ]; then + tpl="$WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/$1.tpl" + stpl="$WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/$1.stpl" + if [ ! -e "$tpl" ] || [ ! -e "$stpl" ]; then + check_result $E_NOTEXIST "$1 web template doesn't exist" + fi fi } # Proxy template check is_proxy_template_valid() { - t="$WEBTPL/$PROXY_SYSTEM/$template.tpl" - s="$WEBTPL/$PROXY_SYSTEM/$template.stpl" - if [ ! -e $t ] || [ ! -e $s ]; then - echo "Error: proxy template $template not found" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + if [ ! -z "$PROXY_SYSTEM" ]; then + tpl="$WEBTPL/$PROXY_SYSTEM/$1.tpl" + stpl="$WEBTPL/$PROXY_SYSTEM/$1.stpl" + if [ ! -e "$tpl" ] || [ ! -e "$stpl" ]; then + check_result $E_NOTEXIST "$1 proxy template doesn't exist" + fi fi } +# Backend template check +is_backend_template_valid() { + if [ ! -z "$WEB_BACKEND" ]; then + if [ ! -e "$WEBTPL/$WEB_BACKEND/$1.tpl" ]; then + check_result $E_NOTEXIST "$1 backend template doesn't exist" + fi + fi +} + +# Web domain existence check +is_web_domain_new() { + web=$(grep -F -H "DOMAIN='$1'" $VESTA/data/users/*/web.conf) + if [ ! -z "$web" ]; then + if [ "$type" == 'web' ]; then + check_result $E_EXISTS "Web domain $1 exist" + fi + web_user=$(echo "$web" |cut -f 7 -d /) + if [ "$web_user" != "$user" ]; then + check_result $E_EXISTS "Web domain $1 exist" + fi + fi +} + +# Web alias existence check +is_web_alias_new() { + web_alias=$(grep -wH "$1" $VESTA/data/users/*/web.conf) + if [ ! -z "$web_alias" ]; then + a1=$(echo "$web_alias" |grep -F "'$1'" |cut -f 7 -d /) + if [ ! -z "$a1" ] && [ "$2" == "web" ]; then + check_result $E_EXISTS "Web alias $1 exists" + fi + if [ ! -z "$a1" ] && [ "$a1" != "$user" ]; then + check_result $E_EXISTS "Web alias $1 exists" + fi + a2=$(echo "$web_alias" |grep -F "'$1," |cut -f 7 -d /) + if [ ! -z "$a2" ] && [ "$2" == "web" ]; then + check_result $E_EXISTS "Web alias $1 exists" + fi + if [ ! -z "$a2" ] && [ "$a2" != "$user" ]; then + check_result $E_EXISTS "Web alias $1 exists" + fi + a3=$(echo "$web_alias" |grep -F ",$1," |cut -f 7 -d /) + if [ ! -z "$a3" ] && [ "$2" == "web" ]; then + check_result $E_EXISTS "Web alias $1 exists" + fi + if [ ! -z "$a3" ] && [ "$a3" != "$user" ]; then + check_result $E_EXISTS "Web alias $1 exists" + fi + a4=$(echo "$web_alias" |grep -F ",$1'" |cut -f 7 -d /) + if [ ! -z "$a4" ] && [ "$2" == "web" ]; then + check_result $E_EXISTS "Web alias $1 exists" + fi + if [ ! -z "$a4" ] && [ "$a4" != "$user" ]; then + check_result $E_EXISTS "Web alias $1 exists" + fi + fi +} + +# Prepare web backend +prepare_web_backend() { + pool=$(find -L /etc/php* -type d \( -name "pool.d" -o -name "*fpm.d" \)) + if [ ! -e "$pool" ]; then + check_result $E_NOTEXIST "php-fpm pool doesn't exist" + fi + + backend_type="$domain" + if [ "$WEB_BACKEND_POOL" = 'user' ]; then + backend_type="$user" + fi + if [ -e "$pool/$backend_type.conf" ]; then + backend_lsnr=$(grep "listen =" $pool/$backend_type.conf) + backend_lsnr=$(echo "$backend_lsnr" |cut -f 2 -d = |sed "s/ //") + if [ ! -z "$(echo $backend_lsnr |grep /)" ]; then + backend_lsnr="unix:$backend_lsnr" + fi + fi +} + +# Prepare web aliases +prepare_web_aliases() { + i=1 + for tmp_alias in ${1//,/ }; do + tmp_alias_idn="$tmp_alias" + if [[ "$tmp_alias" = *[![:ascii:]]* ]]; then + tmp_alias_idn=$(idn -t --quiet -a $tmp_alias) + fi + if [[ $i -eq 1 ]]; then + aliases="$tmp_alias" + aliases_idn="$tmp_alias_idn" + alias_string="ServerAlias $tmp_alias_idn" + else + aliases="$aliases,$tmp_alias" + aliases_idn="$aliases_idn,$tmp_alias_idn" + if (( $i % 100 == 0 )); then + alias_string="$alias_string\n ServerAlias $tmp_alias_idn" + else + alias_string="$alias_string $tmp_alias_idn" + fi + fi + alias_number=$i + ((i++)) + done +} + +# Update web domain values +prepare_web_domain_values() { + if [[ "$domain" = *[![:ascii:]]* ]]; then + domain_idn=$(idn -t --quiet -a $domain) + else + domain_idn=$domain + fi + group="$user" + email="info@$domain" + docroot="$HOMEDIR/$user/web/$domain/public_html" + sdocroot="$docroot" + if [ "$SSL_HOME" = 'single' ]; then + sdocroot="$HOMEDIR/$user/web/$domain/public_shtml" ; + fi + + if [ ! -z "$WEB_BACKEND" ]; then + prepare_web_backend + fi + + server_alias='' + alias_string='' + aliases_idn='' + prepare_web_aliases $ALIAS + + ssl_crt="$HOMEDIR/$user/conf/web/ssl.$domain.crt" + ssl_key="$HOMEDIR/$user/conf/web/ssl.$domain.key" + ssl_pem="$HOMEDIR/$user/conf/web/ssl.$domain.pem" + ssl_ca="$HOMEDIR/$user/conf/web/ssl.$domain.ca" + if [ ! -e "$USER_DATA/ssl/$domain.ca" ]; then + ssl_ca_str='#' + fi + if [ "$SUSPENDED" = 'yes' ]; then + docroot="$VESTA/data/templates/web/suspend" + sdocroot="$VESTA/data/templates/web/suspend" + fi +} + +# Add web config +add_web_config() { + conf="$HOMEDIR/$user/conf/web/$domain.$1.conf" + if [[ "$2" =~ stpl$ ]]; then + conf="$HOMEDIR/$user/conf/web/$domain.$1.ssl.conf" + fi + + domain_idn=$domain + format_domain_idn + + cat $WEBTPL/$1/$WEB_BACKEND/$2 | \ + sed -e "s|%ip%|$local_ip|g" \ + -e "s|%domain%|$domain|g" \ + -e "s|%domain_idn%|$domain_idn|g" \ + -e "s|%alias%|${aliases//,/ }|g" \ + -e "s|%alias_idn%|${aliases_idn//,/ }|g" \ + -e "s|%alias_string%|$alias_string|g" \ + -e "s|%email%|info@$domain|g" \ + -e "s|%web_system%|$WEB_SYSTEM|g" \ + -e "s|%web_port%|$WEB_PORT|g" \ + -e "s|%web_ssl_port%|$WEB_SSL_PORT|g" \ + -e "s|%backend_lsnr%|$backend_lsnr|g" \ + -e "s|%rgroups%|$WEB_RGROUPS|g" \ + -e "s|%proxy_system%|$PROXY_SYSTEM|g" \ + -e "s|%proxy_port%|$PROXY_PORT|g" \ + -e "s|%proxy_ssl_port%|$PROXY_SSL_PORT|g" \ + -e "s/%proxy_extentions%/${PROXY_EXT//,/|}/g" \ + -e "s|%user%|$user|g" \ + -e "s|%group%|$user|g" \ + -e "s|%home%|$HOMEDIR|g" \ + -e "s|%docroot%|$docroot|g" \ + -e "s|%sdocroot%|$sdocroot|g" \ + -e "s|%ssl_crt%|$ssl_crt|g" \ + -e "s|%ssl_key%|$ssl_key|g" \ + -e "s|%ssl_pem%|$ssl_pem|g" \ + -e "s|%ssl_ca_str%|$ssl_ca_str|g" \ + -e "s|%ssl_ca%|$ssl_ca|g" \ + > $conf + + chown root:$user $conf + chmod 640 $conf + + if [ -z "$(grep "$conf" /etc/$1/conf.d/vesta.conf)" ]; then + if [ "$1" != 'nginx' ]; then + echo "Include $conf" >> /etc/$1/conf.d/vesta.conf + else + echo "include $conf;" >> /etc/$1/conf.d/vesta.conf + fi + fi + + trigger="${2/%.tpl/.sh}" + if [[ "$2" =~ stpl$ ]]; then + trigger="${2/%.stpl/.sh}" + fi + + if [ -x "$WEBTPL/$1/$WEB_BACKEND/$trigger" ]; then + $WEBTPL/$1/$WEB_BACKEND/$trigger \ + $user $domain $local_ip $HOMEDIR \ + $HOMEDIR/$user/web/$domain/public_html + fi +} + +# Get config top and bottom line number +get_web_config_lines() { + tpl_lines=$(egrep -ni "name %domain_idn%" $1 |grep -w %domain_idn%) + tpl_lines=$(echo "$tpl_lines" |cut -f 1 -d :) + tpl_last_line=$(wc -l $1 |cut -f 1 -d ' ') + if [ -z "$tpl_lines" ]; then + check_result $E_PARSING "can't parse template $1" + fi + + domain_idn=$domain + format_domain_idn + vhost_lines=$(grep -niF "name $domain_idn" $2) + vhost_lines=$(echo "$vhost_lines" |egrep "$domain_idn($| |;)") #" + vhost_lines=$(echo "$vhost_lines" |cut -f 1 -d :) + if [ -z "$vhost_lines" ]; then + check_result $E_PARSING "can't parse config $2" + fi + + top_line=$((vhost_lines + 1 - tpl_lines)) + bottom_line=$((top_line - 1 + tpl_last_line)) + multi=$(sed -n "$top_line,$bottom_line p" $2 |grep ServerAlias |wc -l) + if [ "$multi" -ge 2 ]; then + bottom_line=$((bottom_line + multi -1)) + fi +} + +# Replace web config +replace_web_config() { + conf="$HOMEDIR/$user/conf/web/$domain.$1.conf" + if [[ "$2" =~ stpl$ ]]; then + conf="$HOMEDIR/$user/conf/web/$domain.$1.ssl.conf" + fi + + if [ -e "$conf" ]; then + sed -i "s|$old|$new|g" $conf + else + # fallback to old style configs + conf="$HOMEDIR/$user/conf/web/$1.conf" + if [[ "$2" =~ stpl$ ]]; then + conf="$HOMEDIR/$user/conf/web/s$1.conf" + fi + get_web_config_lines $WEBTPL/$1/$WEB_BACKEND/$2 $conf + sed -i "$top_line,$bottom_line s|$old|$new|g" $conf + fi +} + +# Delete web configuration +del_web_config() { + conf="$HOMEDIR/$user/conf/web/$domain.$1.conf" + if [[ "$2" =~ stpl$ ]]; then + conf="$HOMEDIR/$user/conf/web/$domain.$1.ssl.conf" + fi + + if [ -e "$conf" ]; then + sed -i "\|$conf|d" /etc/$1/conf.d/vesta.conf + rm -f $conf + else + # fallback to old style configs + conf="$HOMEDIR/$user/conf/web/$1.conf" + if [[ "$2" =~ stpl$ ]]; then + conf="$HOMEDIR/$user/conf/web/s$1.conf" + fi + if [ -e "$conf" ]; then + get_web_config_lines $WEBTPL/$1/$WEB_BACKEND/$2 $conf + sed -i "$top_line,$bottom_line d" $conf + fi + fi + # clean-up for both config styles if there is no more domains + web_domain=$(grep DOMAIN $USER_DATA/web.conf |wc -l) + if [ "$web_domain" -eq '0' ]; then + sed -i "/.*\/$user\/conf\/web\//d" /etc/$1/conf.d/vesta.conf + if [ -f "$conf" ]; then + rm -f $conf + fi + fi +} + +# SSL certificate verification +is_web_domain_cert_valid() { + if [ ! -e "$ssl_dir/$domain.crt" ]; then + check_result $E_NOTEXIST "$ssl_dir/$domain.crt not found" + fi + + if [ ! -e "$ssl_dir/$domain.key" ]; then + check_result $E_NOTEXIST "$ssl_dir/$domain.key not found" + fi + + crt_vrf=$(openssl verify $ssl_dir/$domain.crt 2>&1) + if [ ! -z "$(echo $crt_vrf |grep 'unable to load')" ]; then + check_result $E_INVALID "SSL Certificate is not valid" + fi + + if [ ! -z "$(echo $crt_vrf |grep 'unable to get local issuer')" ]; then + if [ ! -e "$ssl_dir/$domain.ca" ]; then + check_result $E_NOTEXIST "Certificate Authority not found" + fi + fi + + if [ -e "$ssl_dir/$domain.ca" ]; then + s1=$(openssl x509 -text -in $ssl_dir/$domain.crt 2>/dev/null) + s1=$(echo "$s1" |grep Issuer |awk -F = '{print $6}' |head -n1) + s2=$(openssl x509 -text -in $ssl_dir/$domain.ca 2>/dev/null) + s2=$(echo "$s2" |grep Subject |awk -F = '{print $6}' |head -n1) + if [ "$s1" != "$s2" ]; then + check_result $E_NOTEXIST "SSL intermediate chain is not valid" + fi + fi + + key_vrf=$(grep 'PRIVATE KEY' $ssl_dir/$domain.key |wc -l) + if [ "$key_vrf" -ne 2 ]; then + check_result $E_INVALID "SSL Key is not valid" + fi + if [ ! -z "$(grep 'ENCRYPTED' $ssl_dir/$domain.key)" ]; then + check_result $E_FORBIDEN "SSL Key is protected (remove pass_phrase)" + fi + + openssl s_server -port 654321 -quiet -cert $ssl_dir/$domain.crt \ + -key $ssl_dir/$domain.key >> /dev/null 2>&1 & + pid=$! + sleep 0.5 + disown &> /dev/null + kill $pid &> /dev/null + check_result $? "ssl certificate key pair is not valid" $E_INVALID +} + + +#----------------------------------------------------------# +# DNS # +#----------------------------------------------------------# + # DNS template check is_dns_template_valid() { - t="$DNSTPL/$template.tpl" - if [ ! -e $t ]; then - echo "Error: dns template $template not found" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + if [ ! -e "$DNSTPL/$1.tpl" ]; then + check_result $E_NOTEXIST "$1 dns template doesn't exist" fi } -# Checking domain existance -is_domain_new() { - type="$1" - dom=${2-$domain} - - web=$(grep -F -H "DOMAIN='$dom'" $VESTA/data/users/*/web.conf) - dns=$(grep -F -H "DOMAIN='$dom'" $VESTA/data/users/*/dns.conf) - mail=$(grep -F -H "DOMAIN='$dom'" $VESTA/data/users/*/mail.conf) - - # Check web domain - if [ ! -z "$web" ] && [ "$type" == 'web' ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - if [ ! -z "$web" ]; then - web_user=$(echo "$web" |cut -f 7 -d /) - if [ "$web_user" != "$user" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - fi - - # Check dns domain - if [ ! -z "$dns" ] && [ "$type" == 'dns' ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi +# DNS domain existence check +is_dns_domain_new() { + dns=$(ls $VESTA/data/users/*/dns/$1.conf 2>/dev/null) if [ ! -z "$dns" ]; then + if [ "$2" == 'dns' ]; then + check_result $E_EXISTS "DNS domain $1 exists" + fi dns_user=$(echo "$dns" |cut -f 7 -d /) if [ "$dns_user" != "$user" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + check_result $E_EXISTS "DNS domain $1 exists" fi fi - - # Check mail domain - if [ ! -z "$mail" ] && [ "$type" == 'mail' ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - if [ ! -z "$mail" ]; then - mail_user=$(echo "$mail" |cut -f 7 -d /) - if [ "$mail_user" != "$user" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - fi - - # Check web aliases - web_alias=$(grep -w $dom $VESTA/data/users/*/web.conf) - if [ ! -z "$web_alias" ]; then - c1=$(grep -H "'$dom'" $VESTA/data/users/*/web.conf | cut -f 7 -d /) - c2=$(grep -H "'$dom," $VESTA/data/users/*/web.conf | cut -f 7 -d /) - c3=$(grep -H ",$dom," $VESTA/data/users/*/web.conf | cut -f 7 -d /) - c4=$(grep -H ",$dom'" $VESTA/data/users/*/web.conf | cut -f 7 -d /) - if [ ! -z "$c1" ] && [ "$type" == "web" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - if [ ! -z "$c1" ] && [ "$c1" != "$user" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - - if [ ! -z "$c2" ] && [ "$type" == "web" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - if [ ! -z "$c2" ] && [ "$c2" != "$user" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - - if [ ! -z "$c3" ] && [ "$type" == "web" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - if [ ! -z "$c3" ] && [ "$c3" != "$user" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - - if [ ! -z "$c4" ] && [ "$type" == "web" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - if [ ! -z "$c4" ] && [ "$c4" != "$user" ]; then - echo "Error: domain $dom exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - fi -} - -# Checking mail account existance -is_mail_new() { - check_acc=$(grep "ACCOUNT='$1'" $USER_DATA/mail/$domain.conf) - if [ ! -z "$check_acc" ]; then - echo "Error: mail account $1 exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi - check_als=$(awk -F "ALIAS='" '{print $2}' $USER_DATA/mail/$domain.conf ) - check_als=$(echo "$check_als" | cut -f 1 -d "'" | grep -w $1) - if [ ! -z "$check_als" ]; then - echo "Error: mail alias $1 exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS - fi } # Update domain zone update_domain_zone() { - conf="$HOMEDIR/$user/conf/dns/$domain.db" - line=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) + domain_param=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) + eval $domain_param + SOA=$(idn --quiet -a -t "$SOA") + if [ -z "$SERIAL" ]; then + SERIAL=$(date +'%Y%m%d01') + fi + if [[ "$domain" = *[![:ascii:]]* ]]; then + domain_idn=$(idn -t --quiet -a $domain) + else + domain_idn=$domain + fi + zn_conf="$HOMEDIR/$user/conf/dns/$domain.db" + echo "\$TTL $TTL +@ IN SOA $SOA. root.$domain_idn. ( + $SERIAL + 7200 + 3600 + 1209600 + 180 ) +" > $zn_conf fields='$RECORD\t$TTL\tIN\t$TYPE\t$PRIORITY\t$VALUE' - if [ -e $conf ]; then - zn_serial=$(head $conf|grep 'SOA' -A1|tail -n 1|sed "s/ //g") + while read line ; do + IFS=$'\n' + for key in $(echo $line|sed "s/' /'\n/g"); do + eval ${key%%=*}="${key#*=}" + done + + RECORD=$(idn --quiet -a -t "$RECORD") + if [ "$TYPE" = 'CNAME' ] || [ "$TYPE" = 'MX' ]; then + VALUE=$(idn --quiet -a -t "$VALUE") + fi + + # Split long TXT entries into 255 chunks + if [ "$TYPE" = 'TXT' ]; then + txtlength=${#VALUE} + if [ $txtlength -gt 255 ]; then + already_chunked=0 + if [[ $VALUE == *"\" \""* ]] || [[ $VALUE == *"\"\""* ]]; then + already_chunked=1 + fi + if [ $already_chunked -eq 0 ]; then + if [[ ${VALUE:0:1} = '"' ]]; then + txtlength=$(( $txtlength - 2 )) + VALUE=${VALUE:1:txtlength} + fi + VALUE=$(echo $VALUE | fold -w 255 | xargs -I '$' echo -n '"$"') + fi + fi + fi + + if [ "$SUSPENDED" != 'yes' ]; then + eval echo -e "\"$fields\""|sed "s/%quote%/'/g" >> $zn_conf + fi + done < $USER_DATA/dns/$domain.conf +} + +# Update zone serial +update_domain_serial() { + zn_conf="$HOMEDIR/$user/conf/dns/$domain.db" + if [ -e $zn_conf ]; then + zn_serial=$(head $zn_conf |grep 'SOA' -A1 |tail -n 1 |sed "s/ //g") s_date=$(echo ${zn_serial:0:8}) c_date=$(date +'%Y%m%d') if [ "$s_date" == "$c_date" ]; then @@ -177,32 +457,8 @@ update_domain_zone() { else serial="$(date +'%Y%m%d01')" fi - - eval $line - SOA=$(idn --quiet -a -t "$SOA") - echo "\$TTL $TTL -@ IN SOA $SOA. root.$domain_idn. ( - $serial - 7200 - 3600 - 1209600 - 180 ) -" > $conf - while read line ; do - IFS=$'\n' - for key in $(echo $line|sed "s/' /'\n/g"); do - eval ${key%%=*}="${key#*=}" - done - - RECORD=$(idn --quiet -a -t "$RECORD") - if [ "$TYPE" = 'CNAME' ] || [ "$TYPE" = 'MX' ]; then - VALUE=$(idn --quiet -a -t "$VALUE") - fi - - if [ "$SUSPENDED" != 'yes' ]; then - eval echo -e "\"$fields\""|sed "s/%quote%/'/g" >> $conf - fi - done < $USER_DATA/dns/$domain.conf + add_object_key "dns" 'DOMAIN' "$domain" 'SERIAL' 'RECORDS' + update_object_value 'dns' 'DOMAIN' "$domain" '$SERIAL' "$serial" } # Get next DNS record ID @@ -221,225 +477,6 @@ sort_dns_records() { mv -f $conf.tmp $conf } -# Add web config -add_web_config() { - cat $tpl_file | \ - sed -e "s|%ip%|$ip|g" \ - -e "s|%web_system%|$WEB_SYSTEM|g" \ - -e "s|%web_port%|$WEB_PORT|g" \ - -e "s|%web_ssl_port%|$WEB_SSL_PORT|g" \ - -e "s|%rgroups%|$WEB_RGROUPS|g" \ - -e "s|%proxy_system%|$PROXY_SYSTEM|g" \ - -e "s|%proxy_port%|$PROXY_PORT|g" \ - -e "s|%proxy_ssl_port%|$PROXY_SSL_PORT|g" \ - -e "s/%proxy_extentions%/${PROXY_EXT//,/|}/g" \ - -e "s|%domain_idn%|$domain_idn|g" \ - -e "s|%domain%|$domain|g" \ - -e "s|%user%|$user|g" \ - -e "s|%group%|$group|g" \ - -e "s|%home%|$HOMEDIR|g" \ - -e "s|%docroot%|$docroot|g" \ - -e "s|%sdocroot%|$sdocroot|g" \ - -e "s|%email%|$email|g" \ - -e "s|%alias_string%|$alias_string|g" \ - -e "s|%alias_idn%|${aliases_idn//,/ }|g" \ - -e "s|%alias%|${aliases//,/ }|g" \ - -e "s|%ssl_crt%|$ssl_crt|g" \ - -e "s|%ssl_key%|$ssl_key|g" \ - -e "s|%ssl_pem%|$ssl_pem|g" \ - -e "s|%ssl_ca_str%|$ssl_ca_str|g" \ - -e "s|%ssl_ca%|$ssl_ca|g" \ - >> $conf -} - -# Get config top and bottom line numbers -get_web_config_brds() { - serv_line=$(egrep -ni "Name %domain_idn%($| )" $tpl_file |cut -f 1 -d :) - if [ -z "$serv_line" ]; then - log_event "$E_PARSING" "$EVENT" - return $E_PARSING - fi - - last_line=$(wc -l $tpl_file|cut -f 1 -d ' ') - bfr_line=$((serv_line - 1)) - aftr_line=$((last_line - serv_line - 1)) - - str=$(egrep -ni "Name $domain_idn($| )" $conf | cut -f 1 -d :) - top_line=$((str - serv_line + 1)) - bottom_line=$((top_line + last_line -1)) - - multi=$(sed -n "$top_line,$bottom_line p" $conf |grep ServerAlias |wc -l) - if [ "$multi" -ge 2 ]; then - bottom_line=$((bottom_line + multi -1)) - fi - -} - -# Replace web config -replace_web_config() { - get_web_config_brds || exit $? - clean_new=$(echo "$new" | sed \ - -e 's/\\/\\\\/g' \ - -e 's/&/\\&/g' \ - -e 's/\//\\\//g') - clean_old=$(echo "$old" | sed \ - -e 's/\\/\\\\/g' \ - -e 's/&/\\&/g' \ - -e 's/\//\\\//g') - - sed -i "$top_line,$bottom_line s/$clean_old/$clean_new/" $conf -} - -# Get domain variables -get_domain_values() { - for line in $(grep "DOMAIN='$domain'" $USER_DATA/$1.conf); do - eval $line - done -} - -# SSL certificate verification -is_web_domain_cert_valid() { - if [ ! -e "$ssl_dir/$domain.crt" ]; then - echo "Error: $ssl_dir/$domain.crt not found" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi - - if [ ! -e "$ssl_dir/$domain.key" ]; then - echo "Error: $ssl_dir/$domain.key not found" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi - - crt_vrf=$(openssl verify $ssl_dir/$domain.crt 2>&1) - if [ ! -z "$(echo $crt_vrf | grep 'unable to load')" ]; then - echo "Error: SSL Certificate is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi - - if [ ! -z "$(echo $crt_vrf | grep 'unable to get local issuer')" ]; then - if [ ! -e "$ssl_dir/$domain.ca" ]; then - echo "Error: Certificate Authority not found" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi - fi - - if [ -e "$ssl_dir/$domain.ca" ]; then - s1=$(openssl x509 -text -in $ssl_dir/$domain.crt 2>/dev/null) - s1=$(echo "$s1" |grep Issuer |awk -F = '{print $6}' |head -n1) - s2=$(openssl x509 -text -in $ssl_dir/$domain.ca 2>/dev/null) - s2=$(echo "$s2" |grep Subject |awk -F = '{print $6}' |head -n1) - if [ "$s1" != "$s2" ]; then - echo "Error: SSL intermediate chain is not valid" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi - fi - - key_vrf=$(grep 'PRIVATE KEY' $ssl_dir/$domain.key | wc -l) - if [ "$key_vrf" -ne 2 ]; then - echo "Error: SSL Key is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi - - openssl s_server -quiet -cert $ssl_dir/$domain.crt \ - -key $ssl_dir/$domain.key >> /dev/null 2>&1 & - pid=$! - sleep 0.5 - disown &> /dev/null - kill $pid &> /dev/null - if [ "$?" -ne '0' ]; then - echo "Error: ssl certificate key pair is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Delete web configuartion -del_web_config() { - get_web_config_brds || exit $? - sed -i "$top_line,$bottom_line d" $conf -} - -# Update web domain values -upd_web_domain_values() { - group="$user" - email="info@$domain" - docroot="$HOMEDIR/$user/web/$domain/public_html" - sdocroot=$docroot - if [ "$SSL_HOME" = 'single' ]; then - sdocroot="$HOMEDIR/$user/web/$domain/public_shtml" ; - fi - - i=1 - j=1 - OLD_IFS="$IFS" - IFS=',' - server_alias='' - alias_string='' - aliases_idn='' - - for dalias in $ALIAS; do - dalias=$(idn -t --quiet -a $dalias) - check_8k="$server_alias $dalias" - if [ "${#check_8k}" -ge '8100' ]; then - if [ "$j" -eq 1 ]; then - alias_string="ServerAlias $server_alias" - else - alias_string="$alias_string\n ServerAlias $server_alias" - fi - j=2 - server_alias='' - fi - if [ "$i" -eq 1 ]; then - aliases_idn="$dalias" - server_alias="$dalias" - alias_string="ServerAlias $server_alias" - else - aliases_idn="$aliases_idn,$dalias" - server_alias="$server_alias $dalias" - fi - i=2 - done - - if [ $j -gt 1 ]; then - alias_string="$alias_string\n ServerAlias $server_alias" - else - alias_string="ServerAlias $server_alias" - fi - - IFS=$OLD_IFS - if [ "$ELOG" = 'no' ]; then - elog='#' - else - elog='' - fi - - if [ "$CGI" != 'yes' ]; then - cgi='#' - cgi_option='-ExecCGI' - else - cgi='' - cgi_option='+ExecCGI' - fi - - ssl_crt="$HOMEDIR/$user/conf/web/ssl.$domain.crt" - ssl_key="$HOMEDIR/$user/conf/web/ssl.$domain.key" - ssl_pem="$HOMEDIR/$user/conf/web/ssl.$domain.pem" - ssl_ca="$HOMEDIR/$user/conf/web/ssl.$domain.ca" - if [ ! -e "$USER_DATA/ssl/$domain.ca" ]; then - ssl_ca_str='#' - fi - - if [ "$SUSPENDED" = 'yes' ]; then - docroot="$VESTA/data/templates/web/suspend" - sdocroot="$VESTA/data/templates/web/suspend" - fi -} - # Check if this is a last record is_dns_record_critical() { str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf) @@ -448,7 +485,7 @@ is_dns_record_critical() { records=$(grep "TYPE='$TYPE'" $USER_DATA/dns/$domain.conf| wc -l) if [ $records -le 1 ]; then echo "Error: at least one $TYPE record should remain active" - log_event "$E_INVALID" "$EVENT" + log_event "$E_INVALID" "$ARGUMENTS" exit $E_INVALID fi fi @@ -470,7 +507,7 @@ is_dns_fqnd() { r=$(echo $r|sed -e "s/\.$//") msg="$t record $r should be a fully qualified domain name (FQDN)" echo "Error: $msg" - log_event "$E_INVALID" "$EVENT" + log_event "$E_INVALID" "$ARGUMENTS" exit $E_INVALID fi fi @@ -488,10 +525,68 @@ is_dns_nameserver_valid() { a_record=$(echo $r |cut -f 1 -d '.') n_record=$(grep "RECORD='$a_record'" $zone| grep "TYPE='A'") if [ -z "$n_record" ]; then - echo "Error: corresponding A record $a_record.$d does not exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + check_result $E_NOTEXIST "IN A $a_record.$d does not exist" fi fi fi } + + + +#----------------------------------------------------------# +# MAIL # +#----------------------------------------------------------# + +# Mail domain existence check +is_mail_domain_new() { + mail=$(ls $VESTA/data/users/*/mail/$1.conf 2>/dev/null) + if [ ! -z "$mail" ]; then + if [ "$2" == 'mail' ]; then + check_result $E_EXISTS "Mail domain $1 exists" + fi + mail_user=$(echo "$mail" |cut -f 7 -d /) + if [ "$mail_user" != "$user" ]; then + check_result $E_EXISTS "Mail domain $1 exists" + fi + fi +} + +# Checking mail account existance +is_mail_new() { + check_acc=$(grep "ACCOUNT='$1'" $USER_DATA/mail/$domain.conf) + if [ ! -z "$check_acc" ]; then + check_result $E_EXISTS "mail account $1 is already exists" + fi + check_als=$(awk -F "ALIAS='" '{print $2}' $USER_DATA/mail/$domain.conf ) + check_als=$(echo "$check_als" | cut -f 1 -d "'" | grep -w $1) + if [ ! -z "$check_als" ]; then + check_result $E_EXISTS "mail alias $1 is already exists" + fi +} + + +#----------------------------------------------------------# +# CMN # +#----------------------------------------------------------# + +# Checking domain existance +is_domain_new() { + type=$1 + for object in ${2//,/ }; do + if [ ! -z "$WEB_SYSTEM" ]; then + is_web_domain_new $object $type + is_web_alias_new $object $type + fi + if [ ! -z "$DNS_SYSTEM" ]; then + is_dns_domain_new $object $type + fi + if [ ! -z "$MAIL_SYSTEM" ]; then + is_mail_domain_new $object $type + fi + done +} + +# Get domain variables +get_domain_values() { + eval $(grep "DOMAIN='$domain'" $USER_DATA/$1.conf) +} diff --git a/func/ip.sh b/func/ip.sh index 6e1bb06d7..c99a3272b 100644 --- a/func/ip.sh +++ b/func/ip.sh @@ -1,80 +1,40 @@ -# Validationg ip address -is_ip_valid() { - userip=${1-$ip} - check_nat=$(grep -H "^NAT='$userip'" $VESTA/data/ips/* 2>/dev/null) - if [ ! -e "$VESTA/data/ips/$userip" ] && [ -z "$check_nat" ] ; then - echo "Error: IP $userip not exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi -} - -# Check if ip availabile for user -is_ip_avalable() { - userip=${1-$ip} - if [ -e "$VESTA/data/ips/$userip" ]; then - ip_data=$(cat $VESTA/data/ips/$userip) - else - nated_ip=$(grep -H "^NAT='$userip'" $VESTA/data/ips/* 2>/dev/null) - nated_ip=$(echo "$nated_ip" | cut -f 1 -d : | cut -f 7 -d /) - ip_data=$(cat $VESTA/data/ips/$nated_ip) - fi - owner=$(echo "$ip_data"|grep OWNER= | cut -f 2 -d \') - status=$(echo "$ip_data"|grep STATUS= | cut -f 2 -d \') - shared=no - if [ 'admin' = "$owner" ] && [ "$status" = 'shared' ]; then - shared='yes' - fi - if [ "$owner" != "$user" ] && [ "$shared" != 'yes' ]; then - echo "Error: User $user don't have permission to use $userip" - log_event "$E_FORBIDEN" "$EVENT" - exit $E_FORBIDEN - fi -} - # Check ip ownership is_ip_owner() { - # Parsing ip - owner=$(grep 'OWNER=' $VESTA/data/ips/$IP|cut -f 2 -d \') + owner=$(grep 'OWNER=' $VESTA/data/ips/$ip |cut -f 2 -d \') if [ "$owner" != "$user" ]; then - echo "Error: IP $IP not owned" - log_event "$E_FORBIDEN" "$EVENT" - exit $E_FORBIDEN + check_result $E_FORBIDEN "$ip is not owned by $user" fi } # Check if ip address is free is_ip_free() { if [ -e "$VESTA/data/ips/$ip" ]; then - echo "Error: IP exist" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + check_result $E_EXISTS "$ip is already exists" fi } # Get full interface name get_ip_iface() { - i=$(/sbin/ifconfig -a |grep -w "$interface"|cut -f1 -d ' '|\ - tail -n 1|cut -f 2 -d :) + i=$(/sbin/ip addr |grep -w $interface |\ + awk '{print $NF}' |tail -n 1 |cut -f 2 -d :) if [ "$i" = "$interface" ]; then n=0 else n=$((i + 1)) fi - iface="$interface:$n" + echo "$interface:$n" } -# Check ip address speciefic value +# Check ip address specific value is_ip_key_empty() { key="$1" string=$(cat $VESTA/data/ips/$ip) eval $string eval value="$key" if [ ! -z "$value" ] && [ "$value" != '0' ]; then - echo "Error: $key is not empty = $value" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + key="$(echo $key|sed -e "s/\$U_//")" + check_result $E_EXISTS "IP is in use / $key = $value" fi } @@ -94,8 +54,11 @@ update_ip_value() { } # Get ip name -get_ip_name() { - grep "NAME=" $VESTA/data/ips/$ip | cut -f 2 -d \' +get_ip_alias() { + ip_name=$(grep "NAME=" $VESTA/data/ips/$local_ip |cut -f 2 -d \') + if [ ! -z "$ip_name" ]; then + echo "${1//./-}.$ip_name" + fi } # Increase ip value @@ -108,7 +71,7 @@ increase_ip_value() { current_usr=$(grep "$usr_key=" $VESTA/data/ips/$sip |cut -f 2 -d \') if [ -z "$current_web" ]; then echo "Error: Parsing error" - log_event "$E_PARSING" "$EVENT" + log_event "$E_PARSING" "$ARGUMENTS" exit $E_PARSING fi new_web=$((current_web + 1)) @@ -124,9 +87,9 @@ increase_ip_value() { fi sed -i "s/$web_key='$current_web'/$web_key='$new_web'/g" \ - $VESTA/data/ips/$ip + $VESTA/data/ips/$sip sed -i "s/$usr_key='$current_usr'/$usr_key='$new_usr'/g" \ - $VESTA/data/ips/$ip + $VESTA/data/ips/$sip } # Decrease ip value @@ -140,9 +103,7 @@ decrease_ip_value() { current_usr=$(grep "$usr_key=" $VESTA/data/ips/$sip |cut -f 2 -d \') if [ -z "$current_web" ]; then - echo "Error: Parsing error" - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING + check_result $E_PARSING "Parsing error" fi new_web=$((current_web - 1)) @@ -166,38 +127,123 @@ decrease_ip_value() { # Get ip address value get_ip_value() { key="$1" - string=$( cat $VESTA/data/ips/$ip ) + string=$(cat $VESTA/data/ips/$ip) eval $string eval value="$key" echo "$value" } + # Get real ip address get_real_ip() { if [ -e "$VESTA/data/ips/$1" ]; then echo $1 else - nated_ip=$(grep -H "^NAT='$1'" $VESTA/data/ips/*) - echo "$nated_ip" | cut -f 1 -d : | cut -f 7 -d / + nat=$(grep -H "^NAT='$1'" $VESTA/data/ips/*) + if [ ! -z "$nat" ]; then + echo "$nat" |cut -f 1 -d : |cut -f 7 -d / |head -n 1 + fi fi } +# Convert CIDR to netmask +convert_cidr() { + set -- $(( 5 - ($1 / 8) )) 255 255 255 255 \ + $(((255 << (8 - ($1 % 8))) & 255 )) 0 0 0 + if [[ $1 -gt 1 ]]; then + shift $1 + else + shift + fi + echo ${1-0}.${2-0}.${3-0}.${4-0} +} + +# Convert netmask to CIDR +convert_netmask() { + nbits=0 + IFS=. + for dec in $1 ; do + case $dec in + 255) let nbits+=8;; + 254) let nbits+=7;; + 252) let nbits+=6;; + 248) let nbits+=5;; + 240) let nbits+=4;; + 224) let nbits+=3;; + 192) let nbits+=2;; + 128) let nbits+=1;; + 0);; + esac + done + echo "$nbits" +} + +# Calculate broadcast address +get_broadcast() { + OLD_IFS=$IFS + IFS=. + typeset -a I=($1) + typeset -a N=($2) + IFS=$OLD_IFS + + echo "$((${I[0]} |\ + (255 ^ ${N[0]}))).$((${I[1]} |\ + (255 ^ ${N[1]}))).$((${I[2]} |\ + (255 ^ ${N[2]}))).$((${I[3]} |\ + (255 ^ ${N[3]})))" +} + +# Get user ips +get_user_ips() { + dedicated=$(grep -H "OWNER='$user'" $VESTA/data/ips/*) + dedicated=$(echo "$dedicated" |cut -f 1 -d : |sed 's=.*/==') + shared=$(grep -H -A1 "OWNER='admin'" $VESTA/data/ips/* |grep shared) + shared=$(echo "$shared" |cut -f 1 -d : |sed 's=.*/==' |cut -f 1 -d \-) + for dedicated_ip in $dedicated; do + shared=$(echo "$shared" |grep -v $dedicated_ip) + done + echo -e "$dedicated\n$shared" |sed "/^$/d" +} + # Get user ip -get_user_ip(){ - ip=$(grep -H "OWNER='$1'" $VESTA/data/ips/* 2>/dev/null | head -n1) - ip=$(echo "$ip" | cut -f 7 -d / | cut -f 1 -d :) - +get_user_ip() { + ip=$(get_user_ips |head -n1) if [ -z "$ip" ]; then - admin_ips=$(grep -H "OWNER='admin'" $VESTA/data/ips/* 2>/dev/null) - admin_ips=$(echo "$admin_ips" | cut -f 7 -d / | cut -f 1 -d :) - for admin_ip in $admin_ips; do - if [ -z "$ip" ]; then - shared=$(grep "STATUS='shared'" $VESTA/data/ips/$admin_ip) - if [ ! -z "$shared" ]; then - ip=$admin_ip - fi - fi - done + check_result $E_NOTEXIST "no IP is available" + fi + local_ip=$ip + nat=$(grep "^NAT" $VESTA/data/ips/$ip |cut -f 2 -d \') + if [ ! -z "$nat" ]; then + ip=$nat + fi +} + +# Validate ip address +is_ip_valid() { + local_ip="$1" + if [ ! -e "$VESTA/data/ips/$1" ]; then + nat=$(grep -H "^NAT='$1'" $VESTA/data/ips/*) + if [ -z "$nat" ]; then + check_result $E_NOTEXIST "IP $1 doesn't exist" + else + nat=$(echo "$nat" |cut -f1 -d: |cut -f7 -d/) + local_ip=$nat + fi + fi + if [ ! -z $2 ]; then + if [ -z "$nat" ]; then + ip_data=$(cat $VESTA/data/ips/$1) + else + ip_data=$(cat $VESTA/data/ips/$nat) + fi + ip_owner=$(echo "$ip_data" |grep OWNER= |cut -f2 -d \') + ip_status=$(echo "$ip_data" |grep STATUS= |cut -f2 -d \') + if [ "$ip_owner" != "$user" ] && [ "$ip_status" = 'dedicated' ]; then + check_result $E_FORBIDEN "$user user can't use IP $1" + fi + get_user_owner + if [ "$ip_owner" != "$user" ] && [ "$ip_owner" != "$owner" ]; then + check_result $E_FORBIDEN "$user user can't use IP $1" + fi fi - echo "$ip" } diff --git a/func/main.sh b/func/main.sh index 16f5be6d0..6f848a220 100644 --- a/func/main.sh +++ b/func/main.sh @@ -1,31 +1,17 @@ +#!/usr/bin/env bash # Internal variables -DATE=$(date +%F) -TIME=$(date +%T) -SCRIPT=$(basename $0) -A1=$1 -A2=$2 -A3=$3 -A4=$4 -A5=$5 -A6=$6 -A7=$7 -A8=$8 -A9=$9 -EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" HOMEDIR='/home' BACKUP='/backup' -BACKUP_GZIP=5 +BACKUP_GZIP=9 BACKUP_DISK_LIMIT=95 BACKUP_LA_LIMIT=5 RRD_STEP=300 -RRD_IFACE_EXCLUDE=lo -PW_MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' -PW_LENGHT='10' BIN=$VESTA/bin USER_DATA=$VESTA/data/users/$user WEBTPL=$VESTA/data/templates/web DNSTPL=$VESTA/data/templates/dns RRD=$VESTA/web/rrd +SENDMAIL="$VESTA/web/inc/mail-wrapper.php" # Return codes OK=0 @@ -49,13 +35,28 @@ E_DB=17 E_RRD=18 E_UPDATE=19 E_RESTART=20 +E_TEAPOT=418 + +# Event string for logger +for ((I=1; I <= $# ; I++)); do + if [[ "$HIDE" != $I ]]; then + ARGUMENTS="$ARGUMENTS '$(eval echo \$${I})'" + else + ARGUMENTS="$ARGUMENTS '******'" + fi +done # Log event function log_event() { - if [ "$1" -eq 0 ]; then - echo "$2" >> $VESTA/log/system.log + if [ -z "$time" ]; then + LOG_TIME="$(date +'%F %T') $(basename $0)" else - echo "$2 [Error $1]" >> $VESTA/log/error.log + LOG_TIME="$date $time $(basename $0)" + fi + if [ "$1" -eq 0 ]; then + echo "$LOG_TIME $2" >> $VESTA/log/system.log + else + echo "$LOG_TIME $2 [Error $1]" >> $VESTA/log/error.log fi } @@ -65,101 +66,115 @@ log_history() { undo=${2-no} log_user=${3-$user} log=$VESTA/data/users/$log_user/history.log - touch $log if [ '99' -lt "$(wc -l $log |cut -f 1 -d ' ')" ]; then tail -n 49 $log > $log.moved mv -f $log.moved $log chmod 660 $log fi - + if [ -z "$date" ]; then + time_n_date=$(date +'%T %F') + time=$(echo "$time_n_date" |cut -f 1 -d \ ) + date=$(echo "$time_n_date" |cut -f 2 -d \ ) + fi curr_str=$(grep "ID=" $log | cut -f 2 -d \' | sort -n | tail -n1) id="$((curr_str +1))" - echo "ID='$id' DATE='$DATE' TIME='$TIME' CMD='$cmd' UNDO='$undo'" >> $log + echo "ID='$id' DATE='$date' TIME='$time' CMD='$cmd' UNDO='$undo'" >> $log +} + +# Result checker +check_result() { + if [ $1 -ne 0 ]; then + echo "Error: $2" + if [ ! -z "$3" ]; then + log_event "$3" "$ARGUMENTS" + exit $3 + else + log_event "$1" "$ARGUMENTS" + exit $1 + fi + fi } # Argument list checker check_args() { if [ "$1" -gt "$2" ]; then - echo "Error: not enought arguments" - echo "Usage: $SCRIPT $3" - log_event "$E_ARGS" "$EVENT" - exit $E_ARGS + echo "Usage: $(basename $0) $3" + check_result $E_ARGS "not enought arguments" >/dev/null fi } # Subsystem checker is_system_enabled() { if [ -z "$1" ] || [ "$1" = no ]; then - echo "Error: $2 is not enabled in the $VESTA/conf/vesta.conf" - log_event "$E_DISABLED" "$EVENT" - exit $E_DISABLED + check_result $E_DISABLED "$2 is not enabled" fi } + # User package check is_package_full() { case "$1" in - WEB_DOMAINS) used=$(wc -l $USER_DATA/web.conf|cut -f1 -d \ );; - WEB_ALIASES) used=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |\ - awk -F "ALIAS='" '{print $2}' | cut -f 1 -d \' | tr ',' '\n' |\ - wc -l );; - DNS_DOMAINS) used=$(wc -l $USER_DATA/dns.conf |cut -f1 -d \ );; - DNS_RECORDS) used=$(wc -l $USER_DATA/dns/$domain.conf |cut -f1 -d \ );; - MAIL_DOMAINS) used=$(wc -l $USER_DATA/mail.conf |cut -f1 -d \ );; - MAIL_ACCOUNTS) used=$(wc -l $USER_DATA/mail/$domain.conf |\ - cut -f1 -d \ );; - DATABASES) used=$(wc -l $USER_DATA/db.conf |cut -f1 -d \ );; - CRON_JOBS) used=$(wc -l $USER_DATA/cron.conf |cut -f1 -d \ );; + WEB_DOMAINS) used=$(wc -l $USER_DATA/web.conf);; + WEB_ALIASES) used=$(echo $aliases |tr ',' '\n' |wc -l);; + DNS_DOMAINS) used=$(wc -l $USER_DATA/dns.conf);; + DNS_RECORDS) used=$(wc -l $USER_DATA/dns/$domain.conf);; + MAIL_DOMAINS) used=$(wc -l $USER_DATA/mail.conf);; + MAIL_ACCOUNTS) used=$(wc -l $USER_DATA/mail/$domain.conf);; + DATABASES) used=$(wc -l $USER_DATA/db.conf);; + CRON_JOBS) used=$(wc -l $USER_DATA/cron.conf);; esac - limit=$(grep "^$1=" $USER_DATA/user.conf | cut -f 2 -d \' ) - if [ "$used" -ge "$limit" ]; then - echo "Error: Limit reached / Upgrade package" - log_event "$E_LIMIT" "$EVENT" - exit $E_LIMIT + used=$(echo "$used"| cut -f 1 -d \ ) + limit=$(grep "^$1=" $USER_DATA/user.conf |cut -f 2 -d \') + if [ "$limit" != 'unlimited' ] && [[ "$used" -ge "$limit" ]]; then + check_result $E_LIMIT "$1 limit is reached :: upgrade user package" + fi +} + +# User owner for reseller plugin +get_user_owner() { + if [ -z "$RESELLER_KEY" ]; then + owner='admin' + else + owner=$(grep "^OWNER" $USER_DATA/user.conf| cut -f 2 -d \') + if [ -z "$owner" ]; then + owner='admin' + fi fi } # Random password generator -gen_password() { - pw_matrix=${1-$PW_MATRIX} - pw_lenght=${2-$PW_LENGHT} - while [ ${n:=1} -le $pw_lenght ]; do - pass="$pass${pw_matrix:$(($RANDOM%${#pw_matrix})):1}" - let n+=1 +generate_password() { + matrix=$1 + lenght=$2 + if [ -z "$matrix" ]; then + matrix=0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz + fi + if [ -z "$lenght" ]; then + lenght=10 + fi + i=1 + while [ $i -le $lenght ]; do + pass="$pass${matrix:$(($RANDOM%${#matrix})):1}" + ((i++)) done echo "$pass" } -# Package existance check +# Package existence check is_package_valid() { if [ -z "$1" ]; then pkg_dir="$VESTA/data/packages" fi if [ ! -e "$pkg_dir/$package.pkg" ]; then - echo "Error: package $package doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + check_result $E_NOTEXIST "package $package doesn't exist" fi } # Validate system type is_type_valid() { if [ -z "$(echo $1 | grep -w $2)" ]; then - echo "Error: $2 is unknown type" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Check if backup is available for user -is_backup_available() { - b_owner=$(echo $user |\ - sed -e "s/\.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar//") - if [ "$user" != "$b_owner" ]; then - echo "Error: User $user don't have permission to use $backup" - log_event "$E_FORBIDEN" "$EVENT" - exit $E_FORBIDEN + check_result $E_INVALID "$2 type is invalid" fi } @@ -167,9 +182,7 @@ is_backup_available() { is_backup_enabled() { BACKUPS=$(grep "^BACKUPS=" $USER_DATA/user.conf | cut -f2 -d \') if [ -z "$BACKUPS" ] || [[ "$BACKUPS" -le '0' ]]; then - echo "Error: user backup disabled" - log_event "$E_DISABLED" "$EVENT" - exit $E_DISABLED + check_result $E_DISABLED "user backup is disabled" fi } @@ -178,9 +191,7 @@ is_backup_scheduled() { if [ -e "$VESTA/data/queue/backup.pipe" ]; then check_q=$(grep " $user " $VESTA/data/queue/backup.pipe | grep $1) if [ ! -z "$check_q" ]; then - echo "Error: $1 is already scheduled" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + check_result $E_EXISTS "$1 is already scheduled" fi fi } @@ -195,30 +206,25 @@ is_object_new() { object=$(grep "$2='$3'" $USER_DATA/$1.conf) fi if [ ! -z "$object" ]; then - echo "Error: $2 with value $3 exists" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + check_result $E_EXISTS "$2=$3 is already exists" fi } -# Check if object exists and can be used +# Check if object is valid is_object_valid() { if [ $2 = 'USER' ]; then - if [ -d "$VESTA/data/users/$user" ]; then - sobject="OK" + user_vst_dir=$(basename $3) + if [ ! -d "$VESTA/data/users/$user_vst_dir" ]; then + check_result $E_NOTEXIST "$1 $3 doesn't exist" fi else - if [ $2 = 'DBHOST' ]; then - sobject=$(grep "HOST='$host'" $VESTA/conf/$type.conf) - else - sobject=$(grep "$2='$3'" $VESTA/data/users/$user/$1.conf) + object=$(grep "$2='$3'" $VESTA/data/users/$user/$1.conf) + if [ -z "$object" ]; then + arg1=$(basename $1) + arg2=$(echo $2 |tr '[:upper:]' '[:lower:]') + check_result $E_NOTEXIST "$arg1 $arg2 $3 doesn't exist" fi fi - if [ -z "$sobject" ]; then - echo "Error: $2 $3 doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi } # Check if object is supended @@ -229,23 +235,19 @@ is_object_suspended() { spnd=$(grep "$2='$3'" $USER_DATA/$1.conf|grep "SUSPENDED='yes'") fi if [ -z "$spnd" ]; then - echo "Error: $(basename $1) $3 is not suspended" - log_event "$E_SUSPENDED" "$EVENT" - exit $E_SUSPENDED + check_result $E_UNSUSPENDED "$(basename $1) $3 is not suspended" fi } # Check if object is unsupended is_object_unsuspended() { if [ $2 = 'USER' ]; then - spnd=$(cat $USER_DATA/$1.conf|grep "SUSPENDED='yes'") + spnd=$(cat $USER_DATA/$1.conf |grep "SUSPENDED='yes'") else - spnd=$(grep "$2='$3'" $USER_DATA/$1.conf|grep "SUSPENDED='yes'") + spnd=$(grep "$2='$3'" $USER_DATA/$1.conf |grep "SUSPENDED='yes'") fi if [ ! -z "$spnd" ]; then - echo "Error: $(basename $1) $3 is already suspended" - log_event "$E_UNSUSPENDED" "$EVENT" - exit $E_UNSUSPENDED + check_result $E_SUSPENDED "$(basename $1) $3 is suspended" fi } @@ -255,9 +257,7 @@ is_object_value_empty() { eval $str eval value=$4 if [ ! -z "$value" ] && [ "$value" != 'no' ]; then - echo "Error: ${4//$}=$value (not empty)" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + check_result $E_EXISTS "${4//$}=$value is already exists" fi } @@ -267,9 +267,46 @@ is_object_value_exist() { eval $str eval value=$4 if [ -z "$value" ] || [ "$value" = 'no' ]; then - echo "Error: ${4//$}=$value (doesn't exist)" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST + check_result $E_NOTEXIST "${4//$}=$value doesn't exist" + fi +} + +# Check if password is transmitted via file +is_password_valid() { + if [[ "$password" =~ ^/tmp/ ]]; then + if [ -f "$password" ]; then + password="$(head -n1 $password)" + fi + fi +} + +# Check if hash is transmitted via file +is_hash_valid() { + if [[ "$hash" =~ ^/tmp/ ]]; then + if [ -f "$hash" ]; then + hash="$(head -n1 $hash)" + fi + fi +} + +# Check if directory is a symlink +is_dir_symlink() { + if [[ -L "$1" ]]; then + check_result $E_FORBIDEN "$1 directory is a symlink" + fi +} + +# Check if file exists +if_file_exists() { + if [[ -f "$1" ]]; then + check_result $E_FORBIDEN "$1 file exists" + fi +} + +# Check if directory exists +if_dir_exists() { + if [[ -d "$1" ]]; then + check_result $E_FORBIDEN "$1 directory exists" fi } @@ -282,7 +319,7 @@ get_object_value() { # Update object value update_object_value() { - row=$(grep -n "$2='$3'" $USER_DATA/$1.conf) + row=$(grep -nF "$2='$3'" $USER_DATA/$1.conf) lnr=$(echo $row | cut -f 1 -d ':') object=$(echo $row | sed "s/^$lnr://") eval "$object" @@ -317,7 +354,7 @@ search_objects() { # Get user value get_user_value() { - grep "^${1//$/}=" $USER_DATA/user.conf| cut -f 2 -d \' + grep "^${1//$/}=" $USER_DATA/user.conf |awk -F "'" '{print $2}' } # Update user value in user.conf @@ -357,63 +394,44 @@ decrease_user_value() { else new=$((old - factor)) fi + if [ "$new" -lt 0 ]; then + new=0 + fi sed -i "s/$key='$old'/$key='$new'/g" $conf } -# Json listing function -json_list() { - echo '{' - fileds_count=$(echo $fields| wc -w ) - #for line in $(cat $conf); do - while read line; do - eval $line - if [ -n "$data_output" ]; then - echo -e ' },' +# Notify user +send_notice() { + topic=$1 + notice=$2 + + if [ "$notify" = 'yes' ]; then + touch $USER_DATA/notifications.conf + chmod 660 $USER_DATA/notifications.conf + + time_n_date=$(date +'%T %F') + time=$(echo "$time_n_date" |cut -f 1 -d \ ) + date=$(echo "$time_n_date" |cut -f 2 -d \ ) + + nid=$(grep "NID=" $USER_DATA/notifications.conf |cut -f 2 -d \') + nid=$(echo "$nid" |sort -n |tail -n1) + if [ ! -z "$nid" ]; then + nid="$((nid +1))" + else + nid=1 fi - i=1 - for field in $fields; do - eval value=$field - if [ $i -eq 1 ]; then - (( ++i)) - echo -e "\t\"$value\": {" - else - if [ $i -lt $fileds_count ]; then - (( ++i)) - echo -e "\t\t\"${field//$/}\": \"$value\"," - else - echo -e "\t\t\"${field//$/}\": \"$value\"" - data_output=yes - fi - fi - done - done < $conf - if [ "$data_output" = 'yes' ]; then - echo -e ' }' - fi - echo -e '}' -} + str="NID='$nid' TOPIC='$topic' NOTICE='$notice' TYPE='$type'" + str="$str ACK='no' TIME='$time' DATE='$date'" -# Shell listing function -shell_list() { - if [ -z "$nohead" ] ; then - echo "${fields//$/}" - for a in $fields; do - echo -e "------ \c" - done - echo + echo "$str" >> $USER_DATA/notifications.conf + + if [ -z "$(grep NOTIFICATIONS $USER_DATA/user.conf)" ]; then + sed -i "s/^TIME/NOTIFICATIONS='yes'\nTIME/g" $USER_DATA/user.conf + else + update_user_value "$user" '$NOTIFICATIONS' "yes" + fi fi - while read line ; do - eval $line - for field in $fields; do - eval value=$field - if [ -z "$value" ]; then - value='NULL' - fi - echo -n "$value " - done - echo - done < $conf } # Recalculate U_DISK value @@ -454,7 +472,7 @@ recalc_user_disk_usage() { sed -i "s/U_DISK_DB='$d'/U_DISK_DB='$usage'/g" $USER_DATA/user.conf u_usage=$((u_usage + usage)) fi - usage=$(grep 'U_DIR_DISK=' $USER_DATA/user.conf | cut -f 2 -d "'") + usage=$(grep 'U_DISK_DIRS=' $USER_DATA/user.conf | cut -f 2 -d "'") u_usage=$((u_usage + usage)) old=$(grep "U_DISK='" $USER_DATA/user.conf | cut -f 2 -d \') sed -i "s/U_DISK='$old'/U_DISK='$u_usage'/g" $USER_DATA/user.conf @@ -490,230 +508,259 @@ sort_cron_jobs() { # Sync cronjobs with system cron sync_cron_jobs() { source $USER_DATA/user.conf - if [ -e "/var/spool/cron/crontabs" ]; then - sys_cron="/var/spool/cron/crontabs/$user" + crontab="/var/spool/cron/crontabs/$user" else - sys_cron="/var/spool/cron/$user" + crontab="/var/spool/cron/$user" fi - rm -f $sys_cron + rm -f $crontab if [ "$CRON_REPORTS" = 'yes' ]; then - echo "MAILTO=$CONTACT" > $sys_cron + echo "MAILTO=$CONTACT" > $crontab + echo 'CONTENT_TYPE="text/plain; charset=utf-8"' >> $crontab fi while read line; do eval $line if [ "$SUSPENDED" = 'no' ]; then echo "$MIN $HOUR $DAY $MONTH $WDAY $CMD" |\ sed -e "s/%quote%/'/g" -e "s/%dots%/:/g" \ - >> $sys_cron + >> $crontab fi done < $USER_DATA/cron.conf - - # Set proper permissions - chown $user:$user $sys_cron - chmod 600 $sys_cron + chown $user:$user $crontab + chmod 600 $crontab } - -### Format Validators ### -# Shell -validate_format_shell() { - if [ -z "$(grep -w $1 /etc/shells)" ]; then - echo "Error: shell $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Password -validate_format_password() { - if [ "${#1}" -lt '6' ]; then - echo "Error: password is too short" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Integer -validate_format_int() { - if ! [[ "$1" =~ ^[0-9]+$ ]] ; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Boolean -validate_format_boolean() { - if [ "$1" != 'yes' ] && [ "$1" != 'no' ]; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Network interface -validate_format_interface() { - netdevices=$(cat /proc/net/dev | grep : | cut -f 1 -d : | tr -d ' ') - if [ -z $(echo "$netdevices"| grep -x $1) ]; then - echo "Error: intreface $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# IP address -validate_format_ip() { - t_ip=$(echo $1 |awk -F / '{print $1}') - t_cidr=$(echo $1 |awk -F / '{print $2}') - valid_octets=0 - valid_cidr=1 - for octet in ${t_ip//./ }; do - if [[ $octet =~ ^[0-9]{1,3}$ ]] && [[ $octet -le 255 ]]; then - ((++valid_octets)) - fi - done - - if [ ! -z "$(echo $1|grep '/')" ]; then - if [[ "$t_cidr" -lt 0 ]] || [[ "$t_cidr" -gt 32 ]]; then - valid_cidr=0 - fi - if ! [[ "$t_cidr" =~ ^[0-9]+$ ]]; then - valid_cidr=0 - fi - fi - if [ "$valid_octets" -lt 4 ] || [ "$valid_cidr" -eq 0 ]; then - echo "Error: ip $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# IP address status -validate_format_ip_status() { - if [ -z "$(echo shared,dedicated | grep -w $1 )" ]; then - echo "Error: ip_status $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Email address -validate_format_email() { - local_part=$(echo $1 | cut -s -f1 -d\@) - remote_host=$(echo $1 | cut -s -f2 -d\@) - mx_failed=1 - if [ ! -z "$remote_host" ] && [ ! -z "$local_part" ]; then - /usr/bin/host -t mx "$remote_host" &> /dev/null - mx_failed="$?" - fi - if [ "$mx_failed" -eq 1 ]; then - echo "Error: email $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Name -validate_format_name() { - if ! [[ "$1" =~ ^[[:alnum:]][-|\.|_[:alnum:]]{0,28}[[:alnum:]]$ ]]; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Name with space -validate_format_name_s() { - if ! [[ "$1" =~ ^[[:alnum:]][-|\ |\.|_[:alnum:]]{0,28}[[:alnum:]]$ ]]; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Username -validate_format_username() { - if [ "${#1}" -eq 1 ]; then - if ! [[ "$1" =~ [a-z] ]]; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit 1 +# User format validator +is_user_format_valid() { + if [ ${#1} -eq 1 ]; then + if ! [[ "$1" =~ ^^[[:alnum:]]$ ]]; then + check_result $E_INVALID "invalid $2 format :: $1" fi else - if ! [[ "$1" =~ ^[a-zA-Z0-9][-|\.|_|a-zA-Z0-9]{0,28}[a-zA-Z0-9]$ ]] - then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit 1 + if ! [[ "$1" =~ ^[[:alnum:]][-|\.|_[:alnum:]]{0,28}[[:alnum:]]$ ]] + then + check_result $E_INVALID "invalid $2 format :: $1" fi fi } -# Domain -validate_format_domain() { +# Domain format validator +is_domain_format_valid() { + object_name=${2-domain} exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|_|/|\|\"|'|;|%|\`| ]" - if [[ "$1" =~ $exclude ]] || [[ "$1" =~ "^[0-9]+$" ]]; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID + if [[ $1 =~ $exclude ]] || [[ $1 =~ ^[0-9]+$ ]] || [[ $1 =~ "\.\." ]] || [[ $1 =~ "$(printf '\t')" ]]; then + check_result $E_INVALID "invalid $object_name format :: $1" fi } -# Domain alias -validate_format_domain_alias() { - exclude="[!|@|#|$|^|&|(|)|+|=|{|}|:|,|<|>|?|_|/|\|\"|'|;|%|\`| ]" - if [[ "$1" =~ $exclude ]] || [[ "$1" =~ "^[0-9]+$" ]]; then - echo "Error: domain alias $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID +# Alias forman validator +is_alias_format_valid() { + for object in ${1//,/ }; do + exclude="[!|@|#|$|^|&|(|)|+|=|{|}|:|<|>|?|_|/|\|\"|'|;|%|\`| ]" + if [[ "$object" =~ $exclude ]]; then + check_result $E_INVALID "invalid alias format :: $object" + fi + if [[ "$object" =~ [*] ]] && ! [[ "$object" =~ ^[*]\..* ]]; then + check_result $E_INVALID "invalid alias format :: $object" + fi + done +} + +# IP format validator +is_ip_format_valid() { + object_name=${2-ip} + ip_regex='([1-9]?[0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])' + ip_clean=$(echo "${1%/*}") + if ! [[ $ip_clean =~ ^$ip_regex\.$ip_regex\.$ip_regex\.$ip_regex$ ]]; then + check_result $E_INVALID "invalid $object_name format :: $1" + fi + if [ $1 != "$ip_clean" ]; then + ip_cidr="$ip_clean/" + ip_cidr=$(echo "${1#$ip_cidr}") + if [[ "$ip_cidr" -gt 32 ]] || [[ "$ip_cidr" =~ [:alnum:] ]]; then + check_result $E_INVALID "invalid $object_name format :: $1" + fi fi } -# Database -validate_format_database() { +# Proxy extention format validator +is_extention_format_valid() { + exclude="[!|#|$|^|&|(|)|+|=|{|}|:|@|<|>|?|/|\|\"|'|;|%|\`| ]" + if [[ "$1" =~ $exclude ]]; then + check_result $E_INVALID "invalid proxy extention format :: $1" + fi +} + +# Number format validator +is_number_format_valid() { + object_name=${2-number} + if ! [[ "$1" =~ ^[0-9]+$ ]] ; then + check_result $E_INVALID "invalid $object_name format :: $1" + fi +} + +# Autoreply format validator +is_autoreply_format_valid() { + if [[ "$1" =~ [$|\`] ]] || [ 10240 -le ${#1} ]; then + check_result $E_INVALID "invalid autoreply format :: $1" + fi +} + +# Boolean format validator +is_boolean_format_valid() { + if [ "$1" != 'yes' ] && [ "$1" != 'no' ]; then + check_result $E_INVALID "invalid $2 format :: $1" + fi +} + +# Common format validator +is_common_format_valid() { + exclude="[!|#|$|^|&|(|)|+|=|{|}|:|<|>|?|/|\|\"|'|;|%|\`| ]" + if [[ "$1" =~ $exclude ]]; then + check_result $E_INVALID "invalid $2 format :: $1" + fi + if [ 400 -le ${#1} ]; then + check_result $E_INVALID "invalid $2 format :: $1" + fi + if [[ "$1" =~ @ ]] && [ ${#1} -gt 1 ] ; then + check_result $E_INVALID "invalid $2 format :: $1" + fi + if [[ $1 =~ \* ]]; then + if [[ "$(echo $1 | grep -o '\*\.' |wc -l)" -eq 0 ]] && [[ $1 != '*' ]] ; then + check_result $E_INVALID "invalid $2 format :: $1" + fi + fi + if [[ $(echo -n "$1" | tail -c 1) =~ [^a-zA-Z0-9_*@] ]]; then + check_result $E_INVALID "invalid $2 format :: $1" + fi + if [[ $(echo -n "$1" | grep -c '\.\.') -gt 0 ]];then + check_result $E_INVALID "invalid $2 format :: $1" + fi + if [[ $(echo -n "$1" | head -c 1) =~ [^a-zA-Z0-9_*@] ]]; then + check_result $E_INVALID "invalid $2 format :: $1" + fi + if [[ $(echo -n "$1" | grep -c '\-\-') -gt 0 ]]; then + check_result $E_INVALID "invalid $2 format :: $1" + fi + if [[ $(echo -n "$1" | grep -c '\_\_') -gt 0 ]]; then + check_result $E_INVALID "invalid $2 format :: $1" + fi +} + +# Database format validator +is_database_format_valid() { exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]" if [[ "$1" =~ $exclude ]] || [ 65 -le ${#1} ]; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID + check_result $E_INVALID "invalid $2 format :: $1" fi } -# Database user -validate_format_dbuser() { +# Date format validator +is_date_format_valid() { + if ! [[ "$1" =~ ^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$ ]]; then + check_result $E_INVALID "invalid date format :: $1" + fi +} + +# Database user validator +is_dbuser_format_valid() { exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]" - if [[ "$1" =~ $exclude ]] || [ 17 -le ${#1} ]; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID + if [ 17 -le ${#1} ]; then + check_result $E_INVALID "mysql username can be up to 16 characters long" + fi + if [[ "$1" =~ $exclude ]]; then + check_result $E_INVALID "invalid $2 format :: $1" fi } -# DNS type -validate_format_dns_type() { - known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF' - if [ -z "$(echo $known_dnstype | grep -w $1)" ]; then - echo "Error: dnstype $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID +# DNS record type validator +is_dns_type_format_valid() { + known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF,TLSA,CAA' + if [ -z "$(echo $known_dnstype |grep -w $1)" ]; then + check_result $E_INVALID "invalid dns record type format :: $1" fi } -# DKIM key size -validate_format_key_size() { - known_size='128,256,512,768,1024,2048' - if [ -z "$(echo $known_size | grep -w $1)" ]; then - echo "Error: key_size $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID +# DNS record validator +is_dns_record_format_valid() { + if [ "$rtype" = 'A' ]; then + is_ip_format_valid "$1" + fi + if [ "$rtype" = 'NS' ]; then + is_domain_format_valid "${1::-1}" 'ns_record' + fi + if [ "$rtype" = 'MX' ]; then + is_domain_format_valid "${1::-1}" 'mx_record' + is_int_format_valid "$priority" 'priority_record' + fi + +} + +# Email format validator +is_email_format_valid() { + if [[ ! "$1" =~ ^[A-Za-z0-9._%+-]+@[[:alnum:].-]+\.[A-Za-z]{2,63}$ ]] ; then + check_result $E_INVALID "invalid email format :: $1" fi } -# Minute / Hour / Day / Month / Day of Week -validate_format_mhdmw() { - limit=60 +# Firewall action validator +is_fw_action_format_valid() { + if [ "$1" != "ACCEPT" ] && [ "$1" != 'DROP' ] ; then + check_result $E_INVALID "invalid action format :: $1" + fi +} + +# Firewall protocol validator +is_fw_protocol_format_valid() { + if [ "$1" != "ICMP" ] && [ "$1" != 'UDP' ] && [ "$1" != 'TCP' ] ; then + check_result $E_INVALID "invalid protocol format :: $1" + fi +} + +# Firewall port validator +is_fw_port_format_valid() { + if [ "${#1}" -eq 1 ]; then + if ! [[ "$1" =~ [0-9] ]]; then + check_result $E_INVALID "invalid port format :: $1" + fi + else + if ! [[ "$1" =~ ^[0-9][-|,|:|0-9]{0,30}[0-9]$ ]] + then + check_result $E_INVALID "invalid port format :: $1" + fi + fi +} + +# Integer validator +is_int_format_valid() { + if ! [[ "$1" =~ ^[0-9]+$ ]] ; then + check_result $E_INVALID "invalid $2 format :: $1" + fi +} + +# Interface validator +is_interface_format_valid() { + netdevices=$(cat /proc/net/dev |grep : |cut -f 1 -d : |tr -d ' ') + if [ -z $(echo "$netdevices" |grep -x $1) ]; then + check_result $E_INVALID "invalid interface format :: $1" + fi +} + +# IP status validator +is_ip_status_format_valid() { + if [ -z "$(echo shared,dedicated | grep -w $1 )" ]; then + check_result $E_INVALID "invalid status format :: $1" + fi +} + +# Cron validator +is_cron_format_valid() { + limit=59 check_format='' + if [ "$2" = 'hour' ]; then + limit=23 + fi + if [ "$2" = 'day' ]; then limit=31 fi @@ -731,208 +778,275 @@ validate_format_mhdmw() { check_format='ok' fi fi - if [[ "$1" =~ ^[0-9][-|,|0-9]{0,28}[0-9]$ ]]; then + if [[ "$1" =~ ^[0-9][-|,|0-9]{0,70}[\/][0-9]$ ]]; then check_format='ok' crn_values=${1//,/ } crn_values=${crn_values//-/ } + crn_values=${crn_values//\// } for crn_vl in $crn_values; do if [ "$crn_vl" -gt $limit ]; then check_format='invalid' fi done fi - if [[ "$1" =~ ^[0-9]+$ ]] && [ "$1" -lt $limit ]; then - check_format='ok' - fi + crn_values=$(echo $1 |tr "," " " | tr "-" " ") + for crn_vl in $crn_values + do + if [[ "$crn_vl" =~ ^[0-9]+$ ]] && [ "$crn_vl" -le $limit ]; then + check_format='ok' + fi + done if [ "$check_format" != 'ok' ]; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID + check_result $E_INVALID "invalid $2 format :: $1" fi } -# proxy extention or DNS record -validate_format_common() { - exclude="[!|#|$|^|&|(|)|+|=|{|}|:|<|>|?|/|\|\"|'|;|%|\`| ]" +# Name validator +is_name_format_valid() { + if ! [[ "$1" =~ ^[[:alnum:]][-|\ |\.|_[:alnum:]]{0,28}[[:alnum:]]$ ]]; then + check_result $E_INVALID "invalid $2 format :: $1" + fi +} + +# Object validator +is_object_format_valid() { + if ! [[ "$1" =~ ^[[:alnum:]][-|\.|_[:alnum:]]{0,64}[[:alnum:]]$ ]]; then + check_result $E_INVALID "invalid $2 format :: $1" + fi +} + +# Password validator +is_password_format_valid() { + if [ "${#1}" -lt '6' ]; then + check_result $E_INVALID "invalid password format :: $1" + fi +} +# Missing function - +# Before: validate_format_shell +# After: is_format_valid_shell +is_format_valid_shell() { + if [ -z "$(grep -w $1 /etc/shells)" ]; then + echo "Error: shell $1 is not valid" + log_event "$E_INVALID" "$EVENT" + exit $E_INVALID + fi +} + +format_no_quotes() { + exclude="['|\"]" if [[ "$1" =~ $exclude ]]; then - echo "Error: $2 $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID + check_result "$E_INVALID" "Invalid $2 contains qoutes (\" or ') :: $1" fi - if [ 400 -le ${#1} ]; then - echo "Error: $2 $1 is too long" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi - if [[ "$1" =~ @ ]] && [ ${#1} -gt 1 ] ; then - echo "Error: @ can not be mixed" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi - if [[ $1 =~ \* ]]; then - if [[ ! $1 =~ \*$ ]]; then - echo "Error: * can be used only at the end" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi - if [ "$(echo $1 | grep -o '*'|wc -l)" -gt 1 ]; then - log_event "$E_INVALID" "$EVENT" - echo "Error: * can be used only once" - fi + is_no_new_line_format "$1" +} + +is_no_new_line_format() { + test=$(echo "$1" | head -n1 ); + if [[ "$test" != "$1" ]]; then + check_result "$E_INVALID" "invalid value :: $1" fi } -# DNS record value -validate_format_dvalue() { - record_types="$(echo A,AAAA,NS,CNAME | grep -w "$rtype")" - if [[ "$1" =~ [\ ] ]] && [ ! -z "$record_types" ]; then - echo "Error: dvalue $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi - if [ "$rtype" = 'A' ]; then - validate_format_ip "$1" - fi - if [ "$rtype" = 'NS' ]; then - validate_format_domain "$1" 'ns_record' - fi - if [ "$rtype" = 'MX' ]; then - validate_format_domain "$1" 'mx_record' - validate_format_int "$priority" 'priority_record' - fi - -} - -# Date -validate_format_date() { - if ! [[ "$1" =~ ^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$ ]]; then - echo "Error: date $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Autoreply -validate_format_autoreply() { - exclude="[$|\`]" - if [[ "$1" =~ $exclude ]] || [ 10240 -le ${#1} ]; then - echo "Error: autoreply is not valid" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Firewall action -validate_format_fw_action() { - if [ "$1" != "ACCEPT" ] && [ "$1" != 'DROP' ] ; then - echo "Error: $1 is not valid action" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Firewall protocol -validate_format_fw_protocol() { - if [ "$1" != "ICMP" ] && [ "$1" != 'UDP' ] && [ "$1" != 'TCP' ] ; then - echo "Error: $1 is not valid protocol" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID - fi -} - -# Firewall port -validate_format_fw_port() { - if [ "${#1}" -eq 1 ]; then - if ! [[ "$1" =~ [0-9] ]]; then - echo "Error: port $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit 1 - fi - else - if ! [[ "$1" =~ ^[0-9][-|,|:|0-9]{0,30}[0-9]$ ]] - then - echo "Error: port $1 is not valid" - log_event "$E_INVALID" "$EVENT" - exit 1 - fi - fi -} # Format validation controller -validate_format(){ +is_format_valid() { for arg_name in $*; do eval arg=\$$arg_name - if [ -z "$arg" ]; then - echo "Error: argument $arg_name is not valid (empty)" - log_event "$E_INVALID" "$EVENT" - exit $E_INVALID + if [ ! -z "$arg" ]; then + case $arg_name in + account) is_user_format_valid "$arg" "$arg_name";; + action) is_fw_action_format_valid "$arg";; + alias) is_alias_format_valid "$arg" ;; + aliases) is_alias_format_valid "$arg" ;; + antispam) is_boolean_format_valid "$arg" 'antispam' ;; + antivirus) is_boolean_format_valid "$arg" 'antivirus' ;; + autoreply) is_autoreply_format_valid "$arg" ;; + backup) is_object_format_valid "$arg" 'backup' ;; + charset) is_object_format_valid "$arg" "$arg_name" ;; + charsets) is_common_format_valid "$arg" 'charsets' ;; + comment) is_object_format_valid "$arg" 'comment' ;; + database) is_database_format_valid "$arg" 'database';; + day) is_cron_format_valid "$arg" $arg_name ;; + dbpass) is_password_format_valid "$arg" ;; + dbuser) is_dbuser_format_valid "$arg" 'dbuser';; + dkim) is_boolean_format_valid "$arg" 'dkim' ;; + dkim_size) is_int_format_valid "$arg" ;; + domain) is_domain_format_valid "$arg" ;; + dvalue) is_dns_record_format_valid "$arg";; + email) is_email_format_valid "$arg" ;; + exp) is_date_format_valid "$arg" ;; + extentions) is_common_format_valid "$arg" 'extentions' ;; + fname) is_name_format_valid "$arg" "first name" ;; + ftp_password) is_password_format_valid "$arg" ;; + ftp_user) is_user_format_valid "$arg" "$arg_name" ;; + host) is_object_format_valid "$arg" "$arg_name" ;; + hour) is_cron_format_valid "$arg" $arg_name ;; + id) is_int_format_valid "$arg" 'id' ;; + interface) is_interface_format_valid "$arg" ;; + ip) is_ip_format_valid "$arg" ;; + ip_name) is_domain_format_valid "$arg" 'IP name';; + ip_status) is_ip_status_format_valid "$arg" ;; + job) is_int_format_valid "$arg" 'job' ;; + key) is_user_format_valid "$arg" "$arg_name" ;; + lname) is_name_format_valid "$arg" "last name" ;; + malias) is_user_format_valid "$arg" "$arg_name" ;; + max_db) is_int_format_valid "$arg" 'max db';; + min) is_cron_format_valid "$arg" $arg_name ;; + month) is_cron_format_valid "$arg" $arg_name ;; + nat_ip) is_ip_format_valid "$arg" ;; + netmask) is_ip_format_valid "$arg" 'netmask' ;; + newid) is_int_format_valid "$arg" 'id' ;; + ns1) is_domain_format_valid "$arg" 'ns1' ;; + ns2) is_domain_format_valid "$arg" 'ns2' ;; + ns3) is_domain_format_valid "$arg" 'ns3' ;; + ns4) is_domain_format_valid "$arg" 'ns4' ;; + ns5) is_domain_format_valid "$arg" 'ns5' ;; + ns6) is_domain_format_valid "$arg" 'ns6' ;; + ns7) is_domain_format_valid "$arg" 'ns7' ;; + ns8) is_domain_format_valid "$arg" 'ns8' ;; + object) is_name_format_valid "$arg" 'object';; + package) is_object_format_valid "$arg" "$arg_name" ;; + password) is_password_format_valid "$arg" ;; + port) is_int_format_valid "$arg" 'port' ;; + port_ext) is_fw_port_format_valid "$arg";; + protocol) is_fw_protocol_format_valid "$arg" ;; + proxy_ext) is_extention_format_valid "$arg" ;; + quota) is_int_format_valid "$arg" 'quota' ;; + record) is_common_format_valid "$arg" 'record';; + restart) is_boolean_format_valid "$arg" 'restart' ;; + rtype) is_dns_type_format_valid "$arg" ;; + rule) is_int_format_valid "$arg" "rule id" ;; + soa) is_domain_format_valid "$arg" 'SOA' ;; + #missing command: is_format_valid_shell + shell) is_format_valid_shell "$arg" ;; + stats_pass) is_password_format_valid "$arg" ;; + stats_user) is_user_format_valid "$arg" "$arg_name" ;; + template) is_object_format_valid "$arg" "$arg_name" ;; + ttl) is_int_format_valid "$arg" 'ttl';; + user) is_user_format_valid "$arg" $arg_name;; + wday) is_cron_format_valid "$arg" $arg_name ;; + esac fi - - case $arg_name in - account) validate_format_username "$arg" "$arg_name" ;; - action) validate_format_fw_action "$arg";; - antispam) validate_format_boolean "$arg" 'antispam' ;; - antivirus) validate_format_boolean "$arg" 'antivirus' ;; - autoreply) validate_format_autoreply "$arg" ;; - backup) validate_format_domain "$arg" 'backup' ;; - charset) validate_format_name "$arg" "$arg_name" ;; - charsets) validate_format_common "$arg" 'charsets' ;; - comment) validate_format_name "$arg" 'comment' ;; - database) validate_format_database "$arg" 'database';; - day) validate_format_mhdmw "$arg" $arg_name ;; - dbpass) validate_format_password "$arg" ;; - dbuser) validate_format_dbuser "$arg" 'db_user';; - dkim) validate_format_boolean "$arg" 'dkim' ;; - dkim_size) validate_format_key_size "$arg" ;; - domain) validate_format_domain "$arg" 'domain';; - dom_alias) validate_format_domain_alias "$arg" 'alias';; - dvalue) validate_format_dvalue "$arg";; - email) validate_format_email "$arg" ;; - exp) validate_format_date "$arg" ;; - extentions) validate_format_common "$arg" 'extentions' ;; - fname) validate_format_name_s "$arg" "$arg_name" ;; - forward) validate_format_email "$arg" ;; - ftp_password) validate_format_password "$arg" ;; - ftp_user) validate_format_username "$arg" "$arg_name" ;; - host) validate_format_domain "$arg" "$arg_name" 'host';; - hour) validate_format_mhdmw "$arg" $arg_name ;; - id) validate_format_int "$arg" 'id' ;; - interface) validate_format_interface "$arg" ;; - ip) validate_format_ip "$arg" ;; - ip_name) validate_format_domain "$arg" 'domain';; - ip_status) validate_format_ip_status "$arg" ;; - job) validate_format_int "$arg" 'job' ;; - key) validate_format_username "$arg" "$arg_name" ;; - lname) validate_format_name_s "$arg" "$arg_name" ;; - malias) validate_format_username "$arg" "$arg_name" ;; - mask) validate_format_ip "$arg" ;; - max_db) validate_format_int "$arg" 'max db';; - min) validate_format_mhdmw "$arg" $arg_name ;; - month) validate_format_mhdmw "$arg" $arg_name ;; - nat_ip) validate_format_ip "$arg" ;; - newid) validate_format_int "$arg" 'id' ;; - ns1) validate_format_domain "$arg" 'name_server';; - ns2) validate_format_domain "$arg" 'name_server';; - ns3) validate_format_domain "$arg" 'name_server';; - ns4) validate_format_domain "$arg" 'name_server';; - package) validate_format_name "$arg" "$arg_name" ;; - password) validate_format_password "$arg" ;; - port) validate_format_int "$arg" 'port' ;; - port_ext) validate_format_fw_port "$arg";; - protocol) validate_format_fw_protocol "$arg" ;; - quota) validate_format_int "$arg" 'quota' ;; - restart) validate_format_boolean "$arg" 'restart' ;; - record) validate_format_common "$arg" 'record';; - rtype) validate_format_dns_type "$arg" ;; - rule) validate_format_int "$arg" "rule id" ;; - shell) validate_format_shell "$arg" ;; - soa) validate_format_domain "$arg" 'soa_record';; - stats_pass) validate_format_password "$arg" ;; - stats_user) validate_format_username "$arg" "$arg_name" ;; - template) validate_format_name "$arg" "$arg_name" ;; - ttl) validate_format_int "$arg" 'ttl';; - user) validate_format_username "$arg" "$arg_name" ;; - wday) validate_format_mhdmw "$arg" $arg_name ;; - esac done } + +# Domain argument formatting +format_domain() { + if [[ "$domain" = *[![:ascii:]]* ]]; then + if [[ "$domain" =~ [[:upper:]] ]]; then + domain=$(echo "$domain" |sed 's/[[:upper:]].*/\L&/') + fi + else + if [[ "$domain" =~ [[:upper:]] ]]; then + domain=$(echo "$domain" |tr '[:upper:]' '[:lower:]') + fi + fi + if [[ "$domain" =~ ^www\..* ]]; then + domain=$(echo "$domain" |sed -e "s/^www.//") + fi + if [[ "$domain" =~ .*\.$ ]]; then + domain=$(echo "$domain" |sed -e "s/[.]*$//g") + fi + if [[ "$domain" =~ ^\. ]]; then + domain=$(echo "$domain" |sed -e "s/^[.]*//") + fi +} + +format_domain_idn() { + if [ -z "$domain_idn" ]; then + domain_idn=$domain + fi + if [[ "$domain_idn" = *[![:ascii:]]* ]]; then + domain_idn=$(idn -t --quiet -a $domain_idn) + fi +} + +format_aliases() { + if [ ! -z "$aliases" ] && [ "$aliases" != 'none' ]; then + aliases=$(echo $aliases |tr '[:upper:]' '[:lower:]' |tr ',' '\n') + aliases=$(echo "$aliases" |sed -e "s/\.$//" |sort -u) + aliases=$(echo "$aliases" |tr -s '.') + aliases=$(echo "$aliases" |sed -e "s/[.]*$//g") + aliases=$(echo "$aliases" |sed -e "s/^[.]*//") + aliases=$(echo "$aliases" |sed -e "/^$/d") + aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//") + fi +} + +alter_web_counter() { + user=$1 + domain=$2 + USER_DATA=$VESTA/data/users/$user + + varc=$3 + vard="\$${varc}" + counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard") + + if [ -z "$counter" ]; then + add_object_key "web" 'DOMAIN' "$domain" "$varc" "TIME" + counter=0 + fi + + ((counter++)) + backup_counter=$counter + + update_object_value 'web' 'DOMAIN' "$domain" "$vard" "$counter" + counter=$backup_counter + + echo $counter +} + +reset_web_counter() { + user=$1 + domain=$2 + USER_DATA=$VESTA/data/users/$user + + varc=$3 + vard="\$${varc}" + + update_object_value 'web' 'DOMAIN' "$domain" "$vard" "0" +} + +get_web_counter() { + user=$1 + domain=$2 + USER_DATA=$VESTA/data/users/$user + + varc=$3 + vard="\$${varc}" + counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard") + + if [ -z "$counter" ]; then + counter=0 + fi + + echo $counter +} + +# Simple chmod wrapper that skips symlink files after glob expand +# Taken from HestiaCP +no_symlink_chmod() { + local filemode=$1; shift; + + for i in "$@"; do + [[ -L ${i} ]] && continue + + chmod "${filemode}" "${i}" + done +} + +# $1 = subject +# $2 = body +send_email_to_admin() { + email=$(grep CONTACT /usr/local/vesta/data/users/admin/user.conf) + email=$(echo "$email" | cut -f 2 -d "'") + if [ -z "$email" ]; then + if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then + email=$NOTIFY_ADMIN_FULL_BACKUP + fi + fi + if [ -z "$email" ]; then + return; + fi + echo "$2" | $SENDMAIL -s "$1" "$email" 'yes' +} diff --git a/func/rebuild.sh b/func/rebuild.sh index 480320816..b4df3d209 100644 --- a/func/rebuild.sh +++ b/func/rebuild.sh @@ -51,7 +51,7 @@ rebuild_user_conf() { mkdir -p $HOMEDIR/$user/conf chmod a+x $HOMEDIR/$user chmod a+x $HOMEDIR/$user/conf - chown $user:$user $HOMEDIR/$user + chown --no-dereference $user:$user $HOMEDIR/$user chown root:root $HOMEDIR/$user/conf # Update disk pipe @@ -71,13 +71,16 @@ rebuild_user_conf() { echo "$BIN/v-update-web-domains-disk $user" \ >> $VESTA/data/queue/disk.pipe + if [[ -L "$HOMEDIR/$user/web" ]]; then + rm $HOMEDIR/$user/web + fi mkdir -p $HOMEDIR/$user/conf/web mkdir -p $HOMEDIR/$user/web mkdir -p $HOMEDIR/$user/tmp chmod 751 $HOMEDIR/$user/conf/web chmod 751 $HOMEDIR/$user/web chmod 771 $HOMEDIR/$user/tmp - chown $user:$user $HOMEDIR/$user/web + chown --no-dereference $user:$user $HOMEDIR/$user/web if [ -z "$create_user" ]; then $BIN/v-rebuild-web-domains $user $restart fi @@ -105,6 +108,9 @@ rebuild_user_conf() { echo "$BIN/v-update-mail-domains-disk $user" \ >> $VESTA/data/queue/disk.pipe + if [[ -L "$HOMEDIR/$user/mail" ]]; then + rm $HOMEDIR/$user/mail + fi mkdir -p $HOMEDIR/$user/conf/mail mkdir -p $HOMEDIR/$user/mail chmod 751 $HOMEDIR/$user/mail @@ -141,16 +147,12 @@ rebuild_user_conf() { # WEB domain rebuild rebuild_web_domain_conf() { - # Get domain values - domain_idn=$(idn -t --quiet -a "$domain") get_domain_values 'web' - ip=$(get_real_ip $IP) + is_ip_valid $IP + prepare_web_domain_values - # Preparing domain values for the template substitution - upd_web_domain_values - - # Rebuilding directories - mkdir -p $HOMEDIR/$user/web/$domain \ + # Rebuilding domain directories + sudo -u $user mkdir -p $HOMEDIR/$user/web/$domain \ $HOMEDIR/$user/web/$domain/public_html \ $HOMEDIR/$user/web/$domain/public_shtml \ $HOMEDIR/$user/web/$domain/document_errors \ @@ -159,69 +161,84 @@ rebuild_web_domain_conf() { $HOMEDIR/$user/web/$domain/stats \ $HOMEDIR/$user/web/$domain/logs - # Create domain logs + # Creating domain logs + if [ ! -e "/var/log/$WEB_SYSTEM/domains" ]; then + mkdir -p /var/log/$WEB_SYSTEM/domains + chmod 771 /var/log/$WEB_SYSTEM/domains + fi touch /var/log/$WEB_SYSTEM/domains/$domain.bytes \ /var/log/$WEB_SYSTEM/domains/$domain.log \ /var/log/$WEB_SYSTEM/domains/$domain.error.log - # Create symlinks + # Creating symlinks cd $HOMEDIR/$user/web/$domain/logs/ ln -f -s /var/log/$WEB_SYSTEM/domains/$domain.log . ln -f -s /var/log/$WEB_SYSTEM/domains/$domain.error.log . - cd - > /dev/null + cd / - # Propagate html skeleton + # Propagating html skeleton if [ ! -e "$WEBTPL/skel/document_errors/" ]; then - cp -r $WEBTPL/skel/document_errors/ $HOMEDIR/$user/web/$domain/ + sudo -u $user cp -r $WEBTPL/skel/document_errors/ \ + $HOMEDIR/$user/web/$domain/ fi # Set folder permissions - chmod 551 $HOMEDIR/$user/web/$domain - chmod 751 $HOMEDIR/$user/web/$domain/private - chmod 751 $HOMEDIR/$user/web/$domain/cgi-bin - chmod 751 $HOMEDIR/$user/web/$domain/public_html - chmod 751 $HOMEDIR/$user/web/$domain/public_shtml - chmod 751 $HOMEDIR/$user/web/$domain/document_errors - chmod 551 $HOMEDIR/$user/web/$domain/stats - chmod 551 $HOMEDIR/$user/web/$domain/logs + no_symlink_chmod 551 $HOMEDIR/$user/web/$domain \ + $HOMEDIR/$user/web/$domain/stats \ + $HOMEDIR/$user/web/$domain/logs + no_symlink_chmod 751 $HOMEDIR/$user/web/$domain/private \ + $HOMEDIR/$user/web/$domain/cgi-bin \ + $HOMEDIR/$user/web/$domain/public_html \ + $HOMEDIR/$user/web/$domain/public_shtml \ + $HOMEDIR/$user/web/$domain/document_errors chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.* # Set ownership - chown $user:$user $HOMEDIR/$user/web/$domain - chown $user:$user $HOMEDIR/$user/web/$domain/private - chown $user:$user $HOMEDIR/$user/web/$domain/cgi-bin - chown $user:$user $HOMEDIR/$user/web/$domain/public_html - chown $user:$user $HOMEDIR/$user/web/$domain/public_shtml + chown --no-dereference $user:$user $HOMEDIR/$user/web/$domain \ + $HOMEDIR/$user/web/$domain/private \ + $HOMEDIR/$user/web/$domain/cgi-bin \ + $HOMEDIR/$user/web/$domain/public_html \ + $HOMEDIR/$user/web/$domain/public_shtml chown -R $user:$user $HOMEDIR/$user/web/$domain/document_errors chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* - # Adding tmp conf - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl" - conf="$HOMEDIR/$user/conf/web/tmp_$WEB_SYSTEM.conf" - add_web_config - chown root:$user $conf - chmod 640 $conf + # Adding vhost configuration + conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" + add_web_config "$WEB_SYSTEM" "$TPL.tpl" - # Running template trigger - if [ -x $WEBTPL/$WEB_SYSTEM/$TPL.sh ]; then - $WEBTPL/$WEB_SYSTEM/$TPL.sh $user $domain $ip $HOMEDIR $docroot + # Adding SSL vhost configuration + if [ "$SSL" = 'yes' ]; then + conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" + add_web_config "$WEB_SYSTEM" "$TPL.stpl" + cp -f $USER_DATA/ssl/$domain.crt \ + $HOMEDIR/$user/conf/web/ssl.$domain.crt + cp -f $USER_DATA/ssl/$domain.key \ + $HOMEDIR/$user/conf/web/ssl.$domain.key + cp -f $USER_DATA/ssl/$domain.pem \ + $HOMEDIR/$user/conf/web/ssl.$domain.pem + if [ -e "$USER_DATA/ssl/$domain.ca" ]; then + cp -f $USER_DATA/ssl/$domain.ca \ + $HOMEDIR/$user/conf/web/ssl.$domain.ca + fi fi - # Checking aliases - if [ ! -z "$ALIAS" ]; then - aliases=$(echo "$ALIAS"|tr ',' '\n'| wc -l) - user_aliases=$((user_aliases + aliases)) + # Adding proxy configuration + if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then + conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" + add_web_config "$PROXY_SYSTEM" "$PROXY.tpl" + if [ "$SSL" = 'yes' ]; then + conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" + add_web_config "$PROXY_SYSTEM" "$PROXY.stpl" + fi fi - # Checking stats + # Adding web stats parser if [ ! -z "$STATS" ]; then + domain_idn=$domain + format_domain_idn cat $WEBTPL/$STATS/$STATS.tpl |\ - sed -e "s|%ip%|$ip|g" \ + sed -e "s|%ip%|$local_ip|g" \ -e "s|%web_system%|$WEB_SYSTEM|g" \ - -e "s|%web_port%|$WEB_PORT|g" \ - -e "s|%web_ssl_port%|$WEB_SSL_PORT|g" \ - -e "s|%proxy_port%|$PROXY_PORT|g" \ - -e "s|%proxy_ssl_port%|$PROXY_SSL_PORT|g" \ -e "s|%domain_idn%|$domain_idn|g" \ -e "s|%domain%|$domain|g" \ -e "s|%user%|$user|g" \ @@ -229,7 +246,6 @@ rebuild_web_domain_conf() { -e "s|%alias%|${aliases//,/ }|g" \ -e "s|%alias_idn%|${aliases_idn//,/ }|g" \ > $HOMEDIR/$user/conf/web/$STATS.$domain.conf - if [ "$STATS" == 'awstats' ]; then if [ ! -e "/etc/awstats/$STATS.$domain_idn.conf" ]; then ln -f -s $HOMEDIR/$user/conf/web/$STATS.$domain.conf \ @@ -245,102 +261,38 @@ rebuild_web_domain_conf() { if [ ! -z "$STATS_USER" ]; then stats_dir="$HOMEDIR/$user/web/$domain/stats" - - # Adding htaccess file - echo "AuthUserFile $stats_dir/.htpasswd" > $stats_dir/.htaccess - echo "AuthName \"Web Statistics\"" >> $stats_dir/.htaccess - echo "AuthType Basic" >> $stats_dir/.htaccess - echo "Require valid-user" >> $stats_dir/.htaccess - - # Generating htaccess user and password + if [ "$WEB_SYSTEM" = 'nginx' ]; then + echo "auth_basic \"Web Statistics\";" > $stats_dir/auth.conf + echo "auth_basic_user_file $stats_dir/.htpasswd;" >> \ + $stats_dir/auth.conf + else + echo "AuthUserFile $stats_dir/.htpasswd" > $stats_dir/.htaccess + echo "AuthName \"Web Statistics\"" >> $stats_dir/.htaccess + echo "AuthType Basic" >> $stats_dir/.htaccess + echo "Require valid-user" >> $stats_dir/.htaccess + fi echo "$STATS_USER:$STATS_CRYPT" > $stats_dir/.htpasswd fi fi - # Checking SSL - if [ "$SSL" = 'yes' ]; then - - # Adding domain to the web conf - conf="$HOMEDIR/$user/conf/web/tmp_s$WEB_SYSTEM.conf" - tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" - add_web_config - chown root:$user $conf - chmod 640 $conf - - cp -f $USER_DATA/ssl/$domain.crt \ - $HOMEDIR/$user/conf/web/ssl.$domain.crt - cp -f $USER_DATA/ssl/$domain.key \ - $HOMEDIR/$user/conf/web/ssl.$domain.key - cp -f $USER_DATA/ssl/$domain.pem \ - $HOMEDIR/$user/conf/web/ssl.$domain.pem - if [ -e "$USER_DATA/ssl/$domain.ca" ]; then - cp -f $USER_DATA/ssl/$domain.ca \ - $HOMEDIR/$user/conf/web/ssl.$domain.ca - fi - - # Running template trigger - if [ -x $WEBTPL/$WEB_SYSTEM/$TPL.sh ]; then - $WEBTPL/$WEB_SYSTEM/$TPL.sh $user $domain $ip $HOMEDIR $sdocroot - fi - - user_ssl=$((user_ssl + 1)) - ssl_change='yes' - fi - - # Checking proxy - if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" - conf="$HOMEDIR/$user/conf/web/tmp_$PROXY_SYSTEM.conf" - add_web_config - chown root:$user $conf - chmod 640 $conf - proxy_change='yes' - fi - - if [ ! -z "$PROXY_SYSTEM" ] && [ "$SSL" = 'yes' ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" - if [ -z "$PROXY" ]; then - tpl_file="$WEBTPL/$PROXY_SYSTEM/default.stpl" - fi - conf="$HOMEDIR/$user/conf/web/tmp_s$PROXY_SYSTEM.conf" - add_web_config - chown root:$user $conf - chmod 640 $conf - proxy_change='yes' - fi - - if [ "$SUSPENDED" = 'yes' ]; then - suspended_web=$((suspended_web + 1)) - fi - user_domains=$((user_domains + 1)) - - # Running template trigger - if [ -x $WEBTPL/$PROXY_SYSTEM/$PROXY.sh ]; then - $WEBTPL/$PROXY_SYSTEM/$PROXY.sh $user $domain $ip $HOMEDIR $docroot - fi - - # Defining ftp user shell + # Adding ftp users if [ -z "$FTP_SHELL" ]; then - shell='/sbin/nologin' + shell=$(which nologin) if [ -e "/usr/bin/rssh" ]; then shell='/usr/bin/rssh' fi else shell=$FTP_SHELL fi - - # Checking ftp users for ftp_user in ${FTP_USER//:/ }; do if [ -z "$(grep ^$ftp_user: /etc/passwd)" ]; then - # Parsing ftp user variables - position=$(echo $FTP_USER | tr ':' '\n' | grep -n '' |\ - grep ":$ftp_user$" | cut -f 1 -d:) - ftp_path=$(echo $FTP_PATH | tr ':' '\n' | grep -n '' |\ - grep "^$position:" | cut -f 2 -d :) - ftp_md5=$(echo $FTP_MD5 | tr ':' '\n' | grep -n '' |\ - grep "^$position:" | cut -f 2 -d :) + position=$(echo $FTP_USER |tr ':' '\n' |grep -n '' |\ + grep ":$ftp_user$" |cut -f 1 -d:) + ftp_path=$(echo $FTP_PATH |tr ':' '\n' |grep -n '' |\ + grep "^$position:" |cut -f 2 -d :) + ftp_md5=$(echo $FTP_MD5 | tr ':' '\n' |grep -n '' |\ + grep "^$position:" |cut -f 2 -d :) - # Adding ftp user /usr/sbin/useradd $ftp_user \ -s $shell \ -o -u $(id -u $user) \ @@ -349,13 +301,13 @@ rebuild_web_domain_conf() { # Updating ftp user password shadow=$(grep "^$ftp_user:" /etc/shadow) - shdw3=$(echo "$shadow" | cut -f3 -d :) - shdw4=$(echo "$shadow" | cut -f4 -d :) - shdw5=$(echo "$shadow" | cut -f5 -d :) - shdw6=$(echo "$shadow" | cut -f6 -d :) - shdw7=$(echo "$shadow" | cut -f7 -d :) - shdw8=$(echo "$shadow" | cut -f8 -d :) - shdw9=$(echo "$shadow" | cut -f9 -d :) + shdw3=$(echo "$shadow" |cut -f3 -d :) + shdw4=$(echo "$shadow" |cut -f4 -d :) + shdw5=$(echo "$shadow" |cut -f5 -d :) + shdw6=$(echo "$shadow" |cut -f6 -d :) + shdw7=$(echo "$shadow" |cut -f7 -d :) + shdw8=$(echo "$shadow" |cut -f8 -d :) + shdw9=$(echo "$shadow" |cut -f9 -d :) shadow_str="$ftp_user:$ftp_md5:$shdw3:$shdw4:$shdw5:$shdw6" shadow_str="$shadow_str:$shdw7:$shdw8:$shdw9" chmod u+w /etc/shadow @@ -364,6 +316,39 @@ rebuild_web_domain_conf() { chmod u-w /etc/shadow fi done + + # Adding http auth protection + htaccess="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.conf_htaccess" + htpasswd="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.htpasswd" + docroot="$HOMEDIR/$user/web/$domain/public_html" + for auth_user in ${AUTH_USER//:/ }; do + # Parsing auth user variables + position=$(echo $AUTH_USER |tr ':' '\n' |grep -n '' |\ + grep ":$auth_user$" |cut -f 1 -d:) + auth_hash=$(echo $AUTH_HASH |tr ':' '\n' |grep -n '' |\ + grep "^$position:" |cut -f 2 -d :) + + # Adding http auth user + touch $htpasswd + sed -i "/^$auth_user:/d" $htpasswd + echo "$auth_user:$auth_hash" >> $htpasswd + + # Checking web server include + if [ ! -e "$htaccess" ]; then + if [ "$WEB_SYSTEM" != 'nginx' ]; then + echo "" > $htaccess + echo " AuthUserFile $htpasswd" >> $htaccess + echo " AuthName \"$domain access\"" >> $htaccess + echo " AuthType Basic" >> $htaccess + echo " Require valid-user" >> $htaccess + echo "" >> $htaccess + else + echo "auth_basic \"$domain password access\";" > $htaccess + echo "auth_basic_user_file $htpasswd;" >> $htaccess + fi + chmod 640 $htpasswd $htaccess >/dev/null 2>&1 + fi + done } # DNS domain rebuild @@ -436,10 +421,14 @@ rebuild_dns_domain_conf() { # MAIL domain rebuild rebuild_mail_domain_conf() { - # Get domain values - domain_idn=$(idn -t --quiet -a "$domain") get_domain_values 'mail' + if [[ "$domain" = *[![:ascii:]]* ]]; then + domain_idn=$(idn -t --quiet -a $domain) + else + domain_idn=$domain + fi + if [ "$SUSPENDED" = 'yes' ]; then SUSPENDED_MAIL=$((SUSPENDED_MAIL +1)) fi @@ -489,7 +478,7 @@ rebuild_mail_domain_conf() { # Adding catchall email dom_aliases=$HOMEDIR/$user/conf/mail/$domain/aliases if [ ! -z "$CATCHALL" ]; then - echo "*@$domain:$CATCHALL" >> $dom_aliases + echo "*@$domain_idn:$CATCHALL" >> $dom_aliases fi fi @@ -512,13 +501,16 @@ rebuild_mail_domain_conf() { fi if [[ "$MAIL_SYSTEM" =~ exim ]]; then + if [ "$QUOTA" = 'unlimited' ]; then + QUOTA=0 + fi str="$account:$MD5:$user:mail::$HOMEDIR/$user:$QUOTA" echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd for malias in ${ALIAS//,/ }; do - echo "$malias@$domain:$account@$domain" >> $dom_aliases + echo "$malias@$domain_idn:$account@$domain_idn" >> $dom_aliases done if [ ! -z "$FWD" ]; then - echo "$account@$domain:$FWD" >> $dom_aliases + echo "$account@$domain_idn:$FWD" >> $dom_aliases fi if [ "$FWD_ONLY" = 'yes' ]; then echo "$account" >> $HOMEDIR/$user/conf/mail/$domain/fwd_only @@ -548,44 +540,38 @@ rebuild_mail_domain_conf() { # Rebuild MySQL rebuild_mysql_database() { - - host_str=$(grep "HOST='$HOST'" $VESTA/conf/mysql.conf) - eval $host_str - if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then - echo "Error: mysql config parsing failed" - if [ ! -z "$send_mail" ]; then - echo "Can't parse MySQL DB config" | $send_mail -s "$subj" $email + mysql_connect $HOST + mysql_query "CREATE DATABASE \`$DB\` CHARACTER SET $CHARSET" >/dev/null + if [ "$mysql_fork" = "mysql" ]; then + # mysql + if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ]; then + # mysql >= 5.7 + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null + query="UPDATE mysql.user SET authentication_string='$MD5'" + query="$query WHERE User='$DBUSER'" + else + # mysql < 5.7 + query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'" fi - log_event "$E_PARSING" "$EVENT" - exit $E_PARSING - fi - - query='SELECT VERSION()' - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - if [ '0' -ne "$?" ]; then - echo "Error: Database connection to $HOST failed" - if [ ! -z "$send_mail" ]; then - echo "Database connection to MySQL host $HOST failed" |\ - $send_mail -s "$subj" $email + else + # mariadb + if [ "$(echo $mysql_ver |cut -d '.' -f1)" -eq 5 ]; then + # mariadb = 5 + mysql_query "CREATE USER \`$DBUSER\`" > /dev/null + mysql_query "CREATE USER \`$DBUSER\`@localhost" > /dev/null + else + # mariadb = 10 + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null fi - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT + # mariadb any version + query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'" fi - - query="CREATE DATABASE \`$DB\` CHARACTER SET $CHARSET" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - - query="GRANT ALL ON \`$DB\`.* TO \`$DBUSER\`@\`%\`" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - - query="GRANT ALL ON \`$DB\`.* TO \`$DBUSER\`@localhost" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - - query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER';" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 - - query="FLUSH PRIVILEGES;" - mysql -h $HOST -u $USER -p$PASSWORD -e "$query" > /dev/null 2>&1 + mysql_query "GRANT ALL ON \`$DB\`.* TO \`$DBUSER\`@\`%\`" >/dev/null + mysql_query "GRANT ALL ON \`$DB\`.* TO \`$DBUSER\`@localhost" >/dev/null + mysql_query "$query" >/dev/null + mysql_query "FLUSH PRIVILEGES" >/dev/null } # Rebuild PostgreSQL @@ -596,10 +582,10 @@ rebuild_pgsql_database() { export PGPASSWORD="$PASSWORD" if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then echo "Error: postgresql config parsing failed" - if [ ! -z "$send_mail" ]; then - echo "Can't parse PostgreSQL config" | $send_mail -s "$subj" $email + if [ ! -z "$SENDMAIL" ]; then + echo "Can't parse PostgreSQL config" | $SENDMAIL -s "$subj" $email fi - log_event "$E_PARSING" "$EVENT" + log_event "$E_PARSING" "$ARGUMENTS" exit $E_PARSING fi @@ -607,15 +593,15 @@ rebuild_pgsql_database() { psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 if [ '0' -ne "$?" ]; then echo "Error: Connection failed" - if [ ! -z "$send_mail" ]; then + if [ ! -z "$SENDMAIL" ]; then echo "Database connection to PostgreSQL host $HOST failed" |\ - $send_mail -s "$subj" $email + $SENDMAIL -s "$subj" $email fi - log_event "$E_CONNECT" "$EVENT" + log_event "$E_CONNECT" "$ARGUMENTS" exit $E_CONNECT fi - query="CREATE ROLE $DBUSER" + query="CREATE ROLE $DBUSER WITH LOGIN" psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 query="UPDATE pg_authid SET rolpassword='$MD5' WHERE rolname='$DBUSER'" @@ -632,7 +618,7 @@ rebuild_pgsql_database() { query="GRANT ALL PRIVILEGES ON DATABASE $DB TO $DBUSER" psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - query="GRANT CONNECT ON DATABASE template1 to $dbuser" + query="GRANT CONNECT ON DATABASE template1 to $DBUSER" psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 } @@ -644,7 +630,7 @@ import_mysql_database() { eval $host_str if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then echo "Error: mysql config parsing failed" - log_event "$E_PARSING" "$EVENT" + log_event "$E_PARSING" "$ARGUMENTS" exit $E_PARSING fi @@ -660,7 +646,7 @@ import_pgsql_database() { export PGPASSWORD="$PASSWORD" if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ] || [ -z $TPL ]; then echo "Error: postgresql config parsing failed" - log_event "$E_PARSING" "$EVENT" + log_event "$E_PARSING" "$ARGUMENTS" exit $E_PARSING fi diff --git a/func/remote.sh b/func/remote.sh index 61b050065..895e7b451 100644 --- a/func/remote.sh +++ b/func/remote.sh @@ -1,11 +1,14 @@ -send_api_cmd() { - if [ -z $PORT ]; then - PORT=8083 - fi - if [ -z $USER ]; then - USER=admin - fi +# Check if script already running or not +is_procces_running() { + SCRIPT=$(basename $0) + for pid in $(pidof -x $SCRIPT); do + if [ $pid != $$ ]; then + check_result $E_INUSE "$SCRIPT is already running" + fi + done +} +send_api_cmd() { answer=$(curl -s -k \ --data-urlencode "user=$USER" \ --data-urlencode "password=$PASSWORD" \ @@ -20,21 +23,22 @@ send_api_cmd() { --data-urlencode "arg7=$8" \ --data-urlencode "arg8=$9" \ https://$HOST:$PORT/api/) + return $answer +} - if [ "$answer" != '0' ]; then - return 1 - else - return 0 - fi +send_api_file() { + answer=$(curl -s -k \ + --data-urlencode "user=$USER" \ + --data-urlencode "password=$PASSWORD" \ + --data-urlencode "returncode=yes" \ + --data-urlencode "cmd=v-make-tmp-file" \ + --data-urlencode "arg1=$(cat $1)" \ + --data-urlencode "arg2=$2" \ + https://$HOST:$PORT/api/) + return $answer } send_ssh_cmd() { - if [ -z $PORT ]; then - PORT=22 - fi - if [ -z $USER ]; then - USER=admin - fi if [ -z "$IDENTITY_FILE" ] && [ "$USER" = 'root' ]; then IDENTITY_FILE="/root/.ssh/id_rsa" fi @@ -55,13 +59,7 @@ send_ssh_cmd() { fi } -scp_cmd() { - if [ -z $PORT ]; then - PORT=22 - fi - if [ -z $USER ]; then - USER=admin - fi +send_scp_file() { if [ -z "$IDENTITY_FILE" ]; then IDENTITY_FILE="/home/admin/.ssh/id_rsa" fi @@ -77,75 +75,33 @@ is_dnshost_new() { if [ -e "$VESTA/conf/dns-cluster.conf" ]; then check_host=$(grep "HOST='$host'" $VESTA/conf/dns-cluster.conf) if [ ! -z "$check_host" ]; then - echo "Error: dns host $host exists" - log_event "$E_EXISTS" "$EVENT" - exit $E_EXISTS + check_result $E_EXISTS "remote dns host $host exists" fi fi } is_dnshost_alive() { - HOST=$host - PORT=$port - USER=$user - PASSWORD=$password + cluster_cmd v-list-sys-config + check_result $? "$type connection to $HOST failed" $E_CONNECT - # Switch on connection type - case $type in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check host connection - $send_cmd v-list-sys-config - if [ $? -ne 0 ]; then - echo "Error: $type connection to $HOST failed" - log_event "$E_CONNECT" "$EVENT" - exit $E_CONNECT - fi - - # Check recipient dns user - if [ -z "$DNS_USER" ]; then - DNS_USER='dns-cluster' - fi - if [ ! -z "$verbose" ]; then - echo "DNS_USER: $DNS_USER" - fi - $send_cmd v-list-user $DNS_USER - if [ $? -ne 0 ]; then - echo "Error: dns user $DNS_USER doesn't exist" - log_event "$E_NOTEXIST" "$EVENT" - exit $E_NOTEXIST - fi + cluster_cmd v-list-user $DNS_USER + check_result $? "$DNS_USER doesn't exist" $E_CONNECT } remote_dns_health_check() { - # Define tmp mail vars - subj="DNS sync failed" - email=$(grep CONTACT $VESTA/data/users/admin/user.conf | cut -f 2 -d \') - send_mail="$VESTA/web/inc/mail-wrapper.php" - tmpfile=$(mktemp) + OLD_IFS="$IFS" + IFS=$'\n' # Starting health-check for str in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do - - # Get host values eval $str - # Check connection type - if [ -z "TYPE" ]; then - TYPE='api' - fi - - # Switch on connection type - case $TYPE in - ssh) send_cmd="send_ssh_cmd" ;; - *) send_cmd="send_api_cmd" ;; - esac - - # Check host connection - $send_cmd v-list-sys-config + # Checking host connection + cluster_cmd v-list-user $DNS_USER if [ $? -ne 0 ]; then + + # Creating error report + tmpfile=$(mktemp) echo "$(basename $0) $*" > $tmpfile echo -e "Error: $TYPE connection to $HOST failed.\n" >> $tmpfile echo -n "Remote dns host has been suspended." >> $tmpfile @@ -154,14 +110,37 @@ remote_dns_health_check() { echo "v-unsuspend-remote-dns-host $HOST" >> $tmpfile echo "v-sync-dns-cluster $HOST" >> $tmpfile echo -e "\n\n--\nVesta Control Panel\n$(hostname)" >> $tmpfile - cat $tmpfile | $send_mail -s "$subj" $email - log_event "$E_CONNECT" "$EVENT" - dconf="../../../conf/dns-cluster" + if [ "$1" = 'no_email' ]; then + cat $tmpfile + else + subj="DNS sync failed" + email=$($BIN/v-get-user-value admin CONTACT) + cat $tmpfile |$SENDMAIL -s "$subj" $email + fi + + # Deleting tmp file + rm -f $tmpfile + log_event "$E_CONNECT" "$ARGUMENTS" + + # Suspending remote host + dconf="../../conf/dns-cluster" update_object_value "$dconf" 'HOST' "$HOST" '$SUSPENDED' 'yes' fi - - # Remove tmp file - rm -f $tmpfile done + IFS="$OLD_IFS" +} + +cluster_cmd() { + case $TYPE in + ssh) send_ssh_cmd $* ;; + api) send_api_cmd $* ;; + esac +} + +cluster_file() { + case $TYPE in + ssh) send_scp_file $* ;; + api) send_api_file $* ;; + esac } diff --git a/install/debian/apache2.conf b/install/debian/7/apache2/apache2.conf similarity index 89% rename from install/debian/apache2.conf rename to install/debian/7/apache2/apache2.conf index 140acee09..915ea1ea1 100644 --- a/install/debian/apache2.conf +++ b/install/debian/7/apache2/apache2.conf @@ -85,3 +85,11 @@ Include conf.d/ # Include the virtual host configurations: #Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/debian/apache2-status.conf b/install/debian/7/apache2/status.conf similarity index 100% rename from install/debian/apache2-status.conf rename to install/debian/7/apache2/status.conf diff --git a/install/debian/named.conf b/install/debian/7/bind/named.conf similarity index 100% rename from install/debian/named.conf rename to install/debian/7/bind/named.conf diff --git a/install/debian/clamd.conf b/install/debian/7/clamav/clamd.conf similarity index 100% rename from install/debian/clamd.conf rename to install/debian/7/clamav/clamd.conf diff --git a/install/debian/7/deb_signing.key b/install/debian/7/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/debian/7/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/debian/dovecot/conf.d/10-auth.conf b/install/debian/7/dovecot/conf.d/10-auth.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-auth.conf rename to install/debian/7/dovecot/conf.d/10-auth.conf diff --git a/install/debian/dovecot/conf.d/10-logging.conf b/install/debian/7/dovecot/conf.d/10-logging.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-logging.conf rename to install/debian/7/dovecot/conf.d/10-logging.conf diff --git a/install/debian/dovecot/conf.d/10-mail.conf b/install/debian/7/dovecot/conf.d/10-mail.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-mail.conf rename to install/debian/7/dovecot/conf.d/10-mail.conf diff --git a/install/debian/dovecot/conf.d/10-master.conf b/install/debian/7/dovecot/conf.d/10-master.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-master.conf rename to install/debian/7/dovecot/conf.d/10-master.conf diff --git a/install/debian/dovecot/conf.d/10-ssl.conf b/install/debian/7/dovecot/conf.d/10-ssl.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-ssl.conf rename to install/debian/7/dovecot/conf.d/10-ssl.conf diff --git a/install/debian/dovecot/conf.d/20-imap.conf b/install/debian/7/dovecot/conf.d/20-imap.conf similarity index 100% rename from install/debian/dovecot/conf.d/20-imap.conf rename to install/debian/7/dovecot/conf.d/20-imap.conf diff --git a/install/debian/dovecot/conf.d/20-pop3.conf b/install/debian/7/dovecot/conf.d/20-pop3.conf similarity index 100% rename from install/debian/dovecot/conf.d/20-pop3.conf rename to install/debian/7/dovecot/conf.d/20-pop3.conf diff --git a/install/debian/dovecot/conf.d/auth-passwdfile.conf.ext b/install/debian/7/dovecot/conf.d/auth-passwdfile.conf.ext similarity index 100% rename from install/debian/dovecot/conf.d/auth-passwdfile.conf.ext rename to install/debian/7/dovecot/conf.d/auth-passwdfile.conf.ext diff --git a/install/debian/dovecot.conf b/install/debian/7/dovecot/dovecot.conf similarity index 100% rename from install/debian/dovecot.conf rename to install/debian/7/dovecot/dovecot.conf diff --git a/install/debian/dnsbl.conf b/install/debian/7/exim/dnsbl.conf similarity index 100% rename from install/debian/dnsbl.conf rename to install/debian/7/exim/dnsbl.conf diff --git a/install/ubuntu/exim4.conf.template b/install/debian/7/exim/exim4.conf.template similarity index 96% rename from install/ubuntu/exim4.conf.template rename to install/debian/7/exim/exim4.conf.template index 742f0409e..d83af2152 100644 --- a/install/ubuntu/exim4.conf.template +++ b/install/debian/7/exim/exim4.conf.template @@ -8,6 +8,7 @@ #SPAM_SCORE = 50 #CLAMD = yes +disable_ipv6=true domainlist local_domains = dsearch;/etc/exim4/domains/ domainlist relay_to_domains = dsearch;/etc/exim4/domains/ hostlist relay_from_hosts = 127.0.0.1 @@ -227,7 +228,7 @@ procmail: autoreplay: driver = accept require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg - condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} retry_use_local_part transport = userautoreply unseen @@ -244,7 +245,7 @@ aliases: localuser_fwd_only: driver = accept transport = devnull - condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} localuser_spam: driver = accept @@ -347,7 +348,8 @@ userautoreply: driver = autoreply file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg from = "${local_part}@${domain}" - subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" to = "${sender_address}" devnull: diff --git a/install/debian/spam-blocks.conf b/install/debian/7/exim/spam-blocks.conf similarity index 100% rename from install/debian/spam-blocks.conf rename to install/debian/7/exim/spam-blocks.conf diff --git a/install/debian/7/fail2ban/action.d/vesta.conf b/install/debian/7/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/debian/7/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/debian/7/fail2ban/filter.d/vesta.conf b/install/debian/7/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/debian/7/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/debian/7/fail2ban/jail.local b/install/debian/7/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/debian/7/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/debian/firewall/ports.conf b/install/debian/7/firewall/ports.conf similarity index 80% rename from install/debian/firewall/ports.conf rename to install/debian/7/firewall/ports.conf index 8b371f2e5..b730d012c 100644 --- a/install/debian/firewall/ports.conf +++ b/install/debian/7/firewall/ports.conf @@ -2,6 +2,7 @@ PROTOCOL='TCP' PORT='20' PROTOCOL='TCP' PORT='21' PROTOCOL='TCP' PORT='22' PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' PROTOCOL='UDP' PORT='53' PROTOCOL='TCP' PORT='80' PROTOCOL='TCP' PORT='443' @@ -11,5 +12,6 @@ PROTOCOL='TCP' PORT='143' PROTOCOL='TCP' PORT='3306' PROTOCOL='TCP' PORT='5432' PROTOCOL='TCP' PORT='8080' -PROTOCOL='TCP' PORT='8443' +PROTOCOL='TCP' PORT='8433' PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/debian/firewall/rules.conf b/install/debian/7/firewall/rules.conf similarity index 63% rename from install/debian/firewall/rules.conf rename to install/debian/7/firewall/rules.conf index cfa7d8680..fba98e1e4 100644 --- a/install/debian/firewall/rules.conf +++ b/install/debian/7/firewall/rules.conf @@ -4,7 +4,8 @@ RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT= RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' -RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/debian/apache2.log b/install/debian/7/logrotate/apache2 similarity index 100% rename from install/debian/apache2.log rename to install/debian/7/logrotate/apache2 diff --git a/install/debian/7/logrotate/dovecot b/install/debian/7/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/debian/7/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/debian/7/logrotate/nginx b/install/debian/7/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/debian/7/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/debian/vesta.log b/install/debian/7/logrotate/vesta similarity index 100% rename from install/debian/vesta.log rename to install/debian/7/logrotate/vesta diff --git a/install/debian/7/mysql/my-large.cnf b/install/debian/7/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/debian/7/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/my.cnf b/install/debian/7/mysql/my-medium.cnf similarity index 59% rename from install/ubuntu/my.cnf rename to install/debian/7/mysql/my-medium.cnf index 1b5ff1d24..1c10ab9a6 100644 --- a/install/ubuntu/my.cnf +++ b/install/debian/7/mysql/my-medium.cnf @@ -15,11 +15,26 @@ datadir=/var/lib/mysql tmpdir=/tmp lc-messages-dir=/usr/share/mysql log_error=/var/log/mysql/error.log -max_connections=200 -max_user_connections=30 -wait_timeout=30 -interactive_timeout=50 -long_query_time=5 + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 innodb_file_per_table +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + !includedir /etc/mysql/conf.d/ diff --git a/install/debian/7/mysql/my-small.cnf b/install/debian/7/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/debian/7/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/7/nginx/nginx.conf b/install/debian/7/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/debian/7/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/debian/7/nginx/phpmyadmin.inc b/install/debian/7/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/debian/7/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/debian/7/nginx/phppgadmin.inc b/install/debian/7/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/debian/7/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/nginx-status.conf b/install/debian/7/nginx/status.conf similarity index 100% rename from install/debian/nginx-status.conf rename to install/debian/7/nginx/status.conf diff --git a/install/debian/7/nginx/webmail.inc b/install/debian/7/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/debian/7/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/packages/default.pkg b/install/debian/7/packages/default.pkg similarity index 73% rename from install/debian/packages/default.pkg rename to install/debian/7/packages/default.pkg index 29585bacb..c2a935743 100644 --- a/install/debian/packages/default.pkg +++ b/install/debian/7/packages/default.pkg @@ -9,10 +9,10 @@ MAIL_DOMAINS='100' MAIL_ACCOUNTS='100' DATABASES='100' CRON_JOBS='100' -DISK_QUOTA='10000' +DISK_QUOTA='unlimited' BANDWIDTH='100000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='3' -TIME='11:46:50' -DATE='2012-09-26' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/packages/gainsboro.pkg b/install/debian/7/packages/gainsboro.pkg similarity index 78% rename from install/rhel/packages/gainsboro.pkg rename to install/debian/7/packages/gainsboro.pkg index c3df50258..76d7dae2a 100644 --- a/install/rhel/packages/gainsboro.pkg +++ b/install/debian/7/packages/gainsboro.pkg @@ -11,8 +11,8 @@ DATABASES='10' CRON_JOBS='10' DISK_QUOTA='10000' BANDWIDTH='10000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='1' -TIME='11:31:30' -DATE='2012-07-26' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/packages/palegreen.pkg b/install/debian/7/packages/palegreen.pkg similarity index 78% rename from install/ubuntu/packages/palegreen.pkg rename to install/debian/7/packages/palegreen.pkg index d08930f7b..3db5fe57e 100644 --- a/install/ubuntu/packages/palegreen.pkg +++ b/install/debian/7/packages/palegreen.pkg @@ -11,8 +11,8 @@ DATABASES='50' CRON_JOBS='50' DISK_QUOTA='50000' BANDWIDTH='50000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='5' -TIME='07:49:47' -DATE='2013-06-10' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/packages/slategrey.pkg b/install/debian/7/packages/slategrey.pkg similarity index 78% rename from install/ubuntu/packages/slategrey.pkg rename to install/debian/7/packages/slategrey.pkg index 15a17dcd3..d89e796fd 100644 --- a/install/ubuntu/packages/slategrey.pkg +++ b/install/debian/7/packages/slategrey.pkg @@ -11,8 +11,8 @@ DATABASES='100' CRON_JOBS='100' DISK_QUOTA='10000' BANDWIDTH='100000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='3' -TIME='12:39:13' -DATE='2012-09-20' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/debian/pga.conf b/install/debian/7/pga/config.inc.php similarity index 100% rename from install/debian/pga.conf rename to install/debian/7/pga/config.inc.php diff --git a/install/debian/apache2-pga.conf b/install/debian/7/pga/phppgadmin.conf similarity index 100% rename from install/debian/apache2-pga.conf rename to install/debian/7/pga/phppgadmin.conf diff --git a/install/debian/7/php5-fpm/www.conf b/install/debian/7/php5-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/debian/7/php5-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/apache2-pma.conf b/install/debian/7/pma/apache.conf similarity index 95% rename from install/ubuntu/apache2-pma.conf rename to install/debian/7/pma/apache.conf index 2a8f69e25..ce2a9fe2b 100644 --- a/install/ubuntu/apache2-pma.conf +++ b/install/debian/7/pma/apache.conf @@ -15,6 +15,7 @@ Alias /phpmyadmin /usr/share/phpmyadmin php_admin_flag allow_url_fopen Off php_value include_path . php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext diff --git a/install/debian/7/pma/config.inc.php b/install/debian/7/pma/config.inc.php new file mode 100644 index 000000000..4b6a3a6b2 --- /dev/null +++ b/install/debian/7/pma/config.inc.php @@ -0,0 +1,153 @@ + Umask 002 diff --git a/install/debian/apache2-webmail.conf b/install/debian/7/roundcube/apache.conf similarity index 100% rename from install/debian/apache2-webmail.conf rename to install/debian/7/roundcube/apache.conf diff --git a/install/debian/roundcube-pw.conf b/install/debian/7/roundcube/config.inc.php similarity index 100% rename from install/debian/roundcube-pw.conf rename to install/debian/7/roundcube/config.inc.php diff --git a/install/debian/roundcube-db.conf b/install/debian/7/roundcube/db.inc.php similarity index 100% rename from install/debian/roundcube-db.conf rename to install/debian/7/roundcube/db.inc.php diff --git a/install/debian/roundcube-main.conf b/install/debian/7/roundcube/main.inc.php similarity index 99% rename from install/debian/roundcube-main.conf rename to install/debian/7/roundcube/main.inc.php index a6e1fc2ee..8e03f5ddf 100644 --- a/install/debian/roundcube-main.conf +++ b/install/debian/7/roundcube/main.inc.php @@ -437,6 +437,7 @@ $rcmail_config['trash_mbox'] = 'Trash'; // these folders will also be displayed with localized names // NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) $rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); // automatically create the above listed default folders on first login $rcmail_config['create_default_folders'] = true; diff --git a/install/debian/roundcube-driver.php b/install/debian/7/roundcube/vesta.php similarity index 100% rename from install/debian/roundcube-driver.php rename to install/debian/7/roundcube/vesta.php diff --git a/install/debian/7/sudo/admin b/install/debian/7/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/debian/7/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/debian/7/templates/dns/child-ns.tpl b/install/debian/7/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/debian/7/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/7/templates/dns/default.tpl b/install/debian/7/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/debian/7/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/7/templates/dns/gmail.tpl b/install/debian/7/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/debian/7/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/7/templates/web/apache2/basedir.stpl b/install/debian/7/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..379f87da1 --- /dev/null +++ b/install/debian/7/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/7/templates/web/apache2/basedir.tpl b/install/debian/7/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..bf87511bd --- /dev/null +++ b/install/debian/7/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/templates/web/apache2/default.stpl b/install/debian/7/templates/web/apache2/default.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/ubuntu/templates/web/apache2/default.stpl rename to install/debian/7/templates/web/apache2/default.stpl index da523c138..8c8b7a3a2 --- a/install/ubuntu/templates/web/apache2/default.stpl +++ b/install/debian/7/templates/web/apache2/default.stpl @@ -15,6 +15,10 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/debian/templates/web/apache2/default.tpl b/install/debian/7/templates/web/apache2/default.tpl old mode 100755 new mode 100644 similarity index 81% rename from install/debian/templates/web/apache2/default.tpl rename to install/debian/7/templates/web/apache2/default.tpl index b95c1ee38..7fa97eb73 --- a/install/debian/templates/web/apache2/default.tpl +++ b/install/debian/7/templates/web/apache2/default.tpl @@ -14,6 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/debian/templates/web/apache2/hosting.stpl b/install/debian/7/templates/web/apache2/hosting.stpl old mode 100755 new mode 100644 similarity index 81% rename from install/debian/templates/web/apache2/hosting.stpl rename to install/debian/7/templates/web/apache2/hosting.stpl index c1c91e22e..ffb9a998f --- a/install/debian/templates/web/apache2/hosting.stpl +++ b/install/debian/7/templates/web/apache2/hosting.stpl @@ -15,20 +15,21 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value upload_max_filesize 10M php_admin_value max_execution_time 20 php_admin_value post_max_size 8M php_admin_value memory_limit 32M php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp - php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' AllowOverride All - php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube SSLEngine on SSLVerifyClient none SSLCertificateFile %ssl_crt% diff --git a/install/debian/templates/web/apache2/hosting.tpl b/install/debian/7/templates/web/apache2/hosting.tpl old mode 100755 new mode 100644 similarity index 79% rename from install/debian/templates/web/apache2/hosting.tpl rename to install/debian/7/templates/web/apache2/hosting.tpl index 8f3ec012a..3ed5acd1c --- a/install/debian/templates/web/apache2/hosting.tpl +++ b/install/debian/7/templates/web/apache2/hosting.tpl @@ -14,20 +14,21 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value upload_max_filesize 10M php_admin_value max_execution_time 20 php_admin_value post_max_size 8M php_admin_value memory_limit 32M php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp - php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' AllowOverride All - php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube RMode config RUidGid %user% %group% diff --git a/install/debian/templates/web/apache2/phpcgi.sh b/install/debian/7/templates/web/apache2/phpcgi.sh similarity index 100% rename from install/debian/templates/web/apache2/phpcgi.sh rename to install/debian/7/templates/web/apache2/phpcgi.sh diff --git a/install/ubuntu/templates/web/apache2/phpcgi.stpl b/install/debian/7/templates/web/apache2/phpcgi.stpl old mode 100755 new mode 100644 similarity index 82% rename from install/ubuntu/templates/web/apache2/phpcgi.stpl rename to install/debian/7/templates/web/apache2/phpcgi.stpl index 58c4baf90..7bbf5be59 --- a/install/ubuntu/templates/web/apache2/phpcgi.stpl +++ b/install/debian/7/templates/web/apache2/phpcgi.stpl @@ -15,6 +15,10 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php SetHandler phpcgi-script diff --git a/install/ubuntu/templates/web/apache2/phpcgi.tpl b/install/debian/7/templates/web/apache2/phpcgi.tpl old mode 100755 new mode 100644 similarity index 79% rename from install/ubuntu/templates/web/apache2/phpcgi.tpl rename to install/debian/7/templates/web/apache2/phpcgi.tpl index 21be2cdd7..8978bd127 --- a/install/ubuntu/templates/web/apache2/phpcgi.tpl +++ b/install/debian/7/templates/web/apache2/phpcgi.tpl @@ -14,6 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php SetHandler phpcgi-script diff --git a/install/debian/templates/web/apache2/phpfcgid.sh b/install/debian/7/templates/web/apache2/phpfcgid.sh similarity index 100% rename from install/debian/templates/web/apache2/phpfcgid.sh rename to install/debian/7/templates/web/apache2/phpfcgid.sh diff --git a/install/debian/templates/web/apache2/phpfcgid.stpl b/install/debian/7/templates/web/apache2/phpfcgid.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/debian/templates/web/apache2/phpfcgid.stpl rename to install/debian/7/templates/web/apache2/phpfcgid.stpl index 20a580093..7c49603d5 --- a/install/debian/templates/web/apache2/phpfcgid.stpl +++ b/install/debian/7/templates/web/apache2/phpfcgid.stpl @@ -15,6 +15,10 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp SetHandler fcgid-script diff --git a/install/ubuntu/templates/web/apache2/phpfcgid.tpl b/install/debian/7/templates/web/apache2/phpfcgid.tpl old mode 100755 new mode 100644 similarity index 80% rename from install/ubuntu/templates/web/apache2/phpfcgid.tpl rename to install/debian/7/templates/web/apache2/phpfcgid.tpl index 72e7d8d44..661f66bd3 --- a/install/ubuntu/templates/web/apache2/phpfcgid.tpl +++ b/install/debian/7/templates/web/apache2/phpfcgid.tpl @@ -14,6 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp SetHandler fcgid-script diff --git a/install/debian/templates/web/awstats/awstats.tpl b/install/debian/7/templates/web/awstats/awstats.tpl similarity index 100% rename from install/debian/templates/web/awstats/awstats.tpl rename to install/debian/7/templates/web/awstats/awstats.tpl diff --git a/install/debian/templates/web/awstats/index.tpl b/install/debian/7/templates/web/awstats/index.tpl similarity index 100% rename from install/debian/templates/web/awstats/index.tpl rename to install/debian/7/templates/web/awstats/index.tpl diff --git a/install/debian/templates/web/awstats/nav.tpl b/install/debian/7/templates/web/awstats/nav.tpl similarity index 100% rename from install/debian/templates/web/awstats/nav.tpl rename to install/debian/7/templates/web/awstats/nav.tpl diff --git a/install/debian/7/templates/web/nginx/caching.stpl b/install/debian/7/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/debian/7/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/templates/web/nginx/caching.tpl b/install/debian/7/templates/web/nginx/caching.tpl similarity index 100% rename from install/debian/templates/web/nginx/caching.tpl rename to install/debian/7/templates/web/nginx/caching.tpl diff --git a/install/debian/templates/web/nginx/default.stpl b/install/debian/7/templates/web/nginx/default.stpl similarity index 94% rename from install/debian/templates/web/nginx/default.stpl rename to install/debian/7/templates/web/nginx/default.stpl index fa5380606..0e669b3dc 100755 --- a/install/debian/templates/web/nginx/default.stpl +++ b/install/debian/7/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; diff --git a/install/debian/templates/web/nginx/default.tpl b/install/debian/7/templates/web/nginx/default.tpl similarity index 100% rename from install/debian/templates/web/nginx/default.tpl rename to install/debian/7/templates/web/nginx/default.tpl diff --git a/install/debian/templates/web/nginx/hosting.sh b/install/debian/7/templates/web/nginx/hosting.sh similarity index 100% rename from install/debian/templates/web/nginx/hosting.sh rename to install/debian/7/templates/web/nginx/hosting.sh diff --git a/install/debian/7/templates/web/nginx/hosting.stpl b/install/debian/7/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/debian/7/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/debian/templates/web/nginx/hosting.tpl b/install/debian/7/templates/web/nginx/hosting.tpl similarity index 100% rename from install/debian/templates/web/nginx/hosting.tpl rename to install/debian/7/templates/web/nginx/hosting.tpl diff --git a/install/debian/7/templates/web/nginx/http2.stpl b/install/debian/7/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/debian/7/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/templates/web/nginx/default.tpl b/install/debian/7/templates/web/nginx/http2.tpl old mode 100755 new mode 100644 similarity index 100% rename from install/ubuntu/templates/web/nginx/default.tpl rename to install/debian/7/templates/web/nginx/http2.tpl diff --git a/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/default.stpl b/install/debian/7/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/default.tpl b/install/debian/7/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/joomla.stpl b/install/debian/7/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/joomla.tpl b/install/debian/7/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/laravel.stpl b/install/debian/7/templates/web/nginx/php5-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/laravel.tpl b/install/debian/7/templates/web/nginx/php5-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/magento.stpl b/install/debian/7/templates/web/nginx/php5-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/magento.tpl b/install/debian/7/templates/web/nginx/php5-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/modx.stpl b/install/debian/7/templates/web/nginx/php5-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/modx.tpl b/install/debian/7/templates/web/nginx/php5-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/moodle.stpl b/install/debian/7/templates/web/nginx/php5-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/moodle.tpl b/install/debian/7/templates/web/nginx/php5-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/no-php.stpl b/install/debian/7/templates/web/nginx/php5-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/no-php.tpl b/install/debian/7/templates/web/nginx/php5-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/odoo.stpl b/install/debian/7/templates/web/nginx/php5-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/odoo.tpl b/install/debian/7/templates/web/nginx/php5-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/opencart.stpl b/install/debian/7/templates/web/nginx/php5-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/opencart.tpl b/install/debian/7/templates/web/nginx/php5-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/owncloud.stpl b/install/debian/7/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/owncloud.tpl b/install/debian/7/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/piwik.stpl b/install/debian/7/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/piwik.tpl b/install/debian/7/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl b/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/sendy.tpl b/install/debian/7/templates/web/nginx/php5-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress.tpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.tpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/templates/web/nginx/proxy_ip.tpl b/install/debian/7/templates/web/nginx/proxy_ip.tpl similarity index 100% rename from install/debian/templates/web/nginx/proxy_ip.tpl rename to install/debian/7/templates/web/nginx/proxy_ip.tpl diff --git a/install/debian/7/templates/web/php5-fpm/default.tpl b/install/debian/7/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/debian/7/templates/web/php5-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/debian/7/templates/web/php5-fpm/no-php.tpl b/install/debian/7/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/debian/7/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/debian/7/templates/web/php5-fpm/socket.tpl b/install/debian/7/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/debian/7/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/debian/7/templates/web/skel/document_errors/403.html b/install/debian/7/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/debian/7/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/debian/7/templates/web/skel/document_errors/404.html b/install/debian/7/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/debian/7/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/debian/7/templates/web/skel/document_errors/50x.html b/install/debian/7/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/debian/7/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/debian/templates/web/skel/public_html/index.html b/install/debian/7/templates/web/skel/public_html/index.html similarity index 93% rename from install/debian/templates/web/skel/public_html/index.html rename to install/debian/7/templates/web/skel/public_html/index.html index 4f5bb7244..1144ade96 100755 --- a/install/debian/templates/web/skel/public_html/index.html +++ b/install/debian/7/templates/web/skel/public_html/index.html @@ -18,7 +18,7 @@

%domain%

diff --git a/install/debian/templates/web/skel/public_html/robots.txt b/install/debian/7/templates/web/skel/public_html/robots.txt similarity index 100% rename from install/debian/templates/web/skel/public_html/robots.txt rename to install/debian/7/templates/web/skel/public_html/robots.txt diff --git a/install/debian/templates/web/skel/public_shtml/index.html b/install/debian/7/templates/web/skel/public_shtml/index.html similarity index 93% rename from install/debian/templates/web/skel/public_shtml/index.html rename to install/debian/7/templates/web/skel/public_shtml/index.html index 4f5bb7244..1144ade96 100755 --- a/install/debian/templates/web/skel/public_shtml/index.html +++ b/install/debian/7/templates/web/skel/public_shtml/index.html @@ -18,7 +18,7 @@

%domain%

diff --git a/install/debian/templates/web/skel/public_shtml/robots.txt b/install/debian/7/templates/web/skel/public_shtml/robots.txt similarity index 100% rename from install/debian/templates/web/skel/public_shtml/robots.txt rename to install/debian/7/templates/web/skel/public_shtml/robots.txt diff --git a/install/debian/templates/web/suspend/.htaccess b/install/debian/7/templates/web/suspend/.htaccess similarity index 100% rename from install/debian/templates/web/suspend/.htaccess rename to install/debian/7/templates/web/suspend/.htaccess diff --git a/install/debian/templates/web/suspend/index.html b/install/debian/7/templates/web/suspend/index.html similarity index 100% rename from install/debian/templates/web/suspend/index.html rename to install/debian/7/templates/web/suspend/index.html diff --git a/install/debian/templates/web/webalizer/webalizer.tpl b/install/debian/7/templates/web/webalizer/webalizer.tpl similarity index 100% rename from install/debian/templates/web/webalizer/webalizer.tpl rename to install/debian/7/templates/web/webalizer/webalizer.tpl diff --git a/install/debian/vsftpd.conf b/install/debian/7/vsftpd/vsftpd.conf similarity index 90% rename from install/debian/vsftpd.conf rename to install/debian/7/vsftpd/vsftpd.conf index 0902899e7..1ca1a9923 100644 --- a/install/debian/vsftpd.conf +++ b/install/debian/7/vsftpd/vsftpd.conf @@ -1,7 +1,8 @@ anonymous_enable=NO local_enable=YES write_enable=YES -local_umask=002 +local_umask=022 +anon_umask=022 anon_upload_enable=NO dirmessage_enable=YES xferlog_enable=YES @@ -22,3 +23,4 @@ seccomp_sandbox=NO pasv_enable=YES pasv_max_port=12100 pasv_min_port=12000 +use_localtime=YES diff --git a/install/ubuntu/apache2.conf b/install/debian/8/apache2/apache2.conf similarity index 89% rename from install/ubuntu/apache2.conf rename to install/debian/8/apache2/apache2.conf index 140acee09..2756132ae 100644 --- a/install/ubuntu/apache2.conf +++ b/install/debian/8/apache2/apache2.conf @@ -11,7 +11,6 @@ # | `-- * # Global configuration -LockFile ${APACHE_LOCK_DIR}/accept.lock PidFile ${APACHE_PID_FILE} Timeout 30 KeepAlive Off @@ -85,3 +84,11 @@ Include conf.d/ # Include the virtual host configurations: #Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/apache2-status.conf b/install/debian/8/apache2/status.conf similarity index 100% rename from install/ubuntu/apache2-status.conf rename to install/debian/8/apache2/status.conf diff --git a/install/ubuntu/named.conf b/install/debian/8/bind/named.conf similarity index 100% rename from install/ubuntu/named.conf rename to install/debian/8/bind/named.conf diff --git a/install/debian/8/clamav/clamd.conf b/install/debian/8/clamav/clamd.conf new file mode 100644 index 000000000..4e04356ea --- /dev/null +++ b/install/debian/8/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +# AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/debian/8/deb_signing.key b/install/debian/8/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/debian/8/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/rhel/dovecot/conf.d/10-auth.conf b/install/debian/8/dovecot/conf.d/10-auth.conf similarity index 100% rename from install/rhel/dovecot/conf.d/10-auth.conf rename to install/debian/8/dovecot/conf.d/10-auth.conf diff --git a/install/rhel/dovecot/conf.d/10-logging.conf b/install/debian/8/dovecot/conf.d/10-logging.conf similarity index 100% rename from install/rhel/dovecot/conf.d/10-logging.conf rename to install/debian/8/dovecot/conf.d/10-logging.conf diff --git a/install/rhel/dovecot/conf.d/10-mail.conf b/install/debian/8/dovecot/conf.d/10-mail.conf similarity index 100% rename from install/rhel/dovecot/conf.d/10-mail.conf rename to install/debian/8/dovecot/conf.d/10-mail.conf diff --git a/install/rhel/dovecot/conf.d/10-master.conf b/install/debian/8/dovecot/conf.d/10-master.conf similarity index 100% rename from install/rhel/dovecot/conf.d/10-master.conf rename to install/debian/8/dovecot/conf.d/10-master.conf diff --git a/install/ubuntu/dovecot/conf.d/10-ssl.conf b/install/debian/8/dovecot/conf.d/10-ssl.conf similarity index 100% rename from install/ubuntu/dovecot/conf.d/10-ssl.conf rename to install/debian/8/dovecot/conf.d/10-ssl.conf diff --git a/install/ubuntu/dovecot/conf.d/20-imap.conf b/install/debian/8/dovecot/conf.d/20-imap.conf similarity index 100% rename from install/ubuntu/dovecot/conf.d/20-imap.conf rename to install/debian/8/dovecot/conf.d/20-imap.conf diff --git a/install/ubuntu/dovecot/conf.d/20-pop3.conf b/install/debian/8/dovecot/conf.d/20-pop3.conf similarity index 100% rename from install/ubuntu/dovecot/conf.d/20-pop3.conf rename to install/debian/8/dovecot/conf.d/20-pop3.conf diff --git a/install/ubuntu/dovecot/conf.d/auth-passwdfile.conf.ext b/install/debian/8/dovecot/conf.d/auth-passwdfile.conf.ext similarity index 100% rename from install/ubuntu/dovecot/conf.d/auth-passwdfile.conf.ext rename to install/debian/8/dovecot/conf.d/auth-passwdfile.conf.ext diff --git a/install/ubuntu/dovecot.conf b/install/debian/8/dovecot/dovecot.conf similarity index 100% rename from install/ubuntu/dovecot.conf rename to install/debian/8/dovecot/dovecot.conf diff --git a/install/rhel/dnsbl.conf b/install/debian/8/exim/dnsbl.conf similarity index 100% rename from install/rhel/dnsbl.conf rename to install/debian/8/exim/dnsbl.conf diff --git a/install/debian/exim4.conf.template b/install/debian/8/exim/exim4.conf.template similarity index 96% rename from install/debian/exim4.conf.template rename to install/debian/8/exim/exim4.conf.template index 742f0409e..bfb98e0b8 100644 --- a/install/debian/exim4.conf.template +++ b/install/debian/8/exim/exim4.conf.template @@ -8,6 +8,10 @@ #SPAM_SCORE = 50 #CLAMD = yes +disable_ipv6=true +add_environment=<; PATH=/bin:/usr/bin +keep_environment= + domainlist local_domains = dsearch;/etc/exim4/domains/ domainlist relay_to_domains = dsearch;/etc/exim4/domains/ hostlist relay_from_hosts = 127.0.0.1 @@ -227,7 +231,7 @@ procmail: autoreplay: driver = accept require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg - condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} retry_use_local_part transport = userautoreply unseen @@ -244,7 +248,7 @@ aliases: localuser_fwd_only: driver = accept transport = devnull - condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} localuser_spam: driver = accept @@ -347,7 +351,8 @@ userautoreply: driver = autoreply file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg from = "${local_part}@${domain}" - subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" to = "${sender_address}" devnull: diff --git a/install/rhel/spam-blocks.conf b/install/debian/8/exim/spam-blocks.conf similarity index 100% rename from install/rhel/spam-blocks.conf rename to install/debian/8/exim/spam-blocks.conf diff --git a/install/debian/8/fail2ban/action.d/vesta.conf b/install/debian/8/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/debian/8/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/debian/8/fail2ban/filter.d/vesta.conf b/install/debian/8/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/debian/8/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/debian/8/fail2ban/jail.local b/install/debian/8/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/debian/8/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/rhel/firewall/ports.conf b/install/debian/8/firewall/ports.conf similarity index 80% rename from install/rhel/firewall/ports.conf rename to install/debian/8/firewall/ports.conf index 8b371f2e5..b730d012c 100644 --- a/install/rhel/firewall/ports.conf +++ b/install/debian/8/firewall/ports.conf @@ -2,6 +2,7 @@ PROTOCOL='TCP' PORT='20' PROTOCOL='TCP' PORT='21' PROTOCOL='TCP' PORT='22' PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' PROTOCOL='UDP' PORT='53' PROTOCOL='TCP' PORT='80' PROTOCOL='TCP' PORT='443' @@ -11,5 +12,6 @@ PROTOCOL='TCP' PORT='143' PROTOCOL='TCP' PORT='3306' PROTOCOL='TCP' PORT='5432' PROTOCOL='TCP' PORT='8080' -PROTOCOL='TCP' PORT='8443' +PROTOCOL='TCP' PORT='8433' PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/rhel/firewall/rules.conf b/install/debian/8/firewall/rules.conf similarity index 63% rename from install/rhel/firewall/rules.conf rename to install/debian/8/firewall/rules.conf index cfa7d8680..fba98e1e4 100644 --- a/install/rhel/firewall/rules.conf +++ b/install/debian/8/firewall/rules.conf @@ -4,7 +4,8 @@ RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT= RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' -RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/apache2.log b/install/debian/8/logrotate/apache2 similarity index 100% rename from install/ubuntu/apache2.log rename to install/debian/8/logrotate/apache2 diff --git a/install/debian/8/logrotate/dovecot b/install/debian/8/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/debian/8/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/debian/8/logrotate/nginx b/install/debian/8/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/debian/8/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/vesta.log b/install/debian/8/logrotate/vesta similarity index 100% rename from install/rhel/vesta.log rename to install/debian/8/logrotate/vesta diff --git a/install/debian/8/mysql/my-large.cnf b/install/debian/8/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/debian/8/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/my.cnf b/install/debian/8/mysql/my-medium.cnf similarity index 59% rename from install/debian/my.cnf rename to install/debian/8/mysql/my-medium.cnf index 1b5ff1d24..1c10ab9a6 100644 --- a/install/debian/my.cnf +++ b/install/debian/8/mysql/my-medium.cnf @@ -15,11 +15,26 @@ datadir=/var/lib/mysql tmpdir=/tmp lc-messages-dir=/usr/share/mysql log_error=/var/log/mysql/error.log -max_connections=200 -max_user_connections=30 -wait_timeout=30 -interactive_timeout=50 -long_query_time=5 + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 innodb_file_per_table +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + !includedir /etc/mysql/conf.d/ diff --git a/install/debian/8/mysql/my-small.cnf b/install/debian/8/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/debian/8/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/8/nginx/nginx.conf b/install/debian/8/nginx/nginx.conf new file mode 100644 index 000000000..e8967d8e8 --- /dev/null +++ b/install/debian/8/nginx/nginx.conf @@ -0,0 +1,138 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +timer_resolution 50ms; #In order to free some CPU cycles +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 2400:cb00::/32; + set_real_ip_from 2606:4700::/32; + set_real_ip_from 2803:f800::/32; + set_real_ip_from 2405:b500::/32; + set_real_ip_from 2405:8100::/32; + set_real_ip_from 2c0f:f248::/32; + set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/debian/8/nginx/phpmyadmin.inc b/install/debian/8/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/debian/8/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/debian/8/nginx/phppgadmin.inc b/install/debian/8/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/debian/8/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/nginx-status.conf b/install/debian/8/nginx/status.conf similarity index 100% rename from install/rhel/nginx-status.conf rename to install/debian/8/nginx/status.conf diff --git a/install/debian/8/nginx/webmail.inc b/install/debian/8/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/debian/8/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/packages/default.pkg b/install/debian/8/packages/default.pkg similarity index 73% rename from install/ubuntu/packages/default.pkg rename to install/debian/8/packages/default.pkg index 29585bacb..c2a935743 100644 --- a/install/ubuntu/packages/default.pkg +++ b/install/debian/8/packages/default.pkg @@ -9,10 +9,10 @@ MAIL_DOMAINS='100' MAIL_ACCOUNTS='100' DATABASES='100' CRON_JOBS='100' -DISK_QUOTA='10000' +DISK_QUOTA='unlimited' BANDWIDTH='100000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='3' -TIME='11:46:50' -DATE='2012-09-26' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/debian/packages/gainsboro.pkg b/install/debian/8/packages/gainsboro.pkg similarity index 78% rename from install/debian/packages/gainsboro.pkg rename to install/debian/8/packages/gainsboro.pkg index c3df50258..76d7dae2a 100644 --- a/install/debian/packages/gainsboro.pkg +++ b/install/debian/8/packages/gainsboro.pkg @@ -11,8 +11,8 @@ DATABASES='10' CRON_JOBS='10' DISK_QUOTA='10000' BANDWIDTH='10000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='1' -TIME='11:31:30' -DATE='2012-07-26' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/debian/packages/palegreen.pkg b/install/debian/8/packages/palegreen.pkg similarity index 78% rename from install/debian/packages/palegreen.pkg rename to install/debian/8/packages/palegreen.pkg index d08930f7b..3db5fe57e 100644 --- a/install/debian/packages/palegreen.pkg +++ b/install/debian/8/packages/palegreen.pkg @@ -11,8 +11,8 @@ DATABASES='50' CRON_JOBS='50' DISK_QUOTA='50000' BANDWIDTH='50000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='5' -TIME='07:49:47' -DATE='2013-06-10' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/packages/slategrey.pkg b/install/debian/8/packages/slategrey.pkg similarity index 78% rename from install/rhel/packages/slategrey.pkg rename to install/debian/8/packages/slategrey.pkg index 15a17dcd3..d89e796fd 100644 --- a/install/rhel/packages/slategrey.pkg +++ b/install/debian/8/packages/slategrey.pkg @@ -11,8 +11,8 @@ DATABASES='100' CRON_JOBS='100' DISK_QUOTA='10000' BANDWIDTH='100000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='3' -TIME='12:39:13' -DATE='2012-09-20' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/pga.conf b/install/debian/8/pga/config.inc.php similarity index 100% rename from install/rhel/pga.conf rename to install/debian/8/pga/config.inc.php diff --git a/install/ubuntu/apache2-pga.conf b/install/debian/8/pga/phppgadmin.conf similarity index 100% rename from install/ubuntu/apache2-pga.conf rename to install/debian/8/pga/phppgadmin.conf diff --git a/install/debian/8/php5-fpm/www.conf b/install/debian/8/php5-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/debian/8/php5-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/debian/apache2-pma.conf b/install/debian/8/pma/apache.conf similarity index 95% rename from install/debian/apache2-pma.conf rename to install/debian/8/pma/apache.conf index 2a8f69e25..ce2a9fe2b 100644 --- a/install/debian/apache2-pma.conf +++ b/install/debian/8/pma/apache.conf @@ -15,6 +15,7 @@ Alias /phpmyadmin /usr/share/phpmyadmin php_admin_flag allow_url_fopen Off php_value include_path . php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext diff --git a/install/debian/8/pma/config.inc.php b/install/debian/8/pma/config.inc.php new file mode 100644 index 000000000..a38036974 --- /dev/null +++ b/install/debian/8/pma/config.inc.php @@ -0,0 +1,153 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/apache2-webmail.conf b/install/debian/8/roundcube/apache.conf similarity index 100% rename from install/ubuntu/apache2-webmail.conf rename to install/debian/8/roundcube/apache.conf diff --git a/install/rhel/roundcube-pw.conf b/install/debian/8/roundcube/config.inc.php similarity index 100% rename from install/rhel/roundcube-pw.conf rename to install/debian/8/roundcube/config.inc.php diff --git a/install/rhel/roundcube-db.conf b/install/debian/8/roundcube/db.inc.php similarity index 100% rename from install/rhel/roundcube-db.conf rename to install/debian/8/roundcube/db.inc.php diff --git a/install/ubuntu/roundcube-main.conf b/install/debian/8/roundcube/main.inc.php similarity index 99% rename from install/ubuntu/roundcube-main.conf rename to install/debian/8/roundcube/main.inc.php index a6e1fc2ee..97cdbf2df 100644 --- a/install/ubuntu/roundcube-main.conf +++ b/install/debian/8/roundcube/main.inc.php @@ -175,6 +175,8 @@ $rcmail_config['smtp_timeout'] = 0; // ---------------------------------- // SYSTEM // ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + // THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. // ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! @@ -437,6 +439,7 @@ $rcmail_config['trash_mbox'] = 'Trash'; // these folders will also be displayed with localized names // NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) $rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); // automatically create the above listed default folders on first login $rcmail_config['create_default_folders'] = true; diff --git a/install/debian/8/roundcube/roundcube-tinymce.tar.gz b/install/debian/8/roundcube/roundcube-tinymce.tar.gz new file mode 100644 index 000000000..9b413dd8f Binary files /dev/null and b/install/debian/8/roundcube/roundcube-tinymce.tar.gz differ diff --git a/install/debian/8/roundcube/vesta.php b/install/debian/8/roundcube/vesta.php new file mode 100644 index 000000000..b3dd167fd --- /dev/null +++ b/install/debian/8/roundcube/vesta.php @@ -0,0 +1,73 @@ + + */ +class rcube_vesta_password { + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} diff --git a/install/debian/8/sudo/admin b/install/debian/8/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/debian/8/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/debian/8/templates/dns/child-ns.tpl b/install/debian/8/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/debian/8/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/8/templates/dns/default.tpl b/install/debian/8/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/debian/8/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/8/templates/dns/gmail.tpl b/install/debian/8/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/debian/8/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/8/templates/web/apache2/basedir.stpl b/install/debian/8/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..37c4a4b39 --- /dev/null +++ b/install/debian/8/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/basedir.tpl b/install/debian/8/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/debian/8/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/default.stpl b/install/debian/8/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/debian/8/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/default.tpl b/install/debian/8/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/debian/8/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/hosting.stpl b/install/debian/8/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..dee0eda9c --- /dev/null +++ b/install/debian/8/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/hosting.tpl b/install/debian/8/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/debian/8/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/templates/web/httpd/phpcgi.sh b/install/debian/8/templates/web/apache2/phpcgi.sh similarity index 100% rename from install/rhel/templates/web/httpd/phpcgi.sh rename to install/debian/8/templates/web/apache2/phpcgi.sh diff --git a/install/debian/8/templates/web/apache2/phpcgi.stpl b/install/debian/8/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..6cd15df00 --- /dev/null +++ b/install/debian/8/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/phpcgi.tpl b/install/debian/8/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/debian/8/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/templates/web/httpd/phpfcgid.sh b/install/debian/8/templates/web/apache2/phpfcgid.sh similarity index 100% rename from install/rhel/templates/web/httpd/phpfcgid.sh rename to install/debian/8/templates/web/apache2/phpfcgid.sh diff --git a/install/debian/8/templates/web/apache2/phpfcgid.stpl b/install/debian/8/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..9c0ca5027 --- /dev/null +++ b/install/debian/8/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/phpfcgid.tpl b/install/debian/8/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/debian/8/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/templates/web/awstats/awstats.tpl b/install/debian/8/templates/web/awstats/awstats.tpl similarity index 100% rename from install/rhel/templates/web/awstats/awstats.tpl rename to install/debian/8/templates/web/awstats/awstats.tpl diff --git a/install/rhel/templates/web/awstats/index.tpl b/install/debian/8/templates/web/awstats/index.tpl similarity index 100% rename from install/rhel/templates/web/awstats/index.tpl rename to install/debian/8/templates/web/awstats/index.tpl diff --git a/install/rhel/templates/web/awstats/nav.tpl b/install/debian/8/templates/web/awstats/nav.tpl similarity index 100% rename from install/rhel/templates/web/awstats/nav.tpl rename to install/debian/8/templates/web/awstats/nav.tpl diff --git a/install/debian/8/templates/web/nginx/caching.sh b/install/debian/8/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/debian/8/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/debian/8/templates/web/nginx/caching.stpl b/install/debian/8/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..3c56004d3 --- /dev/null +++ b/install/debian/8/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/templates/web/nginx/caching.tpl b/install/debian/8/templates/web/nginx/caching.tpl similarity index 100% rename from install/rhel/templates/web/nginx/caching.tpl rename to install/debian/8/templates/web/nginx/caching.tpl diff --git a/install/ubuntu/templates/web/nginx/default.stpl b/install/debian/8/templates/web/nginx/default.stpl similarity index 94% rename from install/ubuntu/templates/web/nginx/default.stpl rename to install/debian/8/templates/web/nginx/default.stpl index fa5380606..0e669b3dc 100755 --- a/install/ubuntu/templates/web/nginx/default.stpl +++ b/install/debian/8/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; diff --git a/install/debian/8/templates/web/nginx/default.tpl b/install/debian/8/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/debian/8/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/templates/web/nginx/hosting.sh b/install/debian/8/templates/web/nginx/hosting.sh similarity index 100% rename from install/rhel/templates/web/nginx/hosting.sh rename to install/debian/8/templates/web/nginx/hosting.sh diff --git a/install/debian/8/templates/web/nginx/hosting.stpl b/install/debian/8/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/debian/8/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/templates/web/nginx/hosting.tpl b/install/debian/8/templates/web/nginx/hosting.tpl similarity index 100% rename from install/ubuntu/templates/web/nginx/hosting.tpl rename to install/debian/8/templates/web/nginx/hosting.tpl diff --git a/install/debian/8/templates/web/nginx/http2.stpl b/install/debian/8/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/debian/8/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/debian/8/templates/web/nginx/http2.tpl b/install/debian/8/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/debian/8/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/default.stpl b/install/debian/8/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/default.tpl b/install/debian/8/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/joomla.stpl b/install/debian/8/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/joomla.tpl b/install/debian/8/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/laravel.stpl b/install/debian/8/templates/web/nginx/php5-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/laravel.tpl b/install/debian/8/templates/web/nginx/php5-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/magento.stpl b/install/debian/8/templates/web/nginx/php5-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/magento.tpl b/install/debian/8/templates/web/nginx/php5-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/modx.stpl b/install/debian/8/templates/web/nginx/php5-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/modx.tpl b/install/debian/8/templates/web/nginx/php5-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/moodle.stpl b/install/debian/8/templates/web/nginx/php5-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/moodle.tpl b/install/debian/8/templates/web/nginx/php5-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/no-php.stpl b/install/debian/8/templates/web/nginx/php5-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/no-php.tpl b/install/debian/8/templates/web/nginx/php5-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/odoo.stpl b/install/debian/8/templates/web/nginx/php5-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/odoo.tpl b/install/debian/8/templates/web/nginx/php5-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/opencart.stpl b/install/debian/8/templates/web/nginx/php5-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/opencart.tpl b/install/debian/8/templates/web/nginx/php5-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/owncloud.stpl b/install/debian/8/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/owncloud.tpl b/install/debian/8/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/piwik.stpl b/install/debian/8/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/piwik.tpl b/install/debian/8/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl b/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/sendy.tpl b/install/debian/8/templates/web/nginx/php5-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress.tpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.tpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/templates/web/nginx/proxy_ip.tpl b/install/debian/8/templates/web/nginx/proxy_ip.tpl similarity index 100% rename from install/rhel/templates/web/nginx/proxy_ip.tpl rename to install/debian/8/templates/web/nginx/proxy_ip.tpl diff --git a/install/debian/8/templates/web/php5-fpm/default.tpl b/install/debian/8/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/debian/8/templates/web/php5-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/debian/8/templates/web/php5-fpm/no-php.tpl b/install/debian/8/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/debian/8/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/debian/8/templates/web/php5-fpm/socket.tpl b/install/debian/8/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/debian/8/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/debian/8/templates/web/skel/document_errors/403.html b/install/debian/8/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/debian/8/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/debian/8/templates/web/skel/document_errors/404.html b/install/debian/8/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/debian/8/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/debian/8/templates/web/skel/document_errors/50x.html b/install/debian/8/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/debian/8/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/rhel/templates/web/skel/public_html/index.html b/install/debian/8/templates/web/skel/public_html/index.html similarity index 93% rename from install/rhel/templates/web/skel/public_html/index.html rename to install/debian/8/templates/web/skel/public_html/index.html index 4f5bb7244..1144ade96 100755 --- a/install/rhel/templates/web/skel/public_html/index.html +++ b/install/debian/8/templates/web/skel/public_html/index.html @@ -18,7 +18,7 @@

%domain%

diff --git a/install/rhel/templates/web/skel/public_html/robots.txt b/install/debian/8/templates/web/skel/public_html/robots.txt similarity index 100% rename from install/rhel/templates/web/skel/public_html/robots.txt rename to install/debian/8/templates/web/skel/public_html/robots.txt diff --git a/install/rhel/templates/web/skel/public_shtml/index.html b/install/debian/8/templates/web/skel/public_shtml/index.html similarity index 93% rename from install/rhel/templates/web/skel/public_shtml/index.html rename to install/debian/8/templates/web/skel/public_shtml/index.html index 4f5bb7244..1144ade96 100755 --- a/install/rhel/templates/web/skel/public_shtml/index.html +++ b/install/debian/8/templates/web/skel/public_shtml/index.html @@ -18,7 +18,7 @@

%domain%

diff --git a/install/rhel/templates/web/skel/public_shtml/robots.txt b/install/debian/8/templates/web/skel/public_shtml/robots.txt similarity index 100% rename from install/rhel/templates/web/skel/public_shtml/robots.txt rename to install/debian/8/templates/web/skel/public_shtml/robots.txt diff --git a/install/rhel/templates/web/suspend/.htaccess b/install/debian/8/templates/web/suspend/.htaccess similarity index 100% rename from install/rhel/templates/web/suspend/.htaccess rename to install/debian/8/templates/web/suspend/.htaccess diff --git a/install/rhel/templates/web/suspend/index.html b/install/debian/8/templates/web/suspend/index.html similarity index 100% rename from install/rhel/templates/web/suspend/index.html rename to install/debian/8/templates/web/suspend/index.html diff --git a/install/rhel/templates/web/webalizer/webalizer.tpl b/install/debian/8/templates/web/webalizer/webalizer.tpl similarity index 100% rename from install/rhel/templates/web/webalizer/webalizer.tpl rename to install/debian/8/templates/web/webalizer/webalizer.tpl diff --git a/install/ubuntu/vsftpd.conf b/install/debian/8/vsftpd/vsftpd.conf similarity index 90% rename from install/ubuntu/vsftpd.conf rename to install/debian/8/vsftpd/vsftpd.conf index 9c3c2742f..1ca1a9923 100644 --- a/install/ubuntu/vsftpd.conf +++ b/install/debian/8/vsftpd/vsftpd.conf @@ -1,13 +1,14 @@ anonymous_enable=NO local_enable=YES write_enable=YES -local_umask=002 +local_umask=022 +anon_umask=022 anon_upload_enable=NO dirmessage_enable=YES xferlog_enable=YES -dual_log_enable=YES connect_from_port_20=YES xferlog_std_format=YES +dual_log_enable=YES chroot_local_user=YES listen=YES pam_service_name=vsftpd @@ -22,3 +23,4 @@ seccomp_sandbox=NO pasv_enable=YES pasv_max_port=12100 pasv_min_port=12000 +use_localtime=YES diff --git a/install/debian/9/apache2/apache2.conf b/install/debian/9/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/debian/9/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/debian/9/apache2/status.conf b/install/debian/9/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/debian/9/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/debian/9/bind/named.conf b/install/debian/9/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/debian/9/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/debian/9/clamav/clamd.conf b/install/debian/9/clamav/clamd.conf new file mode 100644 index 000000000..4e04356ea --- /dev/null +++ b/install/debian/9/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +# AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/debian/9/deb_signing.key b/install/debian/9/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/debian/9/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/dovecot/conf.d/10-auth.conf b/install/debian/9/dovecot/conf.d/10-auth.conf similarity index 100% rename from install/ubuntu/dovecot/conf.d/10-auth.conf rename to install/debian/9/dovecot/conf.d/10-auth.conf diff --git a/install/ubuntu/dovecot/conf.d/10-logging.conf b/install/debian/9/dovecot/conf.d/10-logging.conf similarity index 100% rename from install/ubuntu/dovecot/conf.d/10-logging.conf rename to install/debian/9/dovecot/conf.d/10-logging.conf diff --git a/install/ubuntu/dovecot/conf.d/10-mail.conf b/install/debian/9/dovecot/conf.d/10-mail.conf similarity index 100% rename from install/ubuntu/dovecot/conf.d/10-mail.conf rename to install/debian/9/dovecot/conf.d/10-mail.conf diff --git a/install/ubuntu/dovecot/conf.d/10-master.conf b/install/debian/9/dovecot/conf.d/10-master.conf similarity index 100% rename from install/ubuntu/dovecot/conf.d/10-master.conf rename to install/debian/9/dovecot/conf.d/10-master.conf diff --git a/install/debian/9/dovecot/conf.d/10-ssl.conf b/install/debian/9/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/debian/9/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/debian/9/dovecot/conf.d/auth-passwdfile.conf.ext b/install/debian/9/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/debian/9/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/debian/9/dovecot/dovecot.conf b/install/debian/9/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/debian/9/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/dnsbl.conf b/install/debian/9/exim/dnsbl.conf similarity index 100% rename from install/ubuntu/dnsbl.conf rename to install/debian/9/exim/dnsbl.conf diff --git a/install/debian/9/exim/exim4.conf.template b/install/debian/9/exim/exim4.conf.template new file mode 100644 index 000000000..6c00ef05d --- /dev/null +++ b/install/debian/9/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +disable_ipv6=true +add_environment=<; PATH=/bin:/usr/bin +keep_environment= + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = */defer_ok + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/spam-blocks.conf b/install/debian/9/exim/spam-blocks.conf similarity index 100% rename from install/ubuntu/spam-blocks.conf rename to install/debian/9/exim/spam-blocks.conf diff --git a/install/debian/9/fail2ban/action.d/vesta.conf b/install/debian/9/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/debian/9/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/debian/9/fail2ban/filter.d/vesta.conf b/install/debian/9/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/debian/9/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/debian/9/fail2ban/jail.local b/install/debian/9/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/debian/9/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/ubuntu/firewall/ports.conf b/install/debian/9/firewall/ports.conf similarity index 80% rename from install/ubuntu/firewall/ports.conf rename to install/debian/9/firewall/ports.conf index 8b371f2e5..b730d012c 100644 --- a/install/ubuntu/firewall/ports.conf +++ b/install/debian/9/firewall/ports.conf @@ -2,6 +2,7 @@ PROTOCOL='TCP' PORT='20' PROTOCOL='TCP' PORT='21' PROTOCOL='TCP' PORT='22' PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' PROTOCOL='UDP' PORT='53' PROTOCOL='TCP' PORT='80' PROTOCOL='TCP' PORT='443' @@ -11,5 +12,6 @@ PROTOCOL='TCP' PORT='143' PROTOCOL='TCP' PORT='3306' PROTOCOL='TCP' PORT='5432' PROTOCOL='TCP' PORT='8080' -PROTOCOL='TCP' PORT='8443' +PROTOCOL='TCP' PORT='8433' PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/firewall/rules.conf b/install/debian/9/firewall/rules.conf similarity index 63% rename from install/ubuntu/firewall/rules.conf rename to install/debian/9/firewall/rules.conf index cfa7d8680..fba98e1e4 100644 --- a/install/ubuntu/firewall/rules.conf +++ b/install/debian/9/firewall/rules.conf @@ -4,7 +4,8 @@ RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT= RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' -RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/debian/9/logrotate/apache2 b/install/debian/9/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/debian/9/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/debian/9/logrotate/dovecot b/install/debian/9/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/debian/9/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/debian/9/logrotate/nginx b/install/debian/9/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/debian/9/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/vesta.log b/install/debian/9/logrotate/vesta similarity index 100% rename from install/ubuntu/vesta.log rename to install/debian/9/logrotate/vesta diff --git a/install/debian/9/mysql/my-large.cnf b/install/debian/9/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/debian/9/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/9/mysql/my-medium.cnf b/install/debian/9/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/debian/9/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/9/mysql/my-small.cnf b/install/debian/9/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/debian/9/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/9/nginx/nginx.conf b/install/debian/9/nginx/nginx.conf new file mode 100644 index 000000000..3c664e08f --- /dev/null +++ b/install/debian/9/nginx/nginx.conf @@ -0,0 +1,140 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +timer_resolution 50ms; #In order to free some CPU cycles +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/13; + set_real_ip_from 104.24.0.0/14; + #set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 2400:cb00::/32; + set_real_ip_from 2606:4700::/32; + set_real_ip_from 2803:f800::/32; + set_real_ip_from 2405:b500::/32; + set_real_ip_from 2405:8100::/32; + set_real_ip_from 2c0f:f248::/32; + set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:20m; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/debian/9/nginx/phpmyadmin.inc b/install/debian/9/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/debian/9/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/debian/9/nginx/phppgadmin.inc b/install/debian/9/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/debian/9/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/nginx-status.conf b/install/debian/9/nginx/status.conf similarity index 100% rename from install/ubuntu/nginx-status.conf rename to install/debian/9/nginx/status.conf diff --git a/install/debian/9/nginx/webmail.inc b/install/debian/9/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/debian/9/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/9/packages/default.pkg b/install/debian/9/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/debian/9/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/packages/gainsboro.pkg b/install/debian/9/packages/gainsboro.pkg similarity index 78% rename from install/ubuntu/packages/gainsboro.pkg rename to install/debian/9/packages/gainsboro.pkg index c3df50258..76d7dae2a 100644 --- a/install/ubuntu/packages/gainsboro.pkg +++ b/install/debian/9/packages/gainsboro.pkg @@ -11,8 +11,8 @@ DATABASES='10' CRON_JOBS='10' DISK_QUOTA='10000' BANDWIDTH='10000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='1' -TIME='11:31:30' -DATE='2012-07-26' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/packages/palegreen.pkg b/install/debian/9/packages/palegreen.pkg similarity index 78% rename from install/rhel/packages/palegreen.pkg rename to install/debian/9/packages/palegreen.pkg index d08930f7b..3db5fe57e 100644 --- a/install/rhel/packages/palegreen.pkg +++ b/install/debian/9/packages/palegreen.pkg @@ -11,8 +11,8 @@ DATABASES='50' CRON_JOBS='50' DISK_QUOTA='50000' BANDWIDTH='50000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='5' -TIME='07:49:47' -DATE='2013-06-10' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/debian/packages/slategrey.pkg b/install/debian/9/packages/slategrey.pkg similarity index 78% rename from install/debian/packages/slategrey.pkg rename to install/debian/9/packages/slategrey.pkg index 15a17dcd3..d89e796fd 100644 --- a/install/debian/packages/slategrey.pkg +++ b/install/debian/9/packages/slategrey.pkg @@ -11,8 +11,8 @@ DATABASES='100' CRON_JOBS='100' DISK_QUOTA='10000' BANDWIDTH='100000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='3' -TIME='12:39:13' -DATE='2012-09-20' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/pga.conf b/install/debian/9/pga/config.inc.php similarity index 100% rename from install/ubuntu/pga.conf rename to install/debian/9/pga/config.inc.php diff --git a/install/debian/9/pga/phppgadmin.conf b/install/debian/9/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/debian/9/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/debian/9/php-fpm/www.conf b/install/debian/9/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/debian/9/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/debian/9/pma/apache.conf b/install/debian/9/pma/apache.conf new file mode 100644 index 000000000..ce2a9fe2b --- /dev/null +++ b/install/debian/9/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/debian/9/pma/config.inc.php b/install/debian/9/pma/config.inc.php new file mode 100644 index 000000000..a38036974 --- /dev/null +++ b/install/debian/9/pma/config.inc.php @@ -0,0 +1,153 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/debian/9/roundcube/apache.conf b/install/debian/9/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/debian/9/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/roundcube-pw.conf b/install/debian/9/roundcube/config.inc.php similarity index 100% rename from install/ubuntu/roundcube-pw.conf rename to install/debian/9/roundcube/config.inc.php diff --git a/install/ubuntu/roundcube-db.conf b/install/debian/9/roundcube/db.inc.php similarity index 100% rename from install/ubuntu/roundcube-db.conf rename to install/debian/9/roundcube/db.inc.php diff --git a/install/rhel/roundcube-main.conf b/install/debian/9/roundcube/main.inc.php similarity index 99% rename from install/rhel/roundcube-main.conf rename to install/debian/9/roundcube/main.inc.php index 14122d5f1..97cdbf2df 100644 --- a/install/rhel/roundcube-main.conf +++ b/install/debian/9/roundcube/main.inc.php @@ -175,6 +175,8 @@ $rcmail_config['smtp_timeout'] = 0; // ---------------------------------- // SYSTEM // ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + // THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. // ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! @@ -437,9 +439,10 @@ $rcmail_config['trash_mbox'] = 'Trash'; // these folders will also be displayed with localized names // NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) $rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); // automatically create the above listed default folders on first login -$rcmail_config['create_default_folders'] = false; +$rcmail_config['create_default_folders'] = true; // protect the default folders from renames, deletes, and subscription changes $rcmail_config['protect_default_folders'] = true; diff --git a/install/debian/9/roundcube/vesta.php b/install/debian/9/roundcube/vesta.php new file mode 100644 index 000000000..b3dd167fd --- /dev/null +++ b/install/debian/9/roundcube/vesta.php @@ -0,0 +1,73 @@ + + */ +class rcube_vesta_password { + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} diff --git a/install/debian/9/sudo/admin b/install/debian/9/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/debian/9/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/debian/9/templates/dns/child-ns.tpl b/install/debian/9/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/debian/9/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/9/templates/dns/default.tpl b/install/debian/9/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/debian/9/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/9/templates/dns/gmail.tpl b/install/debian/9/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/debian/9/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/9/templates/web/apache2/basedir.stpl b/install/debian/9/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..37c4a4b39 --- /dev/null +++ b/install/debian/9/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/basedir.tpl b/install/debian/9/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/debian/9/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/default.stpl b/install/debian/9/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/debian/9/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/default.tpl b/install/debian/9/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/debian/9/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/hosting.stpl b/install/debian/9/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..dee0eda9c --- /dev/null +++ b/install/debian/9/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/hosting.tpl b/install/debian/9/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/debian/9/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/templates/web/apache2/phpcgi.sh b/install/debian/9/templates/web/apache2/phpcgi.sh similarity index 100% rename from install/ubuntu/templates/web/apache2/phpcgi.sh rename to install/debian/9/templates/web/apache2/phpcgi.sh diff --git a/install/debian/9/templates/web/apache2/phpcgi.stpl b/install/debian/9/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..6cd15df00 --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/phpcgi.tpl b/install/debian/9/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/templates/web/apache2/phpfcgid.sh b/install/debian/9/templates/web/apache2/phpfcgid.sh similarity index 100% rename from install/ubuntu/templates/web/apache2/phpfcgid.sh rename to install/debian/9/templates/web/apache2/phpfcgid.sh diff --git a/install/debian/9/templates/web/apache2/phpfcgid.stpl b/install/debian/9/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..9c0ca5027 --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/phpfcgid.tpl b/install/debian/9/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/templates/web/awstats/awstats.tpl b/install/debian/9/templates/web/awstats/awstats.tpl similarity index 100% rename from install/ubuntu/templates/web/awstats/awstats.tpl rename to install/debian/9/templates/web/awstats/awstats.tpl diff --git a/install/ubuntu/templates/web/awstats/index.tpl b/install/debian/9/templates/web/awstats/index.tpl similarity index 100% rename from install/ubuntu/templates/web/awstats/index.tpl rename to install/debian/9/templates/web/awstats/index.tpl diff --git a/install/ubuntu/templates/web/awstats/nav.tpl b/install/debian/9/templates/web/awstats/nav.tpl similarity index 100% rename from install/ubuntu/templates/web/awstats/nav.tpl rename to install/debian/9/templates/web/awstats/nav.tpl diff --git a/install/debian/9/templates/web/nginx/caching.sh b/install/debian/9/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/debian/9/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/debian/9/templates/web/nginx/caching.stpl b/install/debian/9/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..3c56004d3 --- /dev/null +++ b/install/debian/9/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/templates/web/nginx/caching.tpl b/install/debian/9/templates/web/nginx/caching.tpl similarity index 95% rename from install/ubuntu/templates/web/nginx/caching.tpl rename to install/debian/9/templates/web/nginx/caching.tpl index 1462f9e1f..36761b65c 100755 --- a/install/ubuntu/templates/web/nginx/caching.tpl +++ b/install/debian/9/templates/web/nginx/caching.tpl @@ -37,5 +37,5 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - include %home%/%user%/web/conf/nginx.%domain%.conf*; + include %home%/%user%/conf/web/nginx.%domain%.conf*; } diff --git a/install/debian/9/templates/web/nginx/default.stpl b/install/debian/9/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/debian/9/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/default.tpl b/install/debian/9/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/debian/9/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/templates/web/nginx/hosting.sh b/install/debian/9/templates/web/nginx/hosting.sh similarity index 100% rename from install/ubuntu/templates/web/nginx/hosting.sh rename to install/debian/9/templates/web/nginx/hosting.sh diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/debian/9/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/hosting.tpl b/install/debian/9/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/debian/9/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/http2.stpl b/install/debian/9/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/debian/9/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/http2.tpl b/install/debian/9/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/debian/9/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/default.stpl b/install/debian/9/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/default.tpl b/install/debian/9/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/invoiceninja.stpl b/install/debian/9/templates/web/nginx/php-fpm/invoiceninja.stpl new file mode 100644 index 000000000..086e6a8e8 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/invoiceninja.stpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/invoiceninja.tpl b/install/debian/9/templates/web/nginx/php-fpm/invoiceninja.tpl new file mode 100644 index 000000000..fd06523a9 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/invoiceninja.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/joomla.stpl b/install/debian/9/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/joomla.tpl b/install/debian/9/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/laravel.stpl b/install/debian/9/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/laravel.tpl b/install/debian/9/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/magento.stpl b/install/debian/9/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/magento.tpl b/install/debian/9/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/mautic.stpl b/install/debian/9/templates/web/nginx/php-fpm/mautic.stpl new file mode 100644 index 000000000..a88e9b58f --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/mautic.stpl @@ -0,0 +1,48 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/mautic.tpl b/install/debian/9/templates/web/nginx/php-fpm/mautic.tpl new file mode 100644 index 000000000..177d48757 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/mautic.tpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/modx.stpl b/install/debian/9/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/modx.tpl b/install/debian/9/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/moodle.stpl b/install/debian/9/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/moodle.tpl b/install/debian/9/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/no-php.stpl b/install/debian/9/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/no-php.tpl b/install/debian/9/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/odoo.stpl b/install/debian/9/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/odoo.tpl b/install/debian/9/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/opencart.stpl b/install/debian/9/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/opencart.tpl b/install/debian/9/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/owncloud.stpl b/install/debian/9/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/owncloud.tpl b/install/debian/9/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/piwik.stpl b/install/debian/9/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/piwik.tpl b/install/debian/9/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl b/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/sendy.tpl b/install/debian/9/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl new file mode 100644 index 000000000..eebb3e428 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl @@ -0,0 +1,105 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl new file mode 100644 index 000000000..2c5c99880 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl @@ -0,0 +1,100 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress.tpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2.tpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/templates/web/nginx/proxy_ip.tpl b/install/debian/9/templates/web/nginx/proxy_ip.tpl similarity index 100% rename from install/ubuntu/templates/web/nginx/proxy_ip.tpl rename to install/debian/9/templates/web/nginx/proxy_ip.tpl diff --git a/install/debian/9/templates/web/php-fpm/default.tpl b/install/debian/9/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/debian/9/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/debian/9/templates/web/php-fpm/no-php.tpl b/install/debian/9/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/debian/9/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/debian/9/templates/web/php-fpm/socket.tpl b/install/debian/9/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/debian/9/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/debian/9/templates/web/skel/document_errors/403.html b/install/debian/9/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/debian/9/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/debian/9/templates/web/skel/document_errors/404.html b/install/debian/9/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/debian/9/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/debian/9/templates/web/skel/document_errors/50x.html b/install/debian/9/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/debian/9/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/debian/9/templates/web/skel/public_html/index.html b/install/debian/9/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/debian/9/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/templates/web/skel/public_html/robots.txt b/install/debian/9/templates/web/skel/public_html/robots.txt similarity index 100% rename from install/ubuntu/templates/web/skel/public_html/robots.txt rename to install/debian/9/templates/web/skel/public_html/robots.txt diff --git a/install/debian/9/templates/web/skel/public_shtml/index.html b/install/debian/9/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/debian/9/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/templates/web/skel/public_shtml/robots.txt b/install/debian/9/templates/web/skel/public_shtml/robots.txt similarity index 100% rename from install/ubuntu/templates/web/skel/public_shtml/robots.txt rename to install/debian/9/templates/web/skel/public_shtml/robots.txt diff --git a/install/ubuntu/templates/web/suspend/.htaccess b/install/debian/9/templates/web/suspend/.htaccess similarity index 100% rename from install/ubuntu/templates/web/suspend/.htaccess rename to install/debian/9/templates/web/suspend/.htaccess diff --git a/install/ubuntu/templates/web/suspend/index.html b/install/debian/9/templates/web/suspend/index.html similarity index 100% rename from install/ubuntu/templates/web/suspend/index.html rename to install/debian/9/templates/web/suspend/index.html diff --git a/install/ubuntu/templates/web/webalizer/webalizer.tpl b/install/debian/9/templates/web/webalizer/webalizer.tpl similarity index 100% rename from install/ubuntu/templates/web/webalizer/webalizer.tpl rename to install/debian/9/templates/web/webalizer/webalizer.tpl diff --git a/install/debian/9/vsftpd/vsftpd.conf b/install/debian/9/vsftpd/vsftpd.conf new file mode 100644 index 000000000..63aceae87 --- /dev/null +++ b/install/debian/9/vsftpd/vsftpd.conf @@ -0,0 +1,39 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES +ssl_enable=YES +allow_anon_ssl=YES +force_local_data_ssl=YES +force_local_logins_ssl=YES +ssl_tlsv1_2=YES +ssl_sslv2=NO +ssl_sslv3=NO +require_ssl_reuse=YES +ssl_ciphers=HIGH +idle_session_timeout=600 +data_connection_timeout=120 +rsa_cert_file=/usr/local/vesta/ssl/certificate.crt +rsa_private_key_file=/usr/local/vesta/ssl/certificate.key diff --git a/install/debian/apache2.readme.txt b/install/debian/apache2.readme.txt deleted file mode 100644 index b8d05cbe1..000000000 --- a/install/debian/apache2.readme.txt +++ /dev/null @@ -1,11 +0,0 @@ -# -# _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| -# _| _| _| _| _| _| _| -# _| _| _|_|_| _|_| _| _|_|_|_| -# _| _| _| _| _| _| _| -# _| _|_|_|_| _|_|_| _| _| _| -# -# -# Server is manager by Vesta Control Panel. -# See /etc/apache2/conf.d/vesta.conf to get a full list of running vhosts. -# diff --git a/install/debian/certificate.crt b/install/debian/certificate.crt deleted file mode 100644 index 4a3230ac2..000000000 --- a/install/debian/certificate.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDqjCCApICCQCBAQdAxoNnAjANBgkqhkiG9w0BAQUFADCBljELMAkGA1UEBhMC -VVMxFjAUBgNVBAgMDU1hc3NhY2h1c2V0dHMxEzARBgNVBAcMClN3YW1wc2NvdHQx -EDAOBgNVBAoMB1Zlc3RhQ1AxCzAJBgNVBAsMAklUMRowGAYDVQQDDBFwYW5lbC52 -ZXN0YWNwLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B2ZXN0YWNwLmNvbTAeFw0x -MzA5MjMwNzA0NDVaFw0xNDA5MjMwNzA0NDVaMIGWMQswCQYDVQQGEwJVUzEWMBQG -A1UECAwNTWFzc2FjaHVzZXR0czETMBEGA1UEBwwKU3dhbXBzY290dDEQMA4GA1UE -CgwHVmVzdGFDUDELMAkGA1UECwwCSVQxGjAYBgNVBAMMEXBhbmVsLnZlc3RhY3Au -Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHZlc3RhY3AuY29tMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu84meigHrwPmzEbFpKe/o8FTKwO5w1VL0HU -ILVW5EBGT76VEBqpWC+x0QrChHit14FV7m+hZRvhhkulXrknChTTNA500EVNZ5Wb -UpDWezZDivTKAHzzq0aUwKB230Tz+k3j+duBcbzwFwirnDXb5dE5RqzBOhiIvDw9 -mjP66UyH8RxFF+pTAPlcF18zWak7KnaDreyGknzy7m+Zqs07uLnb0wTgcwIcqREP -eqgw0E8xrEdjz1N9HIvxi+glfnjNgHja3cCYhe9ZCpDDr9ERXrEcULrqRuch6Zfv -QKoscG4dankbq0V4DfpMBYMTvFvFLLp/uWvwLjunzfu37XmBLQIDAQABMA0GCSqG -SIb3DQEBBQUAA4IBAQBl+GF4Ii+7cW0tWVTsDh0Kw+rjc9bEA0eF4p3LBLEsFRkP -Yeqp2t0g8RTAAiq3OyUWYISzOX8xu0i56/3jUFazABBjz0P0w2A0BfRZS5TAEwxJ -TS9zAgobBuLtTh3FDJJIRXLJOKLJZVUmi6D+8QIQVOox0925tMIxGc9CxLK05bIc -HUYdHsn1gDwmTWem/XED559eWV/vGnvf3Ea0EHU76kTQaLPkul2y8BTbbLaHSw96 -1xFc8x9gqxWTT70YmBpZIApmSzvOGVXqTduMY/CeEbmigo1/1i2YMVjePFEDYnmE -/f6rNQrtM9kgtE+glWdA7zHlaigKl3SVof1ETStB ------END CERTIFICATE----- diff --git a/install/debian/certificate.key b/install/debian/certificate.key deleted file mode 100644 index eb913d684..000000000 --- a/install/debian/certificate.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAvu84meigHrwPmzEbFpKe/o8FTKwO5w1VL0HUILVW5EBGT76V -EBqpWC+x0QrChHit14FV7m+hZRvhhkulXrknChTTNA500EVNZ5WbUpDWezZDivTK -AHzzq0aUwKB230Tz+k3j+duBcbzwFwirnDXb5dE5RqzBOhiIvDw9mjP66UyH8RxF -F+pTAPlcF18zWak7KnaDreyGknzy7m+Zqs07uLnb0wTgcwIcqREPeqgw0E8xrEdj -z1N9HIvxi+glfnjNgHja3cCYhe9ZCpDDr9ERXrEcULrqRuch6ZfvQKoscG4dankb -q0V4DfpMBYMTvFvFLLp/uWvwLjunzfu37XmBLQIDAQABAoIBAF59YsSAJCWxqgOC -dMZh/z85JkVAbQuZRIvjhwg81eiVinZSedCDcUUMLXKnYYZPdrDM9+rM4dF4z843 -R3quJIzPq4n6kYK0mU7m8fwVY5+MRjbRV9qP+8LKZjlB8DIkHJ3FyEnRgKj5+NNd -Xhgra0y7kx3Pxrxqgdit80qJ6OVlN2gsMjUcDBhqQev9Xs8cKYjYc1uPtFw14B2G -5fsNE8cHJA+hH/aym7xTaEQlz/JOKn2GsH/dOhm3RM2QygdyrVOBBj6rKSi03LMb -7QOkDvZ3nBltxQKOqs2PkYyEAdqR4dMZIPNxye/k21iVovLeMVe4lG7BmNOD6XwB -+TOhYh0CgYEA9WyUeSNPP309Br65wg61GdapWmQIaj7HSZE06BWhp82PPwHaF1yY -p9hWgo6fDxwHiTSLeUqEPXJMaPG+RxvYFc7Lc3JjOKU4ezR9fqz01LLtWXHVVT/x -RZuogMyaDhIjhwMyu4mybpUMkBQ/B3DFufrzTv0y8ljAc0nlFsuXaPMCgYEAxymI -btxZFGES6UNG7ldEaihll9MpP22/VghUeAaia0qgnXlYkbngIIhGpGJUkvZ2pduE -tfw2S20k38qvrWXx/NhLxmiVSIvq5TFi/22dfT20kfrdCcnkrp/tRpeR72IrQ6Kx -+6l7QHV5Gjcc4rvNc8mw7itVu+StgCYx+koD9V8CgYA8sThaaLf9XGxOEbaAXgC9 -Pg+tcdV+6L2B3O33gvnyNGx7SWr0ogqCX4atTLXbF7RpYtwnB52CUJTC0x2aGjGq -2vQHPb95z6oTFdz/CaiWPRVjLDp0lZaF/0OBbpeeaS/uAIV4SUod/LAZpVgc7++F -2aB35TfHJNma6ShFJd3wrwKBgBH444DtjXRTVjuKgKodYeUahCBxQ7Wfl7aRxd2W -66027MuJGb78wQbuhUFsRimE6CwLZSxu+A9SaBNx3OyO2Ilyk1PyOBZ12dqY3FAk -eiPFH7hUpQGvIF3JvMW0A81QVIsj8V++aYrljuoYsxiaze128+pqKrBr8GQyDiyB -5V2NAoGBAIPWovM20cbx6LpEuFN5Pmkl500F6sTc8F3DQVRe3JhwVhqHQXv7tUE1 -VHMqpMybUQin8q/RXvJ0vr2sQEe2fVC2a0FWJTqww1eMwu1V9ppUJAfXfaYWY+XJ -4d3myajakr0Eh3ia+IrSBcMRJ2sD3sL5KQC6jbD0R8odex4syiu2 ------END RSA PRIVATE KEY----- diff --git a/install/debian/freshclam.conf b/install/debian/freshclam.conf deleted file mode 100644 index 5e6ca56c1..000000000 --- a/install/debian/freshclam.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Automatically created by the clamav-freshclam postinst -# Comments will get lost when you reconfigure the clamav-freshclam package - -DatabaseOwner clamav -UpdateLogFile /var/log/clamav/freshclam.log -LogVerbose false -LogSyslog false -LogFacility LOG_LOCAL6 -LogFileMaxSize 0 -LogTime true -Foreground false -Debug false -MaxAttempts 5 -DatabaseDirectory /var/lib/clamav -DNSDatabaseInfo current.cvd.clamav.net -AllowSupplementaryGroups false -PidFile /var/run/clamav/freshclam.pid -ConnectTimeout 30 -ReceiveTimeout 30 -TestDatabases yes -ScriptedUpdates yes -CompressLocalDatabase no -Bytecode true -# Check for new database 24 times a day -Checks 24 -DatabaseMirror db.local.clamav.net -DatabaseMirror database.clamav.net diff --git a/install/debian/nginx.readme.txt b/install/debian/nginx.readme.txt deleted file mode 100644 index e5db79e79..000000000 --- a/install/debian/nginx.readme.txt +++ /dev/null @@ -1,11 +0,0 @@ -# -# _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| -# _| _| _| _| _| _| _| -# _| _| _|_|_| _|_| _| _|_|_|_| -# _| _| _| _| _| _| _| -# _| _|_|_|_| _|_|_| _| _| _| -# -# -# Server is manager by Vesta Control Panel. -# See /etc/nginx/conf.d/vesta.conf to get a full list of running vhosts. -# diff --git a/install/debian/sudoers.admin.conf b/install/debian/sudoers.admin.conf deleted file mode 100644 index b4f870395..000000000 --- a/install/debian/sudoers.admin.conf +++ /dev/null @@ -1,3 +0,0 @@ -# Created by vesta installer -admin ALL=(ALL) ALL -admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/debian/sudoers.conf b/install/debian/sudoers.conf deleted file mode 100644 index efe9ce9c9..000000000 --- a/install/debian/sudoers.conf +++ /dev/null @@ -1,32 +0,0 @@ -# -# This file MUST be edited with the 'visudo' command as root. -# -# Please consider adding local content in /etc/sudoers.d/ instead of -# directly modifying this file. -# -# See the man page for details on how to write a sudoers file. -# -Defaults env_reset -Defaults mail_badpass -Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -Defaults env_keep="VESTA" -Defaults:admin !requiretty - -# Host alias specification - -# User alias specification - -# Cmnd alias specification - -# User privilege specification -root ALL=(ALL:ALL) ALL - -# Members of the admin group may gain root privileges -%admin ALL=(ALL) ALL - -# Allow members of group sudo to execute any command -%sudo ALL=(ALL:ALL) ALL - -# See sudoers(5) for more information on "#include" directives: - -#includedir /etc/sudoers.d diff --git a/install/debian/templates/dns/child-ns.tpl b/install/debian/templates/dns/child-ns.tpl deleted file mode 100755 index 27f9b825b..000000000 --- a/install/debian/templates/dns/child-ns.tpl +++ /dev/null @@ -1,11 +0,0 @@ -ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='6' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='7' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='8' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='9' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='11' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/templates/dns/default.tpl b/install/debian/templates/dns/default.tpl deleted file mode 100755 index 38f963006..000000000 --- a/install/debian/templates/dns/default.tpl +++ /dev/null @@ -1,9 +0,0 @@ -ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='4' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='5' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='6' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='8' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='9' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/templates/dns/gmail.tpl b/install/debian/templates/dns/gmail.tpl deleted file mode 100755 index 950cfa456..000000000 --- a/install/debian/templates/dns/gmail.tpl +++ /dev/null @@ -1,14 +0,0 @@ -ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='6' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='ghs.google.com.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='7' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='8' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='9' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='10' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='11' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX2.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='13' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX3.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='14' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/vesta.conf b/install/debian/vesta.conf deleted file mode 100644 index 6c148bd17..000000000 --- a/install/debian/vesta.conf +++ /dev/null @@ -1,24 +0,0 @@ -WEB_SYSTEM='apache2' -WEB_RGROUPS='www-data' -WEB_PORT='8080' -WEB_SSL='mod_ssl' -WEB_SSL_PORT='8443' -PROXY_SYSTEM='nginx' -PROXY_PORT='80' -PROXY_SSL_PORT='443' -FTP_SYSTEM='vsftpd' -MAIL_SYSTEM='exim4' -IMAP_SYSTEM='dovecot' -ANTIVIRUS_SYSTEM='clamav-daemon' -ANTISPAM_SYSTEM='spamassassin' -DB_SYSTEM='mysql' -DNS_SYSTEM='bind9' -STATS_SYSTEM='webalizer,awstats' -BACKUP_SYSTEM='local' -CRON_SYSTEM='cron' -DISK_QUOTA='no' -FIREWALL_SYSTEM='iptables' -FIREWALL_EXTENSION='fail2ban' -REPOSITORY='cmmnt' -VERSION='0.9.8' -LANGUAGE='en' diff --git a/install/debian/whmcs-module.php b/install/debian/whmcs-module.php deleted file mode 100644 index b3b1710ee..000000000 --- a/install/debian/whmcs-module.php +++ /dev/null @@ -1,342 +0,0 @@ - array( "Type" => "text", "Default" => "default"), - "SSH Access" => array( "Type" => "yesno", "Description" => "Tick to grant access", ), - "IP Address (optional)" => array( "Type" => "text" ), - ); - return $configarray; - -} - -function vesta_CreateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-user', - 'arg1' => $params["username"], - 'arg2' => $params["password"], - 'arg3' => $params["clientsdetails"]["email"], - 'arg4' => $params["configoption1"], - 'arg5' => $params["clientsdetails"]["firstname"], - 'arg6' => $params["clientsdetails"]["lastname"], - ); - $postdata = http_build_query($postvars); - - // Create user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - // Enable ssh access - if(($answer == 'OK') && ($params["configoption2"] == 'on')) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-shell', - 'arg1' => $params["username"], - 'arg2' => 'bash' - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - // Add domain - if(($answer == 'OK') && (!empty($params["domain"]))) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-domain', - 'arg1' => $params["username"], - 'arg2' => $params["domain"], - 'arg3' => $params["configoption3"], - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - return $result; - -} - -function vesta_TerminateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-delete-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Delete user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; - -} - -function vesta_SuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-suspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Susupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - -} - -function vesta_UnsuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-unsuspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Unsusupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - -} - -function vesta_ChangePassword($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-password', - 'arg1' => $params["username"], - 'arg2' => $params["password"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - return $result; - -} - -function vesta_ChangePackage($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-package', - 'arg1' => $params["username"], - 'arg2' => $params["configoption1"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - return $result; - -} - -function vesta_ClientArea($params) { - - $code = '
- - - - -
'; - return $code; - -} - -function vesta_AdminLink($params) { - - $code = '
- - - -
'; - return $code; - -} - -function vesta_LoginLink($params) { - - echo "control panel"; - -} - -function vesta_UsageUpdate($params) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-list-users', - 'arg1' => 'json' - ); - $postdata = http_build_query($postvars); - - // Get user stats - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - // Decode json data - $results = json_decode($answer, true); - - // Loop through results and update DB - foreach ($results AS $user=>$values) { - update_query("tblhosting",array( - "diskusage"=>$values['U_DISK'], - "disklimit"=>$values['DISK_QUOTA'], - "bwusage"=>$values['U_BANDWIDTH'], - "bwlimit"=>$values['BANDWIDTH'], - "lastupdate"=>"now()", - ),array("server"=>$params['serverid'], "username"=>$user)); - } - -} - -?> diff --git a/install/rhel/5/GPG.txt b/install/rhel/5/GPG.txt new file mode 100644 index 000000000..33bb1ff26 --- /dev/null +++ b/install/rhel/5/GPG.txt @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.5 (GNU/Linux) + +mQGiBExUOVkRBACPJeB3bdrAggHlFpkaB1aRDXDz7clRg6jyEzdMYHhrniSyjhAH ++b53zE4iapCHFIamEG2Fa7zS2lSx7068AmqHsZK5jwmyhTVVYuTtbebj1C4Y5ToW +icHhy4ullB7qeDmAod6EY4YSx2kYO3dR/QLk5QM4lWuV/OLdXWTeoKiiYwCg0UAP +yUkBXgNcKXrFqoJelmG3JEMEAIYM7CGwVd47FsM1UCu56HNQPErxLoUPBUlAQFtx +OMOFDMEm7qH7ve8FgGGRL9oHF7mSJ3y7HgM1BF5MHkKz6FjDrT1U5+Lub6oI2e90 +gfCMGlQAzUm9o+fijfbhKoEQ/xQRkUoqWEaf9zlFx1/4+NH+Qz/L8ZDTHvSLvUgt +HyZlA/916St5suAUugXu9PeLRVqboiHjhz0JWKneQEQ2QcTu8lhHsu/mZTWL9FYn +XwtiCJLZT8bpBSfl8Oeqhof1+sPgnv7t/LuKQ6JJmyJ46Sa453wfrs+xs32hKAe+ +ZN0VGBmHe7NhuhW/LdM0KMMr/LHuJJJAgmt+XVHi2RFwsZvdMbQkVmVzdGEgUGFj +a2FnZXMgPGJ1aWxkZXJAdmVzdGFjcC5jb20+iGAEExECACAFAkxUOVkCGwMGCwkI +BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBbjeFzoXeCtp6dAKDQfeTPHi6hCgg4L+sx +LEjXvVdLOwCfe9yfr+en+uz6qst0QBT2cAwB+q+5Ag0ETFQ5bBAIAJYZa9pV9l/R +OUFgIvdJd1mvzJpRAXsRBBJc22WuOHp22Uj+lMKrJMTRQZvFBvk9s7Mb1/ACXrL4 +vIbsKqXNAlVFp9kF1tKV2ejZ1MrJaQ4819bIkyG0lJzjl6u9lzJopF7ie00YHKC6 +1rltLaevfFjUXq1DoYZBg42hT/SOj+3+2D0e9qcxeuxXbsjnvwtxxUkWcP/ftOSt +HsAAbM1YtwGl9+fZLWG9+WIKNOE9kp+h2ywZtFA4v/Ms2op7oZGAL7C95k1EgLrH +mOZ0B2oKOLctV1z9keWksPN/osyG7Mg8ljv8zF3XwQFqHOHRntDqSWoFBMvJBkNS +vtm6u5WyKd8ABAsH/0RbeWVA+JqpZ24Rl57XoDRPRzno0m0EnkJMXr22uBq1lPg8 +VkadrGOshFXpM3Rho57f3U7fwKmShQXGEV7RHsWcxcfwOSKVJtI468sDuYXc2l1f +5nFo+rCtVh3BBq+JtZFKX0x53BesCT/M7l33Dfm9MDi34tEdPTPjumBIH1dowYdv +9/2HPlPp4NZte7gOO/VIAiS+jJ30aBn09t8duW5md7/rkOPIM5It05LGCLjb9hVm +R9zTwzw30fIrkeyWZdAbk76lH8u8j6PX30U6RRzb33+XIFR4ab3nlyqOQOpoTqyG +cs7B02sgBbyC+RG1EYfcelSEvLXkR8mjcqjs+MCISQQYEQIACQUCTFQ5bAIbDAAK +CRBbjeFzoXeCtlpcAKDLh59svtq/Gn99O9ZZw0nBjWv6sACfffDxPhCP1F852Jab +d8P1WGhr2Q8= +=Z1Jj +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/rhel/clamd.conf b/install/rhel/5/clamav/clamd.conf similarity index 100% rename from install/rhel/clamd.conf rename to install/rhel/5/clamav/clamd.conf diff --git a/install/rhel/5/clamav/clamd.service b/install/rhel/5/clamav/clamd.service new file mode 100644 index 000000000..fdb3af7fd --- /dev/null +++ b/install/rhel/5/clamav/clamd.service @@ -0,0 +1,12 @@ +[Unit] +Description = clamd scanner (clamd) daemon +After = syslog.target nss-lookup.target network.target + +[Service] +Type = simple +ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes +Restart = on-failure +PrivateTmp = true + +[Install] +WantedBy=multi-user.target diff --git a/install/rhel/freshclam.conf b/install/rhel/5/clamav/freshclam.conf similarity index 100% rename from install/rhel/freshclam.conf rename to install/rhel/5/clamav/freshclam.conf diff --git a/install/rhel/dovecot.conf b/install/rhel/5/dovecot/dovecot.conf similarity index 83% rename from install/rhel/dovecot.conf rename to install/rhel/5/dovecot/dovecot.conf index c4b187b53..544d851e6 100644 --- a/install/rhel/dovecot.conf +++ b/install/rhel/5/dovecot/dovecot.conf @@ -1,7 +1,7 @@ protocols = imap imaps pop3 pop3s log_path = /var/log/dovecot.log -ssl_cert_file = /etc/pki/tls/certs/exim.pem -ssl_key_file = /etc/pki/tls/private/exim.pem +ssl_cert_file = /usr/local/vesta/ssl/certificate.crt +ssl_key_file = /usr/local/vesta/ssl/certificate.key disable_plaintext_auth = no mail_location = maildir:%h/mail/%d/%n diff --git a/install/rhel/5/epel-release.rpm b/install/rhel/5/epel-release.rpm new file mode 100644 index 000000000..a65162a8e Binary files /dev/null and b/install/rhel/5/epel-release.rpm differ diff --git a/install/rhel/5/exim/dnsbl.conf b/install/rhel/5/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/rhel/5/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/rhel/exim-smarthost.conf b/install/rhel/5/exim/exim-smarthost.conf similarity index 100% rename from install/rhel/exim-smarthost.conf rename to install/rhel/5/exim/exim-smarthost.conf diff --git a/install/rhel/exim.conf b/install/rhel/5/exim/exim.conf similarity index 98% rename from install/rhel/exim.conf rename to install/rhel/5/exim/exim.conf index 0f9830168..c1793b910 100644 --- a/install/rhel/exim.conf +++ b/install/rhel/5/exim/exim.conf @@ -227,7 +227,7 @@ procmail: autoreplay: driver = accept require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg - condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} retry_use_local_part transport = userautoreply unseen @@ -347,7 +347,8 @@ userautoreply: driver = autoreply file = /etc/exim/domains/$domain/autoreply.${local_part}.msg from = "${local_part}@${domain}" - subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" to = "${sender_address}" devnull: diff --git a/install/rhel/5/exim/spam-blocks.conf b/install/rhel/5/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/debian/fail2ban.action.conf b/install/rhel/5/fail2ban/action.d/vesta.conf similarity index 100% rename from install/debian/fail2ban.action.conf rename to install/rhel/5/fail2ban/action.d/vesta.conf diff --git a/install/debian/fail2ban.filter.conf b/install/rhel/5/fail2ban/filter.d/vesta.conf similarity index 100% rename from install/debian/fail2ban.filter.conf rename to install/rhel/5/fail2ban/filter.d/vesta.conf diff --git a/install/debian/fail2ban.jail.conf b/install/rhel/5/fail2ban/jail.local similarity index 100% rename from install/debian/fail2ban.jail.conf rename to install/rhel/5/fail2ban/jail.local diff --git a/install/rhel/5/firewall/ports.conf b/install/rhel/5/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/rhel/5/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/rhel/5/firewall/rules.conf b/install/rhel/5/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/rhel/5/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/rhel/httpd.conf b/install/rhel/5/httpd/httpd.conf similarity index 100% rename from install/rhel/httpd.conf rename to install/rhel/5/httpd/httpd.conf diff --git a/install/rhel/5/httpd/ruid2.conf b/install/rhel/5/httpd/ruid2.conf new file mode 100644 index 000000000..42f908a85 --- /dev/null +++ b/install/rhel/5/httpd/ruid2.conf @@ -0,0 +1,8 @@ +LoadModule ruid2_module modules/mod_ruid2.so + + + RMode config + RDefaultUidGid apache apache + RUidGid apache apache + RGroups apache + diff --git a/install/rhel/httpd-ssl.conf b/install/rhel/5/httpd/ssl.conf similarity index 100% rename from install/rhel/httpd-ssl.conf rename to install/rhel/5/httpd/ssl.conf diff --git a/install/rhel/httpd-status.conf b/install/rhel/5/httpd/status.conf similarity index 100% rename from install/rhel/httpd-status.conf rename to install/rhel/5/httpd/status.conf diff --git a/install/rhel/5/logrotate/dovecot b/install/rhel/5/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/rhel/5/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/rhel/httpd.log b/install/rhel/5/logrotate/httpd similarity index 100% rename from install/rhel/httpd.log rename to install/rhel/5/logrotate/httpd diff --git a/install/rhel/5/logrotate/nginx b/install/rhel/5/logrotate/nginx new file mode 100644 index 000000000..b1da1bf16 --- /dev/null +++ b/install/rhel/5/logrotate/nginx @@ -0,0 +1,12 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + create 0644 nginx nginx + daily + rotate 10 + missingok + notifempty + compress + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/5/logrotate/vesta b/install/rhel/5/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/rhel/5/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/rhel/5/mariadb/my-large.cnf b/install/rhel/5/mariadb/my-large.cnf new file mode 100644 index 000000000..4e6c2225c --- /dev/null +++ b/install/rhel/5/mariadb/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/5/mariadb/my-medium.cnf b/install/rhel/5/mariadb/my-medium.cnf new file mode 100644 index 000000000..fa255ec52 --- /dev/null +++ b/install/rhel/5/mariadb/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/5/mariadb/my-small.cnf b/install/rhel/5/mariadb/my-small.cnf new file mode 100644 index 000000000..7d2fdc1b3 --- /dev/null +++ b/install/rhel/5/mariadb/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 32K +max_allowed_packet = 8M +table_open_cache = 4 +sort_buffer_size = 128K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/monit/clamd.conf b/install/rhel/5/monit/clamd.conf similarity index 100% rename from install/rhel/monit/clamd.conf rename to install/rhel/5/monit/clamd.conf diff --git a/install/rhel/monit/dovecot.conf b/install/rhel/5/monit/dovecot.conf similarity index 100% rename from install/rhel/monit/dovecot.conf rename to install/rhel/5/monit/dovecot.conf diff --git a/install/rhel/monit/exim.conf b/install/rhel/5/monit/exim.conf similarity index 100% rename from install/rhel/monit/exim.conf rename to install/rhel/5/monit/exim.conf diff --git a/install/rhel/monit/httpd.conf b/install/rhel/5/monit/httpd.conf similarity index 100% rename from install/rhel/monit/httpd.conf rename to install/rhel/5/monit/httpd.conf diff --git a/install/rhel/monit/mysql.conf b/install/rhel/5/monit/mysql.conf similarity index 100% rename from install/rhel/monit/mysql.conf rename to install/rhel/5/monit/mysql.conf diff --git a/install/rhel/monit/nginx.conf b/install/rhel/5/monit/nginx.conf similarity index 100% rename from install/rhel/monit/nginx.conf rename to install/rhel/5/monit/nginx.conf diff --git a/install/rhel/monit/spamassassin.conf b/install/rhel/5/monit/spamassassin.conf similarity index 100% rename from install/rhel/monit/spamassassin.conf rename to install/rhel/5/monit/spamassassin.conf diff --git a/install/rhel/monit/sshd.conf b/install/rhel/5/monit/sshd.conf similarity index 100% rename from install/rhel/monit/sshd.conf rename to install/rhel/5/monit/sshd.conf diff --git a/install/rhel/monit/vesta-nginx.conf b/install/rhel/5/monit/vesta-nginx.conf similarity index 100% rename from install/rhel/monit/vesta-nginx.conf rename to install/rhel/5/monit/vesta-nginx.conf diff --git a/install/rhel/monit/vesta-php.conf b/install/rhel/5/monit/vesta-php.conf similarity index 100% rename from install/rhel/monit/vesta-php.conf rename to install/rhel/5/monit/vesta-php.conf diff --git a/install/rhel/5/mysqld/my-large.cnf b/install/rhel/5/mysqld/my-large.cnf new file mode 100644 index 000000000..b548eeb87 --- /dev/null +++ b/install/rhel/5/mysqld/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/5/mysqld/my-medium.cnf b/install/rhel/5/mysqld/my-medium.cnf new file mode 100644 index 000000000..e5f2677fc --- /dev/null +++ b/install/rhel/5/mysqld/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/5/mysqld/my-small.cnf b/install/rhel/5/mysqld/my-small.cnf new file mode 100644 index 000000000..52a3d33a6 --- /dev/null +++ b/install/rhel/5/mysqld/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 32K +max_allowed_packet = 8M +table_open_cache = 4 +sort_buffer_size = 128K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/named.conf b/install/rhel/5/named/named.conf similarity index 100% rename from install/rhel/named.conf rename to install/rhel/5/named/named.conf diff --git a/install/ubuntu/nginx.conf b/install/rhel/5/nginx/nginx.conf similarity index 50% rename from install/ubuntu/nginx.conf rename to install/rhel/5/nginx/nginx.conf index 0852c60f9..0a37ebbc3 100644 --- a/install/ubuntu/nginx.conf +++ b/install/rhel/5/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user nginx; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -21,7 +23,7 @@ http { client_body_timeout 1m; client_header_buffer_size 2k; client_body_buffer_size 256k; - client_max_body_size 100m; + client_max_body_size 256m; large_client_header_buffers 4 8k; send_timeout 30; keepalive_timeout 60 60; @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -48,12 +50,13 @@ http { # Compression gzip on; + gzip_vary on; gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css text/javascript - application/x-javascript; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; + gzip_disable "MSIE [1-6]\."; # Proxy settings @@ -68,10 +71,36 @@ http { proxy_buffers 32 4k; + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + # SSL PCI Compliance - ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH; - ssl_session_cache shared:SSL:10m; - ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; # Error pages @@ -80,14 +109,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -95,6 +126,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/rhel/5/nginx/phpmyadmin.inc b/install/rhel/5/nginx/phpmyadmin.inc new file mode 100644 index 000000000..ee0030072 --- /dev/null +++ b/install/rhel/5/nginx/phpmyadmin.inc @@ -0,0 +1,19 @@ +location /phpmyadmin { + alias /usr/share/phpMyAdmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpMyAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } + +} diff --git a/install/rhel/5/nginx/phppgadmin.inc b/install/rhel/5/nginx/phppgadmin.inc new file mode 100644 index 000000000..61dea1c9c --- /dev/null +++ b/install/rhel/5/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phpPgAdmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phpPgAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/5/nginx/status.conf b/install/rhel/5/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/rhel/5/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/rhel/5/nginx/webmail.inc b/install/rhel/5/nginx/webmail.inc new file mode 100644 index 000000000..d9cc181dc --- /dev/null +++ b/install/rhel/5/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /usr/share/roundcubemail; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /usr/share/roundcubemail/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/5/packages/default.pkg b/install/rhel/5/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/rhel/5/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/5/packages/gainsboro.pkg b/install/rhel/5/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/rhel/5/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/5/packages/palegreen.pkg b/install/rhel/5/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/rhel/5/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/packages/default.pkg b/install/rhel/5/packages/slategrey.pkg similarity index 78% rename from install/rhel/packages/default.pkg rename to install/rhel/5/packages/slategrey.pkg index 29585bacb..d89e796fd 100644 --- a/install/rhel/packages/default.pkg +++ b/install/rhel/5/packages/slategrey.pkg @@ -11,8 +11,8 @@ DATABASES='100' CRON_JOBS='100' DISK_QUOTA='10000' BANDWIDTH='100000' -NS='ns1.localhost.ltd,ns2.localhost.ltd' +NS='ns1.domain.tld,ns2.domain.tld' SHELL='nologin' BACKUPS='3' -TIME='11:46:50' -DATE='2012-09-26' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/5/pga/config.inc.php b/install/rhel/5/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/rhel/5/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/rhel/httpd-pga.conf b/install/rhel/5/pga/phpPgAdmin.conf similarity index 100% rename from install/rhel/httpd-pga.conf rename to install/rhel/5/pga/phpPgAdmin.conf diff --git a/install/rhel/5/php-fpm/www.conf b/install/rhel/5/php-fpm/www.conf new file mode 100644 index 000000000..1bc0b0751 --- /dev/null +++ b/install/rhel/5/php-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = apache +group = apache + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/rhel/pma.conf b/install/rhel/5/pma/config.inc.conf similarity index 98% rename from install/rhel/pma.conf rename to install/rhel/5/pma/config.inc.conf index 47ae207e4..f7584089d 100644 --- a/install/rhel/pma.conf +++ b/install/rhel/5/pma/config.inc.conf @@ -16,6 +16,12 @@ */ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* * Servers configuration */ diff --git a/install/rhel/httpd-pma.conf b/install/rhel/5/pma/phpMyAdmin.conf similarity index 96% rename from install/rhel/httpd-pma.conf rename to install/rhel/5/pma/phpMyAdmin.conf index 3950860ef..b1b6b60d4 100644 --- a/install/rhel/httpd-pma.conf +++ b/install/rhel/5/pma/phpMyAdmin.conf @@ -38,7 +38,7 @@ Alias /phpmyadmin /usr/share/phpMyAdmin # # - + Order Deny,Allow Deny from All Allow from None diff --git a/install/rhel/5/postgresql/pg_hba.conf b/install/rhel/5/postgresql/pg_hba.conf new file mode 100644 index 000000000..b65e66434 --- /dev/null +++ b/install/rhel/5/postgresql/pg_hba.conf @@ -0,0 +1,11 @@ +# "local" is for Unix domain socket connections only +local all all md5 + +# IPv4 local connections: +host all all 127.0.0.1/32 md5 + +# IPv6 local connections: +host all all ::1/128 md5 + +# Others +host all all 0.0.0.0/0 md5 diff --git a/install/rhel/proftpd.conf b/install/rhel/5/proftpd/proftpd.conf similarity index 95% rename from install/rhel/proftpd.conf rename to install/rhel/5/proftpd/proftpd.conf index 240ee0227..6b89d125e 100644 --- a/install/rhel/proftpd.conf +++ b/install/rhel/5/proftpd/proftpd.conf @@ -15,6 +15,7 @@ LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" ListOptions -a RequireValidShell off +PassivePorts 12000 12100 Umask 002 diff --git a/install/rhel/5/remi-release.rpm b/install/rhel/5/remi-release.rpm new file mode 100644 index 000000000..e0c3696c4 Binary files /dev/null and b/install/rhel/5/remi-release.rpm differ diff --git a/install/rhel/5/roundcube/config.inc.php b/install/rhel/5/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/rhel/5/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/rhel/5/roundcube/main.inc.php b/install/rhel/5/roundcube/main.inc.php new file mode 100644 index 000000000..a27c306eb --- /dev/null +++ b/install/rhel/5/roundcube/main.inc.php @@ -0,0 +1,40 @@ + - Order Deny,Allow - Deny from all - Allow from all - - - - Order Deny,Allow - Deny from all - Allow from None + Order Deny,Allow + Deny from all + Allow from all diff --git a/install/rhel/roundcube-driver.php b/install/rhel/5/roundcube/vesta.php similarity index 100% rename from install/rhel/roundcube-driver.php rename to install/rhel/5/roundcube/vesta.php diff --git a/install/rhel/5/sudo/admin b/install/rhel/5/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/rhel/5/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/rhel/5/templates/dns/child-ns.tpl b/install/rhel/5/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/rhel/5/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/5/templates/dns/default.tpl b/install/rhel/5/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/rhel/5/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/5/templates/dns/gmail.tpl b/install/rhel/5/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/rhel/5/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/5/templates/web/awstats/awstats.tpl b/install/rhel/5/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/rhel/5/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/rhel/5/templates/web/awstats/index.tpl b/install/rhel/5/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/rhel/5/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/rhel/5/templates/web/awstats/nav.tpl b/install/rhel/5/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/rhel/5/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/rhel/5/templates/web/httpd/basedir.stpl b/install/rhel/5/templates/web/httpd/basedir.stpl new file mode 100644 index 000000000..ba4c1d91d --- /dev/null +++ b/install/rhel/5/templates/web/httpd/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/5/templates/web/httpd/basedir.tpl b/install/rhel/5/templates/web/httpd/basedir.tpl new file mode 100644 index 000000000..f7d9b5283 --- /dev/null +++ b/install/rhel/5/templates/web/httpd/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/templates/web/httpd/default.stpl b/install/rhel/5/templates/web/httpd/default.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/rhel/templates/web/httpd/default.stpl rename to install/rhel/5/templates/web/httpd/default.stpl index ffb536c54..0ab22c39a --- a/install/rhel/templates/web/httpd/default.stpl +++ b/install/rhel/5/templates/web/httpd/default.stpl @@ -15,6 +15,10 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/rhel/templates/web/httpd/default.tpl b/install/rhel/5/templates/web/httpd/default.tpl old mode 100755 new mode 100644 similarity index 81% rename from install/rhel/templates/web/httpd/default.tpl rename to install/rhel/5/templates/web/httpd/default.tpl index 29de125f9..751b7c59b --- a/install/rhel/templates/web/httpd/default.tpl +++ b/install/rhel/5/templates/web/httpd/default.tpl @@ -14,6 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/rhel/5/templates/web/httpd/hosting.stpl b/install/rhel/5/templates/web/httpd/hosting.stpl new file mode 100644 index 000000000..49bf6a83c --- /dev/null +++ b/install/rhel/5/templates/web/httpd/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/5/templates/web/httpd/hosting.tpl b/install/rhel/5/templates/web/httpd/hosting.tpl new file mode 100644 index 000000000..089d623f2 --- /dev/null +++ b/install/rhel/5/templates/web/httpd/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/5/templates/web/httpd/phpcgi.sh b/install/rhel/5/templates/web/httpd/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/rhel/5/templates/web/httpd/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/templates/web/httpd/phpcgi.stpl b/install/rhel/5/templates/web/httpd/phpcgi.stpl old mode 100755 new mode 100644 similarity index 82% rename from install/rhel/templates/web/httpd/phpcgi.stpl rename to install/rhel/5/templates/web/httpd/phpcgi.stpl index b3e6488a6..46c71f8f7 --- a/install/rhel/templates/web/httpd/phpcgi.stpl +++ b/install/rhel/5/templates/web/httpd/phpcgi.stpl @@ -15,6 +15,10 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php SetHandler phpcgi-script diff --git a/install/rhel/templates/web/httpd/phpcgi.tpl b/install/rhel/5/templates/web/httpd/phpcgi.tpl old mode 100755 new mode 100644 similarity index 79% rename from install/rhel/templates/web/httpd/phpcgi.tpl rename to install/rhel/5/templates/web/httpd/phpcgi.tpl index 952d2b493..b521a6e6f --- a/install/rhel/templates/web/httpd/phpcgi.tpl +++ b/install/rhel/5/templates/web/httpd/phpcgi.tpl @@ -14,6 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php SetHandler phpcgi-script diff --git a/install/rhel/5/templates/web/httpd/phpfcgid.sh b/install/rhel/5/templates/web/httpd/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/rhel/5/templates/web/httpd/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/templates/web/httpd/phpfcgid.stpl b/install/rhel/5/templates/web/httpd/phpfcgid.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/rhel/templates/web/httpd/phpfcgid.stpl rename to install/rhel/5/templates/web/httpd/phpfcgid.stpl index 352d268b6..41a14729a --- a/install/rhel/templates/web/httpd/phpfcgid.stpl +++ b/install/rhel/5/templates/web/httpd/phpfcgid.stpl @@ -15,6 +15,10 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp SetHandler fcgid-script diff --git a/install/rhel/templates/web/httpd/phpfcgid.tpl b/install/rhel/5/templates/web/httpd/phpfcgid.tpl old mode 100755 new mode 100644 similarity index 79% rename from install/rhel/templates/web/httpd/phpfcgid.tpl rename to install/rhel/5/templates/web/httpd/phpfcgid.tpl index 9826c9464..bb9d3b748 --- a/install/rhel/templates/web/httpd/phpfcgid.tpl +++ b/install/rhel/5/templates/web/httpd/phpfcgid.tpl @@ -14,6 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp SetHandler fcgid-script diff --git a/install/rhel/5/templates/web/nginx/caching.sh b/install/rhel/5/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/rhel/5/templates/web/nginx/caching.stpl b/install/rhel/5/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..5e1ac757b --- /dev/null +++ b/install/rhel/5/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/caching.tpl b/install/rhel/5/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..6d727c67f --- /dev/null +++ b/install/rhel/5/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/templates/web/nginx/default.stpl b/install/rhel/5/templates/web/nginx/default.stpl similarity index 94% rename from install/rhel/templates/web/nginx/default.stpl rename to install/rhel/5/templates/web/nginx/default.stpl index 53ad8d1b8..22bbd55a6 100755 --- a/install/rhel/templates/web/nginx/default.stpl +++ b/install/rhel/5/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; diff --git a/install/rhel/templates/web/nginx/default.tpl b/install/rhel/5/templates/web/nginx/default.tpl similarity index 100% rename from install/rhel/templates/web/nginx/default.tpl rename to install/rhel/5/templates/web/nginx/default.tpl diff --git a/install/rhel/5/templates/web/nginx/hosting.sh b/install/rhel/5/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/rhel/templates/web/nginx/hosting.stpl b/install/rhel/5/templates/web/nginx/hosting.stpl similarity index 90% rename from install/rhel/templates/web/nginx/hosting.stpl rename to install/rhel/5/templates/web/nginx/hosting.stpl index aca458a4b..c3414149b 100755 --- a/install/rhel/templates/web/nginx/hosting.stpl +++ b/install/rhel/5/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; @@ -31,7 +30,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/rhel/templates/web/nginx/hosting.tpl b/install/rhel/5/templates/web/nginx/hosting.tpl similarity index 100% rename from install/rhel/templates/web/nginx/hosting.tpl rename to install/rhel/5/templates/web/nginx/hosting.tpl diff --git a/install/rhel/5/templates/web/nginx/http2.stpl b/install/rhel/5/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/5/templates/web/nginx/http2.tpl b/install/rhel/5/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/rhel/5/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/default.stpl b/install/rhel/5/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/default.tpl b/install/rhel/5/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/joomla.stpl b/install/rhel/5/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/joomla.tpl b/install/rhel/5/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/laravel.stpl b/install/rhel/5/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/laravel.tpl b/install/rhel/5/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/magento.stpl b/install/rhel/5/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/magento.tpl b/install/rhel/5/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/modx.stpl b/install/rhel/5/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/modx.tpl b/install/rhel/5/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/moodle.stpl b/install/rhel/5/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/moodle.tpl b/install/rhel/5/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/no-php.stpl b/install/rhel/5/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/no-php.tpl b/install/rhel/5/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/odoo.stpl b/install/rhel/5/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/odoo.tpl b/install/rhel/5/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/opencart.stpl b/install/rhel/5/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/opencart.tpl b/install/rhel/5/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/owncloud.stpl b/install/rhel/5/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/owncloud.tpl b/install/rhel/5/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/piwik.stpl b/install/rhel/5/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/piwik.tpl b/install/rhel/5/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl b/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/sendy.tpl b/install/rhel/5/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress.tpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.tpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/proxy_ip.tpl b/install/rhel/5/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/rhel/5/templates/web/php-fpm/default.tpl b/install/rhel/5/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/rhel/5/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/rhel/5/templates/web/php-fpm/no-php.tpl b/install/rhel/5/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..e677f3e9f --- /dev/null +++ b/install/rhel/5/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,13 @@ +;[%backend%] +;user = %user% +;group = %user% +;listen = /dev/null + +;listen.owner = %user% +;listen.group = nginx + +;pm = dynamic +;pm.max_children = 50 +;pm.start_servers = 3 +;pm.min_spare_servers = 2 +;pm.max_spare_servers = 10 diff --git a/install/rhel/5/templates/web/php-fpm/socket.tpl b/install/rhel/5/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..c22d0e2cd --- /dev/null +++ b/install/rhel/5/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/debian/templates/web/skel/document_errors/403.html b/install/rhel/5/templates/web/skel/document_errors/403.html similarity index 100% rename from install/debian/templates/web/skel/document_errors/403.html rename to install/rhel/5/templates/web/skel/document_errors/403.html diff --git a/install/debian/templates/web/skel/document_errors/404.html b/install/rhel/5/templates/web/skel/document_errors/404.html similarity index 100% rename from install/debian/templates/web/skel/document_errors/404.html rename to install/rhel/5/templates/web/skel/document_errors/404.html diff --git a/install/debian/templates/web/skel/document_errors/50x.html b/install/rhel/5/templates/web/skel/document_errors/50x.html similarity index 100% rename from install/debian/templates/web/skel/document_errors/50x.html rename to install/rhel/5/templates/web/skel/document_errors/50x.html diff --git a/install/rhel/5/templates/web/skel/public_html/index.html b/install/rhel/5/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/rhel/5/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/5/templates/web/skel/public_html/robots.txt b/install/rhel/5/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/5/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/5/templates/web/skel/public_shtml/index.html b/install/rhel/5/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/rhel/5/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/5/templates/web/skel/public_shtml/robots.txt b/install/rhel/5/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/5/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/5/templates/web/suspend/.htaccess b/install/rhel/5/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/rhel/5/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/rhel/5/templates/web/suspend/index.html b/install/rhel/5/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/rhel/5/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/rhel/5/templates/web/webalizer/webalizer.tpl b/install/rhel/5/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/rhel/5/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/rhel/vsftpd.conf b/install/rhel/5/vsftpd/vsftpd.conf similarity index 89% rename from install/rhel/vsftpd.conf rename to install/rhel/5/vsftpd/vsftpd.conf index 7a986aff0..cf4c9624c 100644 --- a/install/rhel/vsftpd.conf +++ b/install/rhel/5/vsftpd/vsftpd.conf @@ -1,7 +1,8 @@ anonymous_enable=NO local_enable=YES write_enable=YES -local_umask=002 +local_umask=022 +anon_umask=022 anon_upload_enable=NO dirmessage_enable=YES xferlog_enable=YES @@ -19,3 +20,4 @@ ascii_download_enable=YES pasv_enable=YES pasv_max_port=12100 pasv_min_port=12000 +use_localtime=YES diff --git a/install/rhel/5/wsgi/httpd/wsgi.sh b/install/rhel/5/wsgi/httpd/wsgi.sh new file mode 100755 index 000000000..cb98116cb --- /dev/null +++ b/install/rhel/5/wsgi/httpd/wsgi.sh @@ -0,0 +1,33 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +echo "# Wsgi template +AddHandler wsgi-script .wsgi + +RewriteEngine On + +RewriteCond %{HTTP_HOST} ^www.$2\.ru\$ [NC] +RewriteRule ^(.*)\$ http://$2/\$1 [R=301,L] + +RewriteCond %{REQUEST_FILENAME} !-f +RewriteRule ^(.*)\$ /django.wsgi/\$1 [QSA,PT,L] +" > $docroot/.htaccess +chown $user:$user $docroot/.htaccess + + +echo "import os, sys +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/env/lib/python2.6/site-packages') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/shared/') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/') + +os.environ['DJANGO_SETTINGS_MODULE'] = 'main.settings' +import django.core.handlers.wsgi +application = django.core.handlers.wsgi.WSGIHandler()" > $docroot/django.wsgi +chown $user:$user $docroot/django.wsgi + +exit 0 diff --git a/install/rhel/5/wsgi/httpd/wsgi.stpl b/install/rhel/5/wsgi/httpd/wsgi.stpl new file mode 100755 index 000000000..e2fdd3f40 --- /dev/null +++ b/install/rhel/5/wsgi/httpd/wsgi.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/5/wsgi/httpd/wsgi.tpl b/install/rhel/5/wsgi/httpd/wsgi.tpl new file mode 100644 index 000000000..ad5d8a076 --- /dev/null +++ b/install/rhel/5/wsgi/httpd/wsgi.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/6/GPG.txt b/install/rhel/6/GPG.txt new file mode 100644 index 000000000..33bb1ff26 --- /dev/null +++ b/install/rhel/6/GPG.txt @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.5 (GNU/Linux) + +mQGiBExUOVkRBACPJeB3bdrAggHlFpkaB1aRDXDz7clRg6jyEzdMYHhrniSyjhAH ++b53zE4iapCHFIamEG2Fa7zS2lSx7068AmqHsZK5jwmyhTVVYuTtbebj1C4Y5ToW +icHhy4ullB7qeDmAod6EY4YSx2kYO3dR/QLk5QM4lWuV/OLdXWTeoKiiYwCg0UAP +yUkBXgNcKXrFqoJelmG3JEMEAIYM7CGwVd47FsM1UCu56HNQPErxLoUPBUlAQFtx +OMOFDMEm7qH7ve8FgGGRL9oHF7mSJ3y7HgM1BF5MHkKz6FjDrT1U5+Lub6oI2e90 +gfCMGlQAzUm9o+fijfbhKoEQ/xQRkUoqWEaf9zlFx1/4+NH+Qz/L8ZDTHvSLvUgt +HyZlA/916St5suAUugXu9PeLRVqboiHjhz0JWKneQEQ2QcTu8lhHsu/mZTWL9FYn +XwtiCJLZT8bpBSfl8Oeqhof1+sPgnv7t/LuKQ6JJmyJ46Sa453wfrs+xs32hKAe+ +ZN0VGBmHe7NhuhW/LdM0KMMr/LHuJJJAgmt+XVHi2RFwsZvdMbQkVmVzdGEgUGFj +a2FnZXMgPGJ1aWxkZXJAdmVzdGFjcC5jb20+iGAEExECACAFAkxUOVkCGwMGCwkI +BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBbjeFzoXeCtp6dAKDQfeTPHi6hCgg4L+sx +LEjXvVdLOwCfe9yfr+en+uz6qst0QBT2cAwB+q+5Ag0ETFQ5bBAIAJYZa9pV9l/R +OUFgIvdJd1mvzJpRAXsRBBJc22WuOHp22Uj+lMKrJMTRQZvFBvk9s7Mb1/ACXrL4 +vIbsKqXNAlVFp9kF1tKV2ejZ1MrJaQ4819bIkyG0lJzjl6u9lzJopF7ie00YHKC6 +1rltLaevfFjUXq1DoYZBg42hT/SOj+3+2D0e9qcxeuxXbsjnvwtxxUkWcP/ftOSt +HsAAbM1YtwGl9+fZLWG9+WIKNOE9kp+h2ywZtFA4v/Ms2op7oZGAL7C95k1EgLrH +mOZ0B2oKOLctV1z9keWksPN/osyG7Mg8ljv8zF3XwQFqHOHRntDqSWoFBMvJBkNS +vtm6u5WyKd8ABAsH/0RbeWVA+JqpZ24Rl57XoDRPRzno0m0EnkJMXr22uBq1lPg8 +VkadrGOshFXpM3Rho57f3U7fwKmShQXGEV7RHsWcxcfwOSKVJtI468sDuYXc2l1f +5nFo+rCtVh3BBq+JtZFKX0x53BesCT/M7l33Dfm9MDi34tEdPTPjumBIH1dowYdv +9/2HPlPp4NZte7gOO/VIAiS+jJ30aBn09t8duW5md7/rkOPIM5It05LGCLjb9hVm +R9zTwzw30fIrkeyWZdAbk76lH8u8j6PX30U6RRzb33+XIFR4ab3nlyqOQOpoTqyG +cs7B02sgBbyC+RG1EYfcelSEvLXkR8mjcqjs+MCISQQYEQIACQUCTFQ5bAIbDAAK +CRBbjeFzoXeCtlpcAKDLh59svtq/Gn99O9ZZw0nBjWv6sACfffDxPhCP1F852Jab +d8P1WGhr2Q8= +=Z1Jj +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/rhel/6/clamav/clamd.conf b/install/rhel/6/clamav/clamd.conf new file mode 100644 index 000000000..c215bcb98 --- /dev/null +++ b/install/rhel/6/clamav/clamd.conf @@ -0,0 +1,502 @@ +## +## Example config file for the Clam AV daemon +## Please read the clamd.conf(5) manual before editing this file. +## + + +# Comment or remove the line below. +#Example + +# Uncomment this option to enable logging. +# LogFile must be writable for the user running daemon. +# A full path is required. +# Default: disabled +LogFile /var/log/clamav/clamd.log + +# By default the log file is locked for writing - the lock protects against +# running clamd multiple times (if want to run another clamd, please +# copy the configuration file, change the LogFile variable, and run +# the daemon with --config-file option). +# This option disables log file locking. +# Default: no +#LogFileUnlock yes + +# Maximum size of the log file. +# Value of 0 disables the limit. +# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) +# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size +# in bytes just don't use modifiers. +# Default: 1M +LogFileMaxSize 0 + +# Log time with each message. +# Default: no +LogTime yes + +# Also log clean files. Useful in debugging but drastically increases the +# log size. +# Default: no +#LogClean yes + +# Use system logger (can work together with LogFile). +# Default: no +LogSyslog yes + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# Enable verbose logging. +# Default: no +#LogVerbose yes + +# Log additional information about the infected file, such as its +# size and hash, together with the virus name. +#ExtendedDetectionInfo yes + +# This option allows you to save a process identifier of the listening +# daemon (main thread). +# Default: disabled +PidFile /var/run/clamav/clamd.pid + +# Optional path to the global temporary directory. +# Default: system specific (usually /tmp or /var/tmp). +TemporaryDirectory /var/tmp + +# Path to the database directory. +# Default: hardcoded (depends on installation options) +DatabaseDirectory /var/lib/clamav + +# Only load the official signatures published by the ClamAV project. +# Default: no +#OfficialDatabaseOnly no + +# The daemon can work in local mode, network mode or both. +# Due to security reasons we recommend the local mode. + +# Path to a local socket file the daemon will listen on. +# Default: disabled (must be specified by a user) +LocalSocket /var/run/clamav/clamd.sock + +# Sets the group ownership on the unix socket. +# Default: disabled (the primary group of the user running clamd) +#LocalSocketGroup virusgroup + +# Sets the permissions on the unix socket to the specified mode. +# Default: disabled (socket is world accessible) +#LocalSocketMode 660 + +# Remove stale socket after unclean shutdown. +# Default: yes +FixStaleSocket yes + +# TCP port address. +# Default: no +TCPSocket 3310 + +# TCP address. +# By default we bind to INADDR_ANY, probably not wise. +# Enable the following to provide some degree of protection +# from the outside world. +# Default: no +TCPAddr 127.0.0.1 + +# Maximum length the queue of pending connections may grow to. +# Default: 200 +MaxConnectionQueueLength 30 + +# Clamd uses FTP-like protocol to receive data from remote clients. +# If you are using clamav-milter to balance load between remote clamd daemons +# on firewall servers you may need to tune the options below. + +# Close the connection when the data size limit is exceeded. +# The value should match your MTA's limit for a maximum attachment size. +# Default: 25M +#StreamMaxLength 10M + +# Limit port range. +# Default: 1024 +#StreamMinPort 30000 +# Default: 2048 +#StreamMaxPort 32000 + +# Maximum number of threads running at the same time. +# Default: 10 +MaxThreads 50 + +# Waiting for data from a client socket will timeout after this time (seconds). +# Default: 120 +ReadTimeout 300 + +# This option specifies the time (in seconds) after which clamd should +# timeout if a client doesn't provide any initial command after connecting. +# Default: 5 +#CommandReadTimeout 5 + +# This option specifies how long to wait (in miliseconds) if the send buffer is full. +# Keep this value low to prevent clamd hanging +# +# Default: 500 +#SendBufTimeout 200 + +# Maximum number of queued items (including those being processed by MaxThreads threads) +# It is recommended to have this value at least twice MaxThreads if possible. +# WARNING: you shouldn't increase this too much to avoid running out of file descriptors, +# the following condition should hold: +# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024) +# +# Default: 100 +#MaxQueue 200 + +# Waiting for a new job will timeout after this time (seconds). +# Default: 30 +#IdleTimeout 60 + +# Don't scan files and directories matching regex +# This directive can be used multiple times +# Default: scan all +#ExcludePath ^/proc/ +#ExcludePath ^/sys/ + +# Maximum depth directories are scanned at. +# Default: 15 +#MaxDirectoryRecursion 20 + +# Follow directory symlinks. +# Default: no +#FollowDirectorySymlinks yes + +# Follow regular file symlinks. +# Default: no +#FollowFileSymlinks yes + +# Scan files and directories on other filesystems. +# Default: yes +#CrossFilesystems yes + +# Perform a database check. +# Default: 600 (10 min) +#SelfCheck 600 + +# Execute a command when virus is found. In the command string %v will +# be replaced with the virus name. +# Default: no +#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" + +# Run as another user (clamd must be started by root for this option to work) +# Default: don't drop privileges +User clam + +# Initialize supplementary group access (clamd must be started by root). +# Default: no +AllowSupplementaryGroups yes + +# Stop daemon when libclamav reports out of memory condition. +#ExitOnOOM yes + +# Don't fork into background. +# Default: no +#Foreground yes + +# Enable debug messages in libclamav. +# Default: no +#Debug yes + +# Do not remove temporary files (for debug purposes). +# Default: no +#LeaveTemporaryFiles yes + +# Detect Possibly Unwanted Applications. +# Default: no +#DetectPUA yes + +# Exclude a specific PUA category. This directive can be used multiple times. +# See http://www.clamav.net/support/pua for the complete list of PUA +# categories. +# Default: Load all categories (if DetectPUA is activated) +#ExcludePUA NetTool +#ExcludePUA PWTool + +# Only include a specific PUA category. This directive can be used multiple +# times. +# Default: Load all categories (if DetectPUA is activated) +#IncludePUA Spy +#IncludePUA Scanner +#IncludePUA RAT + +# In some cases (eg. complex malware, exploits in graphic files, and others), +# ClamAV uses special algorithms to provide accurate detection. This option +# controls the algorithmic detection. +# Default: yes +#AlgorithmicDetection yes + + +## +## Executable files +## + +# PE stands for Portable Executable - it's an executable file format used +# in all 32 and 64-bit versions of Windows operating systems. This option allows +# ClamAV to perform a deeper analysis of executable files and it's also +# required for decompression of popular executable packers such as UPX, FSG, +# and Petite. If you turn off this option, the original files will still be +# scanned, but without additional processing. +# Default: yes +ScanPE yes + +# Executable and Linking Format is a standard format for UN*X executables. +# This option allows you to control the scanning of ELF files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanELF yes + +# With this option clamav will try to detect broken executables (both PE and +# ELF) and mark them as Broken.Executable. +# Default: no +DetectBrokenExecutables yes + + +## +## Documents +## + +# This option enables scanning of OLE2 files, such as Microsoft Office +# documents and .msi files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanOLE2 yes + + +# With this option enabled OLE2 files with VBA macros, which were not +# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". +# Default: no +#OLE2BlockMacros no + +# This option enables scanning within PDF files. +# If you turn off this option, the original files will still be scanned, but +# without decoding and additional processing. +# Default: yes +#ScanPDF yes + + +## +## Mail files +## + +# Enable internal e-mail scanner. +# If you turn off this option, the original files will still be scanned, but +# without parsing individual messages/attachments. +# Default: yes +ScanMail yes + +# Scan RFC1341 messages split over many emails. +# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory. +# WARNING: This option may open your system to a DoS attack. +# Never use it on loaded servers. +# Default: no +#ScanPartialMessages yes + + +# With this option enabled ClamAV will try to detect phishing attempts by using +# signatures. +# Default: yes +#PhishingSignatures yes + +# Scan URLs found in mails for phishing attempts using heuristics. +# Default: yes +#PhishingScanURLs yes + +# Always block SSL mismatches in URLs, even if the URL isn't in the database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockSSLMismatch no + +# Always block cloaked URLs, even if URL isn't in database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockCloak no + +# Allow heuristic match to take precedence. +# When enabled, if a heuristic scan (such as phishingScan) detects +# a possible virus/phish it will stop scan immediately. Recommended, saves CPU +# scan-time. +# When disabled, virus/phish detected by heuristic scans will be reported only at +# the end of a scan. If an archive contains both a heuristically detected +# virus/phish, and a real malware, the real malware will be reported +# +# Keep this disabled if you intend to handle "*.Heuristics.*" viruses +# differently from "real" malware. +# If a non-heuristically-detected virus (signature-based) is found first, +# the scan is interrupted immediately, regardless of this config option. +# +# Default: no +#HeuristicScanPrecedence yes + +## +## Data Loss Prevention (DLP) +## + +# Enable the DLP module +# Default: No +#StructuredDataDetection yes + +# This option sets the lowest number of Credit Card numbers found in a file +# to generate a detect. +# Default: 3 +#StructuredMinCreditCardCount 5 + +# This option sets the lowest number of Social Security Numbers found +# in a file to generate a detect. +# Default: 3 +#StructuredMinSSNCount 5 + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxx-yy-zzzz +# Default: yes +#StructuredSSNFormatNormal yes + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxxyyzzzz +# Default: no +#StructuredSSNFormatStripped yes + + +## +## HTML +## + +# Perform HTML normalisation and decryption of MS Script Encoder code. +# Default: yes +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +#ScanHTML yes + + +## +## Archives +## + +# ClamAV can scan within archives and compressed files. +# If you turn off this option, the original files will still be scanned, but +# without unpacking and additional processing. +# Default: yes +ScanArchive yes + +# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). +# Default: no +ArchiveBlockEncrypted no + + +## +## Limits +## + +# The options below protect your system against Denial of Service attacks +# using archive bombs. + +# This option sets the maximum amount of data to be scanned for each input file. +# Archives and other containers are recursively extracted and scanned up to this +# value. +# Value of 0 disables the limit +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 100M +#MaxScanSize 150M + +# Files larger than this limit won't be scanned. Affects the input file itself +# as well as files contained inside it (when the input file is an archive, a +# document or some other kind of container). +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 25M +#MaxFileSize 30M + +# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR +# file, all files within it will also be scanned. This options specifies how +# deeply the process should be continued. +# Note: setting this limit too high may result in severe damage to the system. +# Default: 16 +#MaxRecursion 10 + +# Number of files to be scanned within an archive, a document, or any other +# container file. +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 10000 +#MaxFiles 15000 + + +## +## Clamuko settings +## + +# Enable Clamuko. Dazuko must be configured and running. Clamuko supports +# both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS +# is the preferred option. For more information please visit www.dazuko.org +# Default: no +#ClamukoScanOnAccess yes + +# The number of scanner threads that will be started (DazukoFS only). +# Having multiple scanner threads allows Clamuko to serve multiple +# processes simultaneously. This is particularly beneficial on SMP machines. +# Default: 3 +#ClamukoScannerCount 3 + +# Don't scan files larger than ClamukoMaxFileSize +# Value of 0 disables the limit. +# Default: 5M +#ClamukoMaxFileSize 10M + +# Set access mask for Clamuko (Dazuko only). +# Default: no +#ClamukoScanOnOpen yes +#ClamukoScanOnClose yes +#ClamukoScanOnExec yes + +# Set the include paths (all files inside them will be scanned). You can have +# multiple ClamukoIncludePath directives but each directory must be added +# in a seperate line. (Dazuko only) +# Default: disabled +#ClamukoIncludePath /home +#ClamukoIncludePath /students + +# Set the exclude paths. All subdirectories are also excluded. (Dazuko only) +# Default: disabled +#ClamukoExcludePath /home/bofh + +# With this option you can whitelist specific UIDs. Processes with these UIDs +# will be able to access all files. +# This option can be used multiple times (one per line). +# Default: disabled +#ClamukoExcludeUID 0 + +# With this option enabled ClamAV will load bytecode from the database. +# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses. +# Default: yes +#Bytecode yes + +# Set bytecode security level. +# Possible values: +# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS +# This value is only available if clamav was built with --enable-debug! +# TrustSigned - trust bytecode loaded from signed .c[lv]d files, +# insert runtime safety checks for bytecode loaded from other sources +# Paranoid - don't trust any bytecode, insert runtime checks for all +# Recommended: TrustSigned, because bytecode in .cvd files already has these checks +# Note that by default only signed bytecode is loaded, currently you can only +# load unsigned bytecode in --enable-debug mode. +# +# Default: TrustSigned +#BytecodeSecurity TrustSigned + +# Set bytecode timeout in miliseconds. +# +# Default: 5000 +# BytecodeTimeout 1000 diff --git a/install/rhel/6/clamav/clamd.service b/install/rhel/6/clamav/clamd.service new file mode 100644 index 000000000..fdb3af7fd --- /dev/null +++ b/install/rhel/6/clamav/clamd.service @@ -0,0 +1,12 @@ +[Unit] +Description = clamd scanner (clamd) daemon +After = syslog.target nss-lookup.target network.target + +[Service] +Type = simple +ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes +Restart = on-failure +PrivateTmp = true + +[Install] +WantedBy=multi-user.target diff --git a/install/rhel/6/clamav/freshclam.conf b/install/rhel/6/clamav/freshclam.conf new file mode 100644 index 000000000..61fb36465 --- /dev/null +++ b/install/rhel/6/clamav/freshclam.conf @@ -0,0 +1,6 @@ +DatabaseDirectory /var/lib/clamav +UpdateLogFile /var/log/clamav/freshclam.log +LogSyslog yes +DatabaseOwner clam +DatabaseMirror db.ca.clamav.net +DatabaseMirror db.local.clamav.net diff --git a/install/rhel/6/dovecot/conf.d/10-auth.conf b/install/rhel/6/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/rhel/6/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/rhel/6/dovecot/conf.d/10-logging.conf b/install/rhel/6/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/rhel/6/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/rhel/6/dovecot/conf.d/10-mail.conf b/install/rhel/6/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/rhel/6/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/rhel/6/dovecot/conf.d/10-master.conf b/install/rhel/6/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/rhel/6/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/rhel/6/dovecot/conf.d/10-ssl.conf b/install/rhel/6/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/rhel/6/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = : defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +login: + driver = plaintext + public_name = LOGIN + client_send = ": user@smartrelay.vestacp.com : p4sw0rd" + server_set_id = $auth1 + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +smarthost: + driver = manualroute + domains = ! +local_domains + transport = remote_smtp_auth + route_list = * smartrelay.vestacp.com + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + require_files = /etc/exim/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +remote_smtp_auth: + driver = smtp + hosts = smartrelay.vestacp.com + hosts_require_auth = smartrelay.vestacp.com + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/rhel/6/exim/exim.conf b/install/rhel/6/exim/exim.conf new file mode 100644 index 000000000..50fd86510 --- /dev/null +++ b/install/rhel/6/exim/exim.conf @@ -0,0 +1,378 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +disable_ipv6=true +domainlist local_domains = dsearch;/etc/exim/domains/ +domainlist relay_to_domains = dsearch;/etc/exim/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.sock +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + require_files = /etc/exim/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/rhel/6/exim/spam-blocks.conf b/install/rhel/6/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/rhel/fail2ban.action.conf b/install/rhel/6/fail2ban/action.d/vesta.conf similarity index 100% rename from install/rhel/fail2ban.action.conf rename to install/rhel/6/fail2ban/action.d/vesta.conf diff --git a/install/rhel/fail2ban.filter.conf b/install/rhel/6/fail2ban/filter.d/vesta.conf similarity index 100% rename from install/rhel/fail2ban.filter.conf rename to install/rhel/6/fail2ban/filter.d/vesta.conf diff --git a/install/rhel/fail2ban.jail.conf b/install/rhel/6/fail2ban/jail.local similarity index 100% rename from install/rhel/fail2ban.jail.conf rename to install/rhel/6/fail2ban/jail.local diff --git a/install/rhel/6/firewall/ports.conf b/install/rhel/6/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/rhel/6/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/rhel/6/firewall/rules.conf b/install/rhel/6/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/rhel/6/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/rhel/6/httpd/httpd.conf b/install/rhel/6/httpd/httpd.conf new file mode 100644 index 000000000..e4ca29eb5 --- /dev/null +++ b/install/rhel/6/httpd/httpd.conf @@ -0,0 +1,256 @@ +ServerTokens OS +ServerRoot "/etc/httpd" +PidFile run/httpd.pid +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MaxClients 200 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxRequestsPerChild 4000 + + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 256 + MaxRequestsPerChild 4000 + + +LoadModule auth_basic_module modules/mod_auth_basic.so +LoadModule auth_digest_module modules/mod_auth_digest.so +LoadModule authn_file_module modules/mod_authn_file.so +LoadModule authn_alias_module modules/mod_authn_alias.so +LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +#LoadModule ldap_module modules/mod_ldap.so +#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +LoadModule include_module modules/mod_include.so +LoadModule log_config_module modules/mod_log_config.so +LoadModule logio_module modules/mod_logio.so +LoadModule env_module modules/mod_env.so +LoadModule ext_filter_module modules/mod_ext_filter.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule expires_module modules/mod_expires.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule headers_module modules/mod_headers.so +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule mime_module modules/mod_mime.so +LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule info_module modules/mod_info.so +#LoadModule dav_fs_module modules/mod_dav_fs.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so +LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule proxy_module modules/mod_proxy.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +#LoadModule proxy_http_module modules/mod_proxy_http.so +#LoadModule proxy_connect_module modules/mod_proxy_connect.so +LoadModule cache_module modules/mod_cache.so +LoadModule suexec_module modules/mod_suexec.so +#LoadModule disk_cache_module modules/mod_disk_cache.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule mem_cache_module modules/mod_mem_cache.so +LoadModule cgi_module modules/mod_cgi.so +LoadModule version_module modules/mod_version.so + +Include conf.d/*.conf + +ExtendedStatus On + +User apache +Group apache + +ServerAdmin root@localhost +UseCanonicalName Off +DocumentRoot "/var/www/html" + + Options SymLinksIfOwnerMatch + AllowOverride None + + + + Options Indexes SymLinksIfOwnerMatch + AllowOverride None + Order allow,deny + Allow from all + + + + UserDir public_html + + +DirectoryIndex index.php index.htm index.html + +AccessFileName .htaccess + + Order allow,deny + Deny from all + +TypesConfig /etc/mime.types + +DefaultType text/plain + + + MIMEMagicFile conf/magic + + +HostnameLookups Off + +ErrorLog logs/error_log +LogLevel warn + +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes +CustomLog logs/access_log combined + +ServerSignature On + +Alias /icons/ "/var/www/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + + AllowOverride None + Order allow,deny + Allow from all + + +ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" + + + AllowOverride None + Options ExecCGI + Order allow,deny + Allow from all + + +IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable + +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ +DefaultIcon /icons/unknown.gif +ReadmeName README.html +HeaderName HEADER.html +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw +LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW +ForceLanguagePriority Prefer Fallback + +AddDefaultCharset UTF-8 + +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz +AddType image/x-icon .ico + +AddType text/html .shtml +AddOutputFilter INCLUDES .shtml + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html + +BrowserMatch "Mozilla/2" nokeepalive +BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 +BrowserMatch "RealPlayer 4\.0" force-response-1.0 +BrowserMatch "Java/1\.0" force-response-1.0 +BrowserMatch "JDK/1\.0" force-response-1.0 +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully +BrowserMatch "^gnome-vfs/1.0" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully diff --git a/install/rhel/6/httpd/ruid2.conf b/install/rhel/6/httpd/ruid2.conf new file mode 100644 index 000000000..42f908a85 --- /dev/null +++ b/install/rhel/6/httpd/ruid2.conf @@ -0,0 +1,8 @@ +LoadModule ruid2_module modules/mod_ruid2.so + + + RMode config + RDefaultUidGid apache apache + RUidGid apache apache + RGroups apache + diff --git a/install/rhel/6/httpd/ssl.conf b/install/rhel/6/httpd/ssl.conf new file mode 100644 index 000000000..6835e420b --- /dev/null +++ b/install/rhel/6/httpd/ssl.conf @@ -0,0 +1,12 @@ +LoadModule ssl_module modules/mod_ssl.so + +AddType application/x-x509-ca-cert .crt +AddType application/x-pkcs7-crl .crl + +SSLPassPhraseDialog builtin +SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) +SSLSessionCacheTimeout 300 +SSLMutex default +SSLRandomSeed startup file:/dev/urandom 256 +SSLRandomSeed connect builtin +SSLCryptoDevice builtin diff --git a/install/rhel/6/httpd/status.conf b/install/rhel/6/httpd/status.conf new file mode 100644 index 000000000..f68f293dc --- /dev/null +++ b/install/rhel/6/httpd/status.conf @@ -0,0 +1,7 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + diff --git a/install/rhel/6/logrotate/dovecot b/install/rhel/6/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/rhel/6/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/rhel/6/logrotate/httpd b/install/rhel/6/logrotate/httpd new file mode 100644 index 000000000..80dab8e29 --- /dev/null +++ b/install/rhel/6/logrotate/httpd @@ -0,0 +1,10 @@ +/var/log/httpd/*log /var/log/httpd/domains/*log { + missingok + notifempty + compress + sharedscripts + postrotate + /sbin/service httpd reload > /dev/null 2>/dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/6/logrotate/nginx b/install/rhel/6/logrotate/nginx new file mode 100644 index 000000000..b1da1bf16 --- /dev/null +++ b/install/rhel/6/logrotate/nginx @@ -0,0 +1,12 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + create 0644 nginx nginx + daily + rotate 10 + missingok + notifempty + compress + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/6/logrotate/vesta b/install/rhel/6/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/rhel/6/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/rhel/6/mariadb/my-large.cnf b/install/rhel/6/mariadb/my-large.cnf new file mode 100644 index 000000000..4e6c2225c --- /dev/null +++ b/install/rhel/6/mariadb/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mariadb/my-medium.cnf b/install/rhel/6/mariadb/my-medium.cnf new file mode 100644 index 000000000..fa255ec52 --- /dev/null +++ b/install/rhel/6/mariadb/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mariadb/my-small.cnf b/install/rhel/6/mariadb/my-small.cnf new file mode 100644 index 000000000..7d2fdc1b3 --- /dev/null +++ b/install/rhel/6/mariadb/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 32K +max_allowed_packet = 8M +table_open_cache = 4 +sort_buffer_size = 128K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mysqld/my-large.cnf b/install/rhel/6/mysqld/my-large.cnf new file mode 100644 index 000000000..b548eeb87 --- /dev/null +++ b/install/rhel/6/mysqld/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mysqld/my-medium.cnf b/install/rhel/6/mysqld/my-medium.cnf new file mode 100644 index 000000000..e5f2677fc --- /dev/null +++ b/install/rhel/6/mysqld/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mysqld/my-small.cnf b/install/rhel/6/mysqld/my-small.cnf new file mode 100644 index 000000000..966c49c3a --- /dev/null +++ b/install/rhel/6/mysqld/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/named/named.conf b/install/rhel/6/named/named.conf new file mode 100644 index 000000000..472bd829b --- /dev/null +++ b/install/rhel/6/named/named.conf @@ -0,0 +1,13 @@ +options { + directory "/var/named"; + dump-file "/var/named/data/cache_dump.db"; + pid-file "/var/run/named/named.pid"; + statistics-file "/var/named/data/named_stats.txt"; + version "get lost"; + allow-transfer {"none";}; + recursion no; + +}; + +include "/etc/rndc.key"; + diff --git a/install/rhel/nginx.conf b/install/rhel/6/nginx/nginx.conf similarity index 50% rename from install/rhel/nginx.conf rename to install/rhel/6/nginx/nginx.conf index 3897fa5da..0a37ebbc3 100644 --- a/install/rhel/nginx.conf +++ b/install/rhel/6/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user nginx; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -21,7 +23,7 @@ http { client_body_timeout 1m; client_header_buffer_size 2k; client_body_buffer_size 256k; - client_max_body_size 100m; + client_max_body_size 256m; large_client_header_buffers 4 8k; send_timeout 30; keepalive_timeout 60 60; @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -48,12 +50,13 @@ http { # Compression gzip on; + gzip_vary on; gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css text/javascript - application/x-javascript; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; + gzip_disable "MSIE [1-6]\."; # Proxy settings @@ -68,10 +71,36 @@ http { proxy_buffers 32 4k; + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + # SSL PCI Compliance - ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH; - ssl_session_cache shared:SSL:10m; - ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; # Error pages @@ -80,14 +109,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; - proxy_temp_path /var/cache/nginx/temp; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -95,6 +126,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/rhel/6/nginx/phpmyadmin.inc b/install/rhel/6/nginx/phpmyadmin.inc new file mode 100644 index 000000000..122823d70 --- /dev/null +++ b/install/rhel/6/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpMyAdmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpMyAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/rhel/6/nginx/phppgadmin.inc b/install/rhel/6/nginx/phppgadmin.inc new file mode 100644 index 000000000..61dea1c9c --- /dev/null +++ b/install/rhel/6/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phpPgAdmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phpPgAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/6/nginx/status.conf b/install/rhel/6/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/rhel/6/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/rhel/6/nginx/webmail.inc b/install/rhel/6/nginx/webmail.inc new file mode 100644 index 000000000..d9cc181dc --- /dev/null +++ b/install/rhel/6/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /usr/share/roundcubemail; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /usr/share/roundcubemail/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/6/packages/default.pkg b/install/rhel/6/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/rhel/6/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/6/packages/gainsboro.pkg b/install/rhel/6/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/rhel/6/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/6/packages/palegreen.pkg b/install/rhel/6/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/rhel/6/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/6/packages/slategrey.pkg b/install/rhel/6/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/rhel/6/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/6/pga/config.inc.php b/install/rhel/6/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/rhel/6/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/rhel/6/pga/phpPgAdmin.conf b/install/rhel/6/pga/phpPgAdmin.conf new file mode 100644 index 000000000..4f6ea1b53 --- /dev/null +++ b/install/rhel/6/pga/phpPgAdmin.conf @@ -0,0 +1,14 @@ +# +# This configuration file maps the phpPgAdmin directory into the URL space. +# By default this application is only accessible from the local host. +# + +Alias /phpPgAdmin /usr/share/phpPgAdmin +Alias /phppgadmin /usr/share/phpPgAdmin + + + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/rhel/6/php-fpm/www.conf b/install/rhel/6/php-fpm/www.conf new file mode 100644 index 000000000..1bc0b0751 --- /dev/null +++ b/install/rhel/6/php-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = apache +group = apache + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/rhel/6/pma/config.inc.conf b/install/rhel/6/pma/config.inc.conf new file mode 100644 index 000000000..f7584089d --- /dev/null +++ b/install/rhel/6/pma/config.inc.conf @@ -0,0 +1,149 @@ +. + * + * @package phpMyAdmin + */ + +/* + * This is needed for cookie based authentication to encrypt password in + * cookie + */ +$cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ + +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + +/* + * Servers configuration + */ +$i = 0; + +/* + * First server + */ +$i++; +/* Authentication type */ +$cfg['Servers'][$i]['auth_type'] = 'cookie'; +/* Server parameters */ +$cfg['Servers'][$i]['host'] = 'localhost'; +$cfg['Servers'][$i]['connect_type'] = 'tcp'; +$cfg['Servers'][$i]['compress'] = false; +/* Select mysqli if your server has it */ +$cfg['Servers'][$i]['extension'] = 'mysql'; +$cfg['Servers'][$i]['AllowNoPassword'] = false; + +/* + * phpMyAdmin configuration storage settings. + */ + +/* User used to manipulate with storage */ +// $cfg['Servers'][$i]['controluser'] = 'pma'; +// $cfg['Servers'][$i]['controlpass'] = 'pmapass'; + +/* Storage database and tables */ +// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; +// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark'; +// $cfg['Servers'][$i]['relation'] = 'pma_relation'; +// $cfg['Servers'][$i]['table_info'] = 'pma_table_info'; +// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords'; +// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages'; +// $cfg['Servers'][$i]['column_info'] = 'pma_column_info'; +// $cfg['Servers'][$i]['history'] = 'pma_history'; +// $cfg['Servers'][$i]['tracking'] = 'pma_tracking'; +// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords'; +// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig'; +/* Contrib / Swekey authentication */ +// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf'; + +/* + * End of servers configuration + */ + +/* + * Directories for saving/loading files from server + */ +$cfg['UploadDir'] = ''; +$cfg['SaveDir'] = ''; + +/** + * Defines whether a user should be displayed a "show all (records)" + * button in browse mode or not. + * default = false + */ +//$cfg['ShowAll'] = true; + +/** + * Number of rows displayed when browsing a result set. If the result + * set contains more rows, "Previous" and "Next". + * default = 30 + */ +//$cfg['MaxRows'] = 50; + +/** + * Use graphically less intense menu tabs + * default = false + */ +//$cfg['LightTabs'] = true; + +/** + * disallow editing of binary fields + * valid values are: + * false allow editing + * 'blob' allow editing except for BLOB fields + * 'all' disallow editing + * default = blob + */ +//$cfg['ProtectBinary'] = 'false'; + +/** + * Default language to use, if not browser-defined or user-defined + * (you find all languages in the locale folder) + * uncomment the desired line: + * default = 'en' + */ +//$cfg['DefaultLang'] = 'en'; +//$cfg['DefaultLang'] = 'de'; + +/** + * default display direction (horizontal|vertical|horizontalflipped) + */ +//$cfg['DefaultDisplay'] = 'vertical'; + + +/** + * How many columns should be used for table display of a database? + * (a value larger than 1 results in some information being hidden) + * default = 1 + */ +//$cfg['PropertiesNumColumns'] = 2; + +/** + * Set to true if you want DB-based query history.If false, this utilizes + * JS-routines to display query history (lost by window close) + * + * This requires configuration storage enabled, see above. + * default = false + */ +//$cfg['QueryHistoryDB'] = true; + +/** + * When using DB-based query history, how many entries should be kept? + * + * default = 25 + */ +//$cfg['QueryHistoryMax'] = 100; + +/* + * You can find more configuration options in Documentation.html + * or here: http://wiki.phpmyadmin.net/pma/Config + */ +?> diff --git a/install/rhel/6/pma/phpMyAdmin.conf b/install/rhel/6/pma/phpMyAdmin.conf new file mode 100644 index 000000000..b1b6b60d4 --- /dev/null +++ b/install/rhel/6/pma/phpMyAdmin.conf @@ -0,0 +1,45 @@ +# phpMyAdmin - Web based MySQL browser written in php +# +# Allows only localhost by default +# +# But allowing phpMyAdmin to anyone other than localhost should be considered +# dangerous unless properly secured by SSL + +Alias /phpMyAdmin /usr/share/phpMyAdmin +Alias /phpmyadmin /usr/share/phpMyAdmin + + + Order Deny,Allow + Deny from All + Allow from All + + + + Order Deny,Allow + Deny from All + Allow from All + + +# This directory does not require access over HTTP - taken from the original +# phpMyAdmin upstream tarball +# + + Order Deny,Allow + Deny from All + Allow from None + + +# This configuration prevents mod_security at phpMyAdmin directories from +# filtering SQL etc. This may break your mod_security implementation. +# +# +# +# SecRuleInheritance Off +# +# + + + Order Deny,Allow + Deny from All + Allow from None + diff --git a/install/rhel/6/postgresql/pg_hba.conf b/install/rhel/6/postgresql/pg_hba.conf new file mode 100644 index 000000000..1ba43941b --- /dev/null +++ b/install/rhel/6/postgresql/pg_hba.conf @@ -0,0 +1,11 @@ +# "local" is for Unix domain socket connections only +local all all ident + +# IPv4 local connections: +host all all 127.0.0.1/32 md5 + +# IPv6 local connections: +host all all ::1/128 md5 + +# Others +host all all 0.0.0.0/0 md5 diff --git a/install/debian/proftpd.conf b/install/rhel/6/proftpd/proftpd.conf similarity index 87% rename from install/debian/proftpd.conf rename to install/rhel/6/proftpd/proftpd.conf index 0930fb117..6b89d125e 100644 --- a/install/debian/proftpd.conf +++ b/install/rhel/6/proftpd/proftpd.conf @@ -1,4 +1,3 @@ -LoadModule mod_vroot.c ServerName "FTP" ServerIdent on "FTP Server ready." ServerAdmin root@localhost @@ -8,14 +7,15 @@ DefaultRoot ~ !adm AuthPAMConfig proftpd AuthOrder mod_auth_pam.c* mod_auth_unix.c UseReverseDNS off -User proftpd -Group nogroup +User nobody +Group nobody MaxInstances 20 UseSendfile off LogFormat default "%h %l %u %t \"%r\" %s %b" LogFormat auth "%v [%P] %h %t \"%r\" %s" ListOptions -a RequireValidShell off +PassivePorts 12000 12100 Umask 002 diff --git a/install/rhel/6/remi-release.rpm b/install/rhel/6/remi-release.rpm new file mode 100644 index 000000000..555c7abeb Binary files /dev/null and b/install/rhel/6/remi-release.rpm differ diff --git a/install/rhel/6/roundcube/config.inc.php b/install/rhel/6/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/rhel/6/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/rhel/6/roundcube/main.inc.php b/install/rhel/6/roundcube/main.inc.php new file mode 100644 index 000000000..a27c306eb --- /dev/null +++ b/install/rhel/6/roundcube/main.inc.php @@ -0,0 +1,40 @@ + + Order Deny,Allow + Deny from all + Allow from all + diff --git a/install/rhel/6/roundcube/vesta.php b/install/rhel/6/roundcube/vesta.php new file mode 100644 index 000000000..1e9523a5c --- /dev/null +++ b/install/rhel/6/roundcube/vesta.php @@ -0,0 +1,70 @@ + + */ + +class rcube_vesta_password +{ + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} diff --git a/install/rhel/6/sudo/admin b/install/rhel/6/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/rhel/6/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/rhel/6/templates/dns/child-ns.tpl b/install/rhel/6/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/rhel/6/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/6/templates/dns/default.tpl b/install/rhel/6/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/rhel/6/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/6/templates/dns/gmail.tpl b/install/rhel/6/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/rhel/6/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/6/templates/web/awstats/awstats.tpl b/install/rhel/6/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/rhel/6/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/rhel/6/templates/web/awstats/index.tpl b/install/rhel/6/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/rhel/6/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/rhel/6/templates/web/awstats/nav.tpl b/install/rhel/6/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/rhel/6/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/rhel/6/templates/web/httpd/basedir.stpl b/install/rhel/6/templates/web/httpd/basedir.stpl new file mode 100644 index 000000000..ba4c1d91d --- /dev/null +++ b/install/rhel/6/templates/web/httpd/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/httpd/basedir.tpl b/install/rhel/6/templates/web/httpd/basedir.tpl new file mode 100644 index 000000000..f7d9b5283 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/templates/web/httpd/basedir.stpl b/install/rhel/6/templates/web/httpd/default.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/rhel/templates/web/httpd/basedir.stpl rename to install/rhel/6/templates/web/httpd/default.stpl index d568276df..0ab22c39a --- a/install/rhel/templates/web/httpd/basedir.stpl +++ b/install/rhel/6/templates/web/httpd/default.stpl @@ -15,7 +15,10 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/rhel/templates/web/httpd/basedir.tpl b/install/rhel/6/templates/web/httpd/default.tpl old mode 100755 new mode 100644 similarity index 81% rename from install/rhel/templates/web/httpd/basedir.tpl rename to install/rhel/6/templates/web/httpd/default.tpl index 41b77334a..751b7c59b --- a/install/rhel/templates/web/httpd/basedir.tpl +++ b/install/rhel/6/templates/web/httpd/default.tpl @@ -14,7 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/rhel/templates/web/httpd/hosting.stpl b/install/rhel/6/templates/web/httpd/hosting.stpl old mode 100755 new mode 100644 similarity index 82% rename from install/rhel/templates/web/httpd/hosting.stpl rename to install/rhel/6/templates/web/httpd/hosting.stpl index ee06dfce7..f9246c8d3 --- a/install/rhel/templates/web/httpd/hosting.stpl +++ b/install/rhel/6/templates/web/httpd/hosting.stpl @@ -15,15 +15,17 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value upload_max_filesize 10M php_admin_value max_execution_time 20 php_admin_value post_max_size 8M php_admin_value memory_limit 32M php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp - php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' AllowOverride All diff --git a/install/rhel/templates/web/httpd/hosting.tpl b/install/rhel/6/templates/web/httpd/hosting.tpl old mode 100755 new mode 100644 similarity index 81% rename from install/rhel/templates/web/httpd/hosting.tpl rename to install/rhel/6/templates/web/httpd/hosting.tpl index c3b839972..5eef2a35a --- a/install/rhel/templates/web/httpd/hosting.tpl +++ b/install/rhel/6/templates/web/httpd/hosting.tpl @@ -14,15 +14,17 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value upload_max_filesize 10M php_admin_value max_execution_time 20 php_admin_value post_max_size 8M php_admin_value memory_limit 32M php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp - php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' AllowOverride All diff --git a/install/rhel/6/templates/web/httpd/phpcgi.sh b/install/rhel/6/templates/web/httpd/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/6/templates/web/httpd/phpcgi.stpl b/install/rhel/6/templates/web/httpd/phpcgi.stpl new file mode 100644 index 000000000..46c71f8f7 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/web/shttpd.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/httpd/phpcgi.tpl b/install/rhel/6/templates/web/httpd/phpcgi.tpl new file mode 100644 index 000000000..b521a6e6f --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + Include %home%/%user%/conf/web/httpd.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/httpd/phpfcgid.sh b/install/rhel/6/templates/web/httpd/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/6/templates/web/httpd/phpfcgid.stpl b/install/rhel/6/templates/web/httpd/phpfcgid.stpl new file mode 100644 index 000000000..41a14729a --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/web/shttpd.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/httpd/phpfcgid.tpl b/install/rhel/6/templates/web/httpd/phpfcgid.tpl new file mode 100644 index 000000000..bb9d3b748 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + Include %home%/%user%/conf/web/httpd.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/nginx/caching.sh b/install/rhel/6/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/rhel/6/templates/web/nginx/caching.stpl b/install/rhel/6/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..5e1ac757b --- /dev/null +++ b/install/rhel/6/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/caching.tpl b/install/rhel/6/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..6d727c67f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/default.stpl b/install/rhel/6/templates/web/nginx/default.stpl new file mode 100755 index 000000000..22bbd55a6 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/6/templates/web/nginx/default.tpl b/install/rhel/6/templates/web/nginx/default.tpl new file mode 100755 index 000000000..c1fec114f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/6/templates/web/nginx/hosting.sh b/install/rhel/6/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/rhel/6/templates/web/nginx/hosting.stpl b/install/rhel/6/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..c3414149b --- /dev/null +++ b/install/rhel/6/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/6/templates/web/nginx/hosting.tpl b/install/rhel/6/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..44d874962 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/6/templates/web/nginx/http2.stpl b/install/rhel/6/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..cfdb9188d --- /dev/null +++ b/install/rhel/6/templates/web/nginx/http2.stpl @@ -0,0 +1,34 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/http2.tpl b/install/rhel/6/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..b20e2922d --- /dev/null +++ b/install/rhel/6/templates/web/nginx/http2.tpl @@ -0,0 +1,32 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/default.stpl b/install/rhel/6/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/default.tpl b/install/rhel/6/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/invoiceninja.stpl b/install/rhel/6/templates/web/nginx/php-fpm/invoiceninja.stpl new file mode 100644 index 000000000..086e6a8e8 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/invoiceninja.stpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/invoiceninja.tpl b/install/rhel/6/templates/web/nginx/php-fpm/invoiceninja.tpl new file mode 100644 index 000000000..fd06523a9 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/invoiceninja.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/joomla.stpl b/install/rhel/6/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/joomla.tpl b/install/rhel/6/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/laravel.stpl b/install/rhel/6/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/laravel.tpl b/install/rhel/6/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/magento.stpl b/install/rhel/6/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/magento.tpl b/install/rhel/6/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/mautic.stpl b/install/rhel/6/templates/web/nginx/php-fpm/mautic.stpl new file mode 100644 index 000000000..a88e9b58f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/mautic.stpl @@ -0,0 +1,48 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/mautic.tpl b/install/rhel/6/templates/web/nginx/php-fpm/mautic.tpl new file mode 100644 index 000000000..177d48757 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/mautic.tpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/modx.stpl b/install/rhel/6/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/modx.tpl b/install/rhel/6/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/moodle.stpl b/install/rhel/6/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/moodle.tpl b/install/rhel/6/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/no-php.stpl b/install/rhel/6/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/no-php.tpl b/install/rhel/6/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/odoo.stpl b/install/rhel/6/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/odoo.tpl b/install/rhel/6/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/opencart.stpl b/install/rhel/6/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/opencart.tpl b/install/rhel/6/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/owncloud.stpl b/install/rhel/6/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/owncloud.tpl b/install/rhel/6/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/piwik.stpl b/install/rhel/6/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/piwik.tpl b/install/rhel/6/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl b/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/sendy.tpl b/install/rhel/6/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress.tpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.tpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/proxy_ip.tpl b/install/rhel/6/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/rhel/6/templates/web/php-fpm/default.tpl b/install/rhel/6/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/rhel/6/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/rhel/6/templates/web/php-fpm/no-php.tpl b/install/rhel/6/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..e677f3e9f --- /dev/null +++ b/install/rhel/6/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,13 @@ +;[%backend%] +;user = %user% +;group = %user% +;listen = /dev/null + +;listen.owner = %user% +;listen.group = nginx + +;pm = dynamic +;pm.max_children = 50 +;pm.start_servers = 3 +;pm.min_spare_servers = 2 +;pm.max_spare_servers = 10 diff --git a/install/rhel/6/templates/web/php-fpm/socket.tpl b/install/rhel/6/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..c22d0e2cd --- /dev/null +++ b/install/rhel/6/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/rhel/templates/web/skel/document_errors/403.html b/install/rhel/6/templates/web/skel/document_errors/403.html similarity index 100% rename from install/rhel/templates/web/skel/document_errors/403.html rename to install/rhel/6/templates/web/skel/document_errors/403.html diff --git a/install/rhel/templates/web/skel/document_errors/404.html b/install/rhel/6/templates/web/skel/document_errors/404.html similarity index 100% rename from install/rhel/templates/web/skel/document_errors/404.html rename to install/rhel/6/templates/web/skel/document_errors/404.html diff --git a/install/rhel/templates/web/skel/document_errors/50x.html b/install/rhel/6/templates/web/skel/document_errors/50x.html similarity index 100% rename from install/rhel/templates/web/skel/document_errors/50x.html rename to install/rhel/6/templates/web/skel/document_errors/50x.html diff --git a/install/rhel/6/templates/web/skel/public_html/index.html b/install/rhel/6/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/rhel/6/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/6/templates/web/skel/public_html/robots.txt b/install/rhel/6/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/6/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/6/templates/web/skel/public_shtml/index.html b/install/rhel/6/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/rhel/6/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/6/templates/web/skel/public_shtml/robots.txt b/install/rhel/6/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/6/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/6/templates/web/suspend/.htaccess b/install/rhel/6/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/rhel/6/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/rhel/6/templates/web/suspend/index.html b/install/rhel/6/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/rhel/6/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/rhel/6/templates/web/webalizer/webalizer.tpl b/install/rhel/6/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/rhel/6/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/rhel/6/vsftpd/vsftpd.conf b/install/rhel/6/vsftpd/vsftpd.conf new file mode 100644 index 000000000..cf4c9624c --- /dev/null +++ b/install/rhel/6/vsftpd/vsftpd.conf @@ -0,0 +1,23 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +dual_log_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=YES +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES diff --git a/install/rhel/6/wsgi/httpd/wsgi.sh b/install/rhel/6/wsgi/httpd/wsgi.sh new file mode 100755 index 000000000..cb98116cb --- /dev/null +++ b/install/rhel/6/wsgi/httpd/wsgi.sh @@ -0,0 +1,33 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +echo "# Wsgi template +AddHandler wsgi-script .wsgi + +RewriteEngine On + +RewriteCond %{HTTP_HOST} ^www.$2\.ru\$ [NC] +RewriteRule ^(.*)\$ http://$2/\$1 [R=301,L] + +RewriteCond %{REQUEST_FILENAME} !-f +RewriteRule ^(.*)\$ /django.wsgi/\$1 [QSA,PT,L] +" > $docroot/.htaccess +chown $user:$user $docroot/.htaccess + + +echo "import os, sys +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/env/lib/python2.6/site-packages') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/shared/') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/') + +os.environ['DJANGO_SETTINGS_MODULE'] = 'main.settings' +import django.core.handlers.wsgi +application = django.core.handlers.wsgi.WSGIHandler()" > $docroot/django.wsgi +chown $user:$user $docroot/django.wsgi + +exit 0 diff --git a/install/rhel/6/wsgi/httpd/wsgi.stpl b/install/rhel/6/wsgi/httpd/wsgi.stpl new file mode 100755 index 000000000..e2fdd3f40 --- /dev/null +++ b/install/rhel/6/wsgi/httpd/wsgi.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/6/wsgi/httpd/wsgi.tpl b/install/rhel/6/wsgi/httpd/wsgi.tpl new file mode 100644 index 000000000..ad5d8a076 --- /dev/null +++ b/install/rhel/6/wsgi/httpd/wsgi.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/GPG.txt b/install/rhel/7/GPG.txt new file mode 100644 index 000000000..33bb1ff26 --- /dev/null +++ b/install/rhel/7/GPG.txt @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.5 (GNU/Linux) + +mQGiBExUOVkRBACPJeB3bdrAggHlFpkaB1aRDXDz7clRg6jyEzdMYHhrniSyjhAH ++b53zE4iapCHFIamEG2Fa7zS2lSx7068AmqHsZK5jwmyhTVVYuTtbebj1C4Y5ToW +icHhy4ullB7qeDmAod6EY4YSx2kYO3dR/QLk5QM4lWuV/OLdXWTeoKiiYwCg0UAP +yUkBXgNcKXrFqoJelmG3JEMEAIYM7CGwVd47FsM1UCu56HNQPErxLoUPBUlAQFtx +OMOFDMEm7qH7ve8FgGGRL9oHF7mSJ3y7HgM1BF5MHkKz6FjDrT1U5+Lub6oI2e90 +gfCMGlQAzUm9o+fijfbhKoEQ/xQRkUoqWEaf9zlFx1/4+NH+Qz/L8ZDTHvSLvUgt +HyZlA/916St5suAUugXu9PeLRVqboiHjhz0JWKneQEQ2QcTu8lhHsu/mZTWL9FYn +XwtiCJLZT8bpBSfl8Oeqhof1+sPgnv7t/LuKQ6JJmyJ46Sa453wfrs+xs32hKAe+ +ZN0VGBmHe7NhuhW/LdM0KMMr/LHuJJJAgmt+XVHi2RFwsZvdMbQkVmVzdGEgUGFj +a2FnZXMgPGJ1aWxkZXJAdmVzdGFjcC5jb20+iGAEExECACAFAkxUOVkCGwMGCwkI +BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBbjeFzoXeCtp6dAKDQfeTPHi6hCgg4L+sx +LEjXvVdLOwCfe9yfr+en+uz6qst0QBT2cAwB+q+5Ag0ETFQ5bBAIAJYZa9pV9l/R +OUFgIvdJd1mvzJpRAXsRBBJc22WuOHp22Uj+lMKrJMTRQZvFBvk9s7Mb1/ACXrL4 +vIbsKqXNAlVFp9kF1tKV2ejZ1MrJaQ4819bIkyG0lJzjl6u9lzJopF7ie00YHKC6 +1rltLaevfFjUXq1DoYZBg42hT/SOj+3+2D0e9qcxeuxXbsjnvwtxxUkWcP/ftOSt +HsAAbM1YtwGl9+fZLWG9+WIKNOE9kp+h2ywZtFA4v/Ms2op7oZGAL7C95k1EgLrH +mOZ0B2oKOLctV1z9keWksPN/osyG7Mg8ljv8zF3XwQFqHOHRntDqSWoFBMvJBkNS +vtm6u5WyKd8ABAsH/0RbeWVA+JqpZ24Rl57XoDRPRzno0m0EnkJMXr22uBq1lPg8 +VkadrGOshFXpM3Rho57f3U7fwKmShQXGEV7RHsWcxcfwOSKVJtI468sDuYXc2l1f +5nFo+rCtVh3BBq+JtZFKX0x53BesCT/M7l33Dfm9MDi34tEdPTPjumBIH1dowYdv +9/2HPlPp4NZte7gOO/VIAiS+jJ30aBn09t8duW5md7/rkOPIM5It05LGCLjb9hVm +R9zTwzw30fIrkeyWZdAbk76lH8u8j6PX30U6RRzb33+XIFR4ab3nlyqOQOpoTqyG +cs7B02sgBbyC+RG1EYfcelSEvLXkR8mjcqjs+MCISQQYEQIACQUCTFQ5bAIbDAAK +CRBbjeFzoXeCtlpcAKDLh59svtq/Gn99O9ZZw0nBjWv6sACfffDxPhCP1F852Jab +d8P1WGhr2Q8= +=Z1Jj +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/rhel/7/clamav/clamd.conf b/install/rhel/7/clamav/clamd.conf new file mode 100644 index 000000000..52ff68210 --- /dev/null +++ b/install/rhel/7/clamav/clamd.conf @@ -0,0 +1,502 @@ +## +## Example config file for the Clam AV daemon +## Please read the clamd.conf(5) manual before editing this file. +## + + +# Comment or remove the line below. +#Example + +# Uncomment this option to enable logging. +# LogFile must be writable for the user running daemon. +# A full path is required. +# Default: disabled +LogFile /var/log/clamav/clamd.log + +# By default the log file is locked for writing - the lock protects against +# running clamd multiple times (if want to run another clamd, please +# copy the configuration file, change the LogFile variable, and run +# the daemon with --config-file option). +# This option disables log file locking. +# Default: no +#LogFileUnlock yes + +# Maximum size of the log file. +# Value of 0 disables the limit. +# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) +# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size +# in bytes just don't use modifiers. +# Default: 1M +LogFileMaxSize 0 + +# Log time with each message. +# Default: no +LogTime yes + +# Also log clean files. Useful in debugging but drastically increases the +# log size. +# Default: no +#LogClean yes + +# Use system logger (can work together with LogFile). +# Default: no +LogSyslog yes + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# Enable verbose logging. +# Default: no +#LogVerbose yes + +# Log additional information about the infected file, such as its +# size and hash, together with the virus name. +#ExtendedDetectionInfo yes + +# This option allows you to save a process identifier of the listening +# daemon (main thread). +# Default: disabled +PidFile /var/run/clamav/clamd.pid + +# Optional path to the global temporary directory. +# Default: system specific (usually /tmp or /var/tmp). +TemporaryDirectory /var/tmp + +# Path to the database directory. +# Default: hardcoded (depends on installation options) +DatabaseDirectory /var/lib/clamav + +# Only load the official signatures published by the ClamAV project. +# Default: no +#OfficialDatabaseOnly no + +# The daemon can work in local mode, network mode or both. +# Due to security reasons we recommend the local mode. + +# Path to a local socket file the daemon will listen on. +# Default: disabled (must be specified by a user) +LocalSocket /var/run/clamav/clamd.sock + +# Sets the group ownership on the unix socket. +# Default: disabled (the primary group of the user running clamd) +#LocalSocketGroup virusgroup + +# Sets the permissions on the unix socket to the specified mode. +# Default: disabled (socket is world accessible) +#LocalSocketMode 660 + +# Remove stale socket after unclean shutdown. +# Default: yes +FixStaleSocket yes + +# TCP port address. +# Default: no +TCPSocket 3310 + +# TCP address. +# By default we bind to INADDR_ANY, probably not wise. +# Enable the following to provide some degree of protection +# from the outside world. +# Default: no +TCPAddr 127.0.0.1 + +# Maximum length the queue of pending connections may grow to. +# Default: 200 +MaxConnectionQueueLength 30 + +# Clamd uses FTP-like protocol to receive data from remote clients. +# If you are using clamav-milter to balance load between remote clamd daemons +# on firewall servers you may need to tune the options below. + +# Close the connection when the data size limit is exceeded. +# The value should match your MTA's limit for a maximum attachment size. +# Default: 25M +#StreamMaxLength 10M + +# Limit port range. +# Default: 1024 +#StreamMinPort 30000 +# Default: 2048 +#StreamMaxPort 32000 + +# Maximum number of threads running at the same time. +# Default: 10 +MaxThreads 50 + +# Waiting for data from a client socket will timeout after this time (seconds). +# Default: 120 +ReadTimeout 300 + +# This option specifies the time (in seconds) after which clamd should +# timeout if a client doesn't provide any initial command after connecting. +# Default: 5 +#CommandReadTimeout 5 + +# This option specifies how long to wait (in miliseconds) if the send buffer is full. +# Keep this value low to prevent clamd hanging +# +# Default: 500 +#SendBufTimeout 200 + +# Maximum number of queued items (including those being processed by MaxThreads threads) +# It is recommended to have this value at least twice MaxThreads if possible. +# WARNING: you shouldn't increase this too much to avoid running out of file descriptors, +# the following condition should hold: +# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024) +# +# Default: 100 +#MaxQueue 200 + +# Waiting for a new job will timeout after this time (seconds). +# Default: 30 +#IdleTimeout 60 + +# Don't scan files and directories matching regex +# This directive can be used multiple times +# Default: scan all +#ExcludePath ^/proc/ +#ExcludePath ^/sys/ + +# Maximum depth directories are scanned at. +# Default: 15 +#MaxDirectoryRecursion 20 + +# Follow directory symlinks. +# Default: no +#FollowDirectorySymlinks yes + +# Follow regular file symlinks. +# Default: no +#FollowFileSymlinks yes + +# Scan files and directories on other filesystems. +# Default: yes +#CrossFilesystems yes + +# Perform a database check. +# Default: 600 (10 min) +#SelfCheck 600 + +# Execute a command when virus is found. In the command string %v will +# be replaced with the virus name. +# Default: no +#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" + +# Run as another user (clamd must be started by root for this option to work) +# Default: don't drop privileges +User clam + +# Initialize supplementary group access (clamd must be started by root). +# Default: no +AllowSupplementaryGroups yes + +# Stop daemon when libclamav reports out of memory condition. +#ExitOnOOM yes + +# Don't fork into background. +# Default: no +Foreground yes + +# Enable debug messages in libclamav. +# Default: no +#Debug yes + +# Do not remove temporary files (for debug purposes). +# Default: no +#LeaveTemporaryFiles yes + +# Detect Possibly Unwanted Applications. +# Default: no +#DetectPUA yes + +# Exclude a specific PUA category. This directive can be used multiple times. +# See http://www.clamav.net/support/pua for the complete list of PUA +# categories. +# Default: Load all categories (if DetectPUA is activated) +#ExcludePUA NetTool +#ExcludePUA PWTool + +# Only include a specific PUA category. This directive can be used multiple +# times. +# Default: Load all categories (if DetectPUA is activated) +#IncludePUA Spy +#IncludePUA Scanner +#IncludePUA RAT + +# In some cases (eg. complex malware, exploits in graphic files, and others), +# ClamAV uses special algorithms to provide accurate detection. This option +# controls the algorithmic detection. +# Default: yes +#AlgorithmicDetection yes + + +## +## Executable files +## + +# PE stands for Portable Executable - it's an executable file format used +# in all 32 and 64-bit versions of Windows operating systems. This option allows +# ClamAV to perform a deeper analysis of executable files and it's also +# required for decompression of popular executable packers such as UPX, FSG, +# and Petite. If you turn off this option, the original files will still be +# scanned, but without additional processing. +# Default: yes +ScanPE yes + +# Executable and Linking Format is a standard format for UN*X executables. +# This option allows you to control the scanning of ELF files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanELF yes + +# With this option clamav will try to detect broken executables (both PE and +# ELF) and mark them as Broken.Executable. +# Default: no +DetectBrokenExecutables yes + + +## +## Documents +## + +# This option enables scanning of OLE2 files, such as Microsoft Office +# documents and .msi files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanOLE2 yes + + +# With this option enabled OLE2 files with VBA macros, which were not +# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". +# Default: no +#OLE2BlockMacros no + +# This option enables scanning within PDF files. +# If you turn off this option, the original files will still be scanned, but +# without decoding and additional processing. +# Default: yes +#ScanPDF yes + + +## +## Mail files +## + +# Enable internal e-mail scanner. +# If you turn off this option, the original files will still be scanned, but +# without parsing individual messages/attachments. +# Default: yes +ScanMail yes + +# Scan RFC1341 messages split over many emails. +# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory. +# WARNING: This option may open your system to a DoS attack. +# Never use it on loaded servers. +# Default: no +#ScanPartialMessages yes + + +# With this option enabled ClamAV will try to detect phishing attempts by using +# signatures. +# Default: yes +#PhishingSignatures yes + +# Scan URLs found in mails for phishing attempts using heuristics. +# Default: yes +#PhishingScanURLs yes + +# Always block SSL mismatches in URLs, even if the URL isn't in the database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockSSLMismatch no + +# Always block cloaked URLs, even if URL isn't in database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockCloak no + +# Allow heuristic match to take precedence. +# When enabled, if a heuristic scan (such as phishingScan) detects +# a possible virus/phish it will stop scan immediately. Recommended, saves CPU +# scan-time. +# When disabled, virus/phish detected by heuristic scans will be reported only at +# the end of a scan. If an archive contains both a heuristically detected +# virus/phish, and a real malware, the real malware will be reported +# +# Keep this disabled if you intend to handle "*.Heuristics.*" viruses +# differently from "real" malware. +# If a non-heuristically-detected virus (signature-based) is found first, +# the scan is interrupted immediately, regardless of this config option. +# +# Default: no +#HeuristicScanPrecedence yes + +## +## Data Loss Prevention (DLP) +## + +# Enable the DLP module +# Default: No +#StructuredDataDetection yes + +# This option sets the lowest number of Credit Card numbers found in a file +# to generate a detect. +# Default: 3 +#StructuredMinCreditCardCount 5 + +# This option sets the lowest number of Social Security Numbers found +# in a file to generate a detect. +# Default: 3 +#StructuredMinSSNCount 5 + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxx-yy-zzzz +# Default: yes +#StructuredSSNFormatNormal yes + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxxyyzzzz +# Default: no +#StructuredSSNFormatStripped yes + + +## +## HTML +## + +# Perform HTML normalisation and decryption of MS Script Encoder code. +# Default: yes +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +#ScanHTML yes + + +## +## Archives +## + +# ClamAV can scan within archives and compressed files. +# If you turn off this option, the original files will still be scanned, but +# without unpacking and additional processing. +# Default: yes +ScanArchive yes + +# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). +# Default: no +ArchiveBlockEncrypted no + + +## +## Limits +## + +# The options below protect your system against Denial of Service attacks +# using archive bombs. + +# This option sets the maximum amount of data to be scanned for each input file. +# Archives and other containers are recursively extracted and scanned up to this +# value. +# Value of 0 disables the limit +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 100M +#MaxScanSize 150M + +# Files larger than this limit won't be scanned. Affects the input file itself +# as well as files contained inside it (when the input file is an archive, a +# document or some other kind of container). +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 25M +#MaxFileSize 30M + +# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR +# file, all files within it will also be scanned. This options specifies how +# deeply the process should be continued. +# Note: setting this limit too high may result in severe damage to the system. +# Default: 16 +#MaxRecursion 10 + +# Number of files to be scanned within an archive, a document, or any other +# container file. +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 10000 +#MaxFiles 15000 + + +## +## Clamuko settings +## + +# Enable Clamuko. Dazuko must be configured and running. Clamuko supports +# both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS +# is the preferred option. For more information please visit www.dazuko.org +# Default: no +#ClamukoScanOnAccess yes + +# The number of scanner threads that will be started (DazukoFS only). +# Having multiple scanner threads allows Clamuko to serve multiple +# processes simultaneously. This is particularly beneficial on SMP machines. +# Default: 3 +#ClamukoScannerCount 3 + +# Don't scan files larger than ClamukoMaxFileSize +# Value of 0 disables the limit. +# Default: 5M +#ClamukoMaxFileSize 10M + +# Set access mask for Clamuko (Dazuko only). +# Default: no +#ClamukoScanOnOpen yes +#ClamukoScanOnClose yes +#ClamukoScanOnExec yes + +# Set the include paths (all files inside them will be scanned). You can have +# multiple ClamukoIncludePath directives but each directory must be added +# in a seperate line. (Dazuko only) +# Default: disabled +#ClamukoIncludePath /home +#ClamukoIncludePath /students + +# Set the exclude paths. All subdirectories are also excluded. (Dazuko only) +# Default: disabled +#ClamukoExcludePath /home/bofh + +# With this option you can whitelist specific UIDs. Processes with these UIDs +# will be able to access all files. +# This option can be used multiple times (one per line). +# Default: disabled +#ClamukoExcludeUID 0 + +# With this option enabled ClamAV will load bytecode from the database. +# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses. +# Default: yes +#Bytecode yes + +# Set bytecode security level. +# Possible values: +# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS +# This value is only available if clamav was built with --enable-debug! +# TrustSigned - trust bytecode loaded from signed .c[lv]d files, +# insert runtime safety checks for bytecode loaded from other sources +# Paranoid - don't trust any bytecode, insert runtime checks for all +# Recommended: TrustSigned, because bytecode in .cvd files already has these checks +# Note that by default only signed bytecode is loaded, currently you can only +# load unsigned bytecode in --enable-debug mode. +# +# Default: TrustSigned +#BytecodeSecurity TrustSigned + +# Set bytecode timeout in miliseconds. +# +# Default: 5000 +# BytecodeTimeout 1000 diff --git a/install/rhel/7/clamav/clamd.service b/install/rhel/7/clamav/clamd.service new file mode 100644 index 000000000..5513767fc --- /dev/null +++ b/install/rhel/7/clamav/clamd.service @@ -0,0 +1,14 @@ +[Unit] +Description = clamd scanner (clamd) daemon +After = syslog.target nss-lookup.target network.target + +[Service] +Type = simple +ExecStartPre = /usr/bin/mkdir -p /var/run/clamav +ExecStartPre = /usr/bin/chown -R clam:clam /var/run/clamav +ExecStart = /usr/sbin/clamd -c /etc/clamd.conf +Restart = on-failure +PrivateTmp = true + +[Install] +WantedBy=multi-user.target diff --git a/install/rhel/7/clamav/freshclam.conf b/install/rhel/7/clamav/freshclam.conf new file mode 100644 index 000000000..61fb36465 --- /dev/null +++ b/install/rhel/7/clamav/freshclam.conf @@ -0,0 +1,6 @@ +DatabaseDirectory /var/lib/clamav +UpdateLogFile /var/log/clamav/freshclam.log +LogSyslog yes +DatabaseOwner clam +DatabaseMirror db.ca.clamav.net +DatabaseMirror db.local.clamav.net diff --git a/install/rhel/7/dovecot/conf.d/10-auth.conf b/install/rhel/7/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/rhel/7/dovecot/conf.d/10-logging.conf b/install/rhel/7/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/rhel/7/dovecot/conf.d/10-mail.conf b/install/rhel/7/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/rhel/7/dovecot/conf.d/10-master.conf b/install/rhel/7/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/rhel/7/dovecot/conf.d/10-ssl.conf b/install/rhel/7/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 3 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/rhel/7/dovecot/conf.d/auth-passwdfile.conf.ext b/install/rhel/7/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..69ab3a5d9 --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim/domains/%d/passwd +} diff --git a/install/rhel/7/dovecot/dovecot.conf b/install/rhel/7/dovecot/dovecot.conf new file mode 100644 index 000000000..b44bd6a82 --- /dev/null +++ b/install/rhel/7/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = * +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/rhel/7/epel-release.rpm b/install/rhel/7/epel-release.rpm new file mode 100644 index 000000000..6c2a040be Binary files /dev/null and b/install/rhel/7/epel-release.rpm differ diff --git a/install/rhel/7/exim/dnsbl.conf b/install/rhel/7/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/rhel/7/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/rhel/7/exim/exim-smarthost.conf b/install/rhel/7/exim/exim-smarthost.conf new file mode 100644 index 000000000..086ca6507 --- /dev/null +++ b/install/rhel/7/exim/exim-smarthost.conf @@ -0,0 +1,384 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim/domains/ +domainlist relay_to_domains = dsearch;/etc/exim/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.sock +.endif + +tls_advertise_hosts = * +tls_certificate = /etc/pki/tls/certs/exim.pem +tls_privatekey = /etc/pki/tls/private/exim.pem + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +login: + driver = plaintext + public_name = LOGIN + client_send = ": user@smartrelay.vestacp.com : p4sw0rd" + server_set_id = $auth1 + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +smarthost: + driver = manualroute + domains = ! +local_domains + transport = remote_smtp_auth + route_list = * smartrelay.vestacp.com + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + require_files = /etc/exim/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +remote_smtp_auth: + driver = smtp + hosts = smartrelay.vestacp.com + hosts_require_auth = smartrelay.vestacp.com + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/rhel/7/exim/exim.conf b/install/rhel/7/exim/exim.conf new file mode 100644 index 000000000..707756c06 --- /dev/null +++ b/install/rhel/7/exim/exim.conf @@ -0,0 +1,380 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6=true +domainlist local_domains = dsearch;/etc/exim/domains/ +domainlist relay_to_domains = dsearch;/etc/exim/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.sock +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + require_files = /etc/exim/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/rhel/7/exim/spam-blocks.conf b/install/rhel/7/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/fail2ban.action.conf b/install/rhel/7/fail2ban/action.d/vesta.conf similarity index 100% rename from install/ubuntu/fail2ban.action.conf rename to install/rhel/7/fail2ban/action.d/vesta.conf diff --git a/install/ubuntu/fail2ban.filter.conf b/install/rhel/7/fail2ban/filter.d/vesta.conf similarity index 100% rename from install/ubuntu/fail2ban.filter.conf rename to install/rhel/7/fail2ban/filter.d/vesta.conf diff --git a/install/ubuntu/fail2ban.jail.conf b/install/rhel/7/fail2ban/jail.local similarity index 100% rename from install/ubuntu/fail2ban.jail.conf rename to install/rhel/7/fail2ban/jail.local diff --git a/install/rhel/7/firewall/ports.conf b/install/rhel/7/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/rhel/7/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/rhel/7/firewall/rules.conf b/install/rhel/7/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/rhel/7/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/rhel/7/httpd/httpd.conf b/install/rhel/7/httpd/httpd.conf new file mode 100644 index 000000000..40b034885 --- /dev/null +++ b/install/rhel/7/httpd/httpd.conf @@ -0,0 +1,58 @@ +ServerRoot "/etc/httpd" +Include conf.modules.d/*.conf +User apache +Group apache +ServerAdmin root@localhost + + + AllowOverride none + + +DocumentRoot "/var/www/html" + + AllowOverride None + Require all granted + + + + Options Indexes FollowSymLinks + AllowOverride None + Require all granted + + +DirectoryIndex index.php index.html + + + Require all denied + + +ErrorLog "logs/error_log" +LogLevel warn + +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common +LogFormat "%b" bytes +CustomLog "logs/access_log" combined + +TypesConfig /etc/mime.types +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz +AddType text/html .shtml +AddOutputFilter INCLUDES .shtml +#AddHandler cgi-script .cgi + +AddDefaultCharset UTF-8 + + + MIMEMagicFile conf/magic + + +EnableSendfile on + + + RemoteIPHeader X-Real-IP + LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%a %l %u %t \"%r\" %>s %b" common + + +IncludeOptional conf.d/*.conf diff --git a/install/rhel/7/httpd/ruid2.conf b/install/rhel/7/httpd/ruid2.conf new file mode 100644 index 000000000..42f908a85 --- /dev/null +++ b/install/rhel/7/httpd/ruid2.conf @@ -0,0 +1,8 @@ +LoadModule ruid2_module modules/mod_ruid2.so + + + RMode config + RDefaultUidGid apache apache + RUidGid apache apache + RGroups apache + diff --git a/install/rhel/7/httpd/ssl.conf b/install/rhel/7/httpd/ssl.conf new file mode 100644 index 000000000..ccc067c19 --- /dev/null +++ b/install/rhel/7/httpd/ssl.conf @@ -0,0 +1,6 @@ +SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog +SSLSessionCache shmcb:/run/httpd/sslcache(512000) +SSLSessionCacheTimeout 300 +SSLRandomSeed startup file:/dev/urandom 256 +SSLRandomSeed connect builtin +SSLCryptoDevice builtin diff --git a/install/rhel/7/httpd/status.conf b/install/rhel/7/httpd/status.conf new file mode 100644 index 000000000..f68f293dc --- /dev/null +++ b/install/rhel/7/httpd/status.conf @@ -0,0 +1,7 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + diff --git a/install/rhel/7/logrotate/dovecot b/install/rhel/7/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/rhel/7/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/rhel/7/logrotate/httpd b/install/rhel/7/logrotate/httpd new file mode 100644 index 000000000..80dab8e29 --- /dev/null +++ b/install/rhel/7/logrotate/httpd @@ -0,0 +1,10 @@ +/var/log/httpd/*log /var/log/httpd/domains/*log { + missingok + notifempty + compress + sharedscripts + postrotate + /sbin/service httpd reload > /dev/null 2>/dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/7/logrotate/nginx b/install/rhel/7/logrotate/nginx new file mode 100644 index 000000000..b1da1bf16 --- /dev/null +++ b/install/rhel/7/logrotate/nginx @@ -0,0 +1,12 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + create 0644 nginx nginx + daily + rotate 10 + missingok + notifempty + compress + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/7/logrotate/vesta b/install/rhel/7/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/rhel/7/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/rhel/7/mariadb/my-large.cnf b/install/rhel/7/mariadb/my-large.cnf new file mode 100644 index 000000000..4e6c2225c --- /dev/null +++ b/install/rhel/7/mariadb/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/mariadb/my-medium.cnf b/install/rhel/7/mariadb/my-medium.cnf new file mode 100644 index 000000000..fa255ec52 --- /dev/null +++ b/install/rhel/7/mariadb/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/mariadb/my-small.cnf b/install/rhel/7/mariadb/my-small.cnf new file mode 100644 index 000000000..933d4ae0b --- /dev/null +++ b/install/rhel/7/mariadb/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/monit/clamd.conf b/install/rhel/7/monit/clamd.conf new file mode 100644 index 000000000..7c3ef4d74 --- /dev/null +++ b/install/rhel/7/monit/clamd.conf @@ -0,0 +1,3 @@ +check process clamd with pidfile /var/run/clamav/clamd.pid + start program = "/usr/bin/systemctl start clamd" + stop program = "/usr/bin/systemctl stop clamd" diff --git a/install/rhel/7/monit/dovecot.conf b/install/rhel/7/monit/dovecot.conf new file mode 100644 index 000000000..34a062f74 --- /dev/null +++ b/install/rhel/7/monit/dovecot.conf @@ -0,0 +1,3 @@ +check process dovecot with pidfile /var/run/dovecot/master.pid + start program = "/usr/bin/systemctl start dovecot" + stop program = "/usr/bin/systemctl stop dovecot" diff --git a/install/rhel/7/monit/exim.conf b/install/rhel/7/monit/exim.conf new file mode 100644 index 000000000..3bff6d93e --- /dev/null +++ b/install/rhel/7/monit/exim.conf @@ -0,0 +1,3 @@ +check process exim with pidfile /var/run/exim.pid + start program = "/usr/bin/systemctl start exim" + stop program = "/usr/bin/systemctl stop exim" diff --git a/install/rhel/7/monit/httpd.conf b/install/rhel/7/monit/httpd.conf new file mode 100644 index 000000000..17f2b7b38 --- /dev/null +++ b/install/rhel/7/monit/httpd.conf @@ -0,0 +1,3 @@ +check process httpd with pidfile /var/run/httpd/httpd.pid + start program = "/usr/bin/systemctl start httpd" + stop program = "/usr/bin/systemctl stop httpd" diff --git a/install/rhel/7/monit/mysql.conf b/install/rhel/7/monit/mysql.conf new file mode 100644 index 000000000..7eef2ebd4 --- /dev/null +++ b/install/rhel/7/monit/mysql.conf @@ -0,0 +1,3 @@ +check process mariadb with pidfile /var/run/mariadb/mariadb.pid + start program = "/usr/bin/systemctl start mariadb" + stop program = "/usr/bin/systemctl stop mariadb" diff --git a/install/rhel/7/monit/nginx.conf b/install/rhel/7/monit/nginx.conf new file mode 100644 index 000000000..8c4d6dc3d --- /dev/null +++ b/install/rhel/7/monit/nginx.conf @@ -0,0 +1,3 @@ +check process nginx with pidfile /var/run/nginx.pid + start program = "/usr/bin/systemctl start nginx" + stop program = "/usr/bin/systemctl stop nginx" diff --git a/install/rhel/7/monit/spamassassin.conf b/install/rhel/7/monit/spamassassin.conf new file mode 100644 index 000000000..870dd1619 --- /dev/null +++ b/install/rhel/7/monit/spamassassin.conf @@ -0,0 +1,3 @@ +check process spamassassin with pidfile /var/run/spamd.pid + start program = "/usr/bin/systemctl start spamassassin" + stop program = "/usr/bin/systemctl stop spamassassin" diff --git a/install/rhel/7/monit/sshd.conf b/install/rhel/7/monit/sshd.conf new file mode 100644 index 000000000..12cef0428 --- /dev/null +++ b/install/rhel/7/monit/sshd.conf @@ -0,0 +1,4 @@ +check process sshd with pidfile /var/run/sshd.pid + start program = "/usr/bin/systemctl start sshd" + stop program = "/usr/bin/systemctl stop sshd" + if failed port 22 protocol ssh then restart diff --git a/install/rhel/7/monit/vesta-nginx.conf b/install/rhel/7/monit/vesta-nginx.conf new file mode 100644 index 000000000..8e706c99c --- /dev/null +++ b/install/rhel/7/monit/vesta-nginx.conf @@ -0,0 +1,3 @@ +check process vesta-nginx with pidfile /var/run/vesta-nginx.pid + start program = "/usr/bin/systemctl start vesta" + stop program = "/usr/bin/systemctl stop vesta" diff --git a/install/rhel/7/monit/vesta-php.conf b/install/rhel/7/monit/vesta-php.conf new file mode 100644 index 000000000..3c9c32c20 --- /dev/null +++ b/install/rhel/7/monit/vesta-php.conf @@ -0,0 +1,3 @@ +check process vesta-php with pidfile /var/run/vesta-php.pid + start program = "/usr/bin/systemctl start vesta" + stop program = "/usr/bin/systemctl stop vesta" diff --git a/install/rhel/7/mysqld/my-large.cnf b/install/rhel/7/mysqld/my-large.cnf new file mode 100644 index 000000000..b548eeb87 --- /dev/null +++ b/install/rhel/7/mysqld/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/mysqld/my-medium.cnf b/install/rhel/7/mysqld/my-medium.cnf new file mode 100644 index 000000000..e5f2677fc --- /dev/null +++ b/install/rhel/7/mysqld/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/mysqld/my-small.cnf b/install/rhel/7/mysqld/my-small.cnf new file mode 100644 index 000000000..adc7cd1fb --- /dev/null +++ b/install/rhel/7/mysqld/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/named/named.conf b/install/rhel/7/named/named.conf new file mode 100644 index 000000000..472bd829b --- /dev/null +++ b/install/rhel/7/named/named.conf @@ -0,0 +1,13 @@ +options { + directory "/var/named"; + dump-file "/var/named/data/cache_dump.db"; + pid-file "/var/run/named/named.pid"; + statistics-file "/var/named/data/named_stats.txt"; + version "get lost"; + allow-transfer {"none";}; + recursion no; + +}; + +include "/etc/rndc.key"; + diff --git a/install/rhel/7/nginx/nginx.conf b/install/rhel/7/nginx/nginx.conf new file mode 100644 index 000000000..99ef76ee6 --- /dev/null +++ b/install/rhel/7/nginx/nginx.conf @@ -0,0 +1,140 @@ +# Server globals +user nginx; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/13; + set_real_ip_from 104.24.0.0/14; + #set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:20m; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"; + ssl_prefer_server_ciphers on; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/rhel/7/nginx/phpmyadmin.inc b/install/rhel/7/nginx/phpmyadmin.inc new file mode 100644 index 000000000..79e17c58f --- /dev/null +++ b/install/rhel/7/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpMyAdmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpMyAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + alias /usr/share/phpMyAdmin/$1; + } +} diff --git a/install/rhel/7/nginx/phppgadmin.inc b/install/rhel/7/nginx/phppgadmin.inc new file mode 100644 index 000000000..61dea1c9c --- /dev/null +++ b/install/rhel/7/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phpPgAdmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phpPgAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/7/nginx/status.conf b/install/rhel/7/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/rhel/7/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/rhel/7/nginx/webmail.inc b/install/rhel/7/nginx/webmail.inc new file mode 100644 index 000000000..63679d35d --- /dev/null +++ b/install/rhel/7/nginx/webmail.inc @@ -0,0 +1,18 @@ +location /webmail { + alias /usr/share/roundcubemail; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /usr/share/roundcubemail/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/webmail/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + alias /usr/share/roundcubemail/$1; + } +} diff --git a/install/rhel/7/packages/default.pkg b/install/rhel/7/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/rhel/7/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/7/packages/gainsboro.pkg b/install/rhel/7/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/rhel/7/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/7/packages/palegreen.pkg b/install/rhel/7/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/rhel/7/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/7/packages/slategrey.pkg b/install/rhel/7/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/rhel/7/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/rhel/7/pga/config.inc.php b/install/rhel/7/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/rhel/7/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/rhel/7/pga/phpPgAdmin.conf b/install/rhel/7/pga/phpPgAdmin.conf new file mode 100644 index 000000000..4f6ea1b53 --- /dev/null +++ b/install/rhel/7/pga/phpPgAdmin.conf @@ -0,0 +1,14 @@ +# +# This configuration file maps the phpPgAdmin directory into the URL space. +# By default this application is only accessible from the local host. +# + +Alias /phpPgAdmin /usr/share/phpPgAdmin +Alias /phppgadmin /usr/share/phpPgAdmin + + + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/rhel/7/php-fpm/www.conf b/install/rhel/7/php-fpm/www.conf new file mode 100644 index 000000000..1bc0b0751 --- /dev/null +++ b/install/rhel/7/php-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = apache +group = apache + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf new file mode 100644 index 000000000..1a65fd6cf --- /dev/null +++ b/install/rhel/7/pma/config.inc.conf @@ -0,0 +1,169 @@ +. + * + * @package PhpMyAdmin + */ + +/** + * This is needed for cookie based authentication to encrypt password in + * cookie. Needs to be 32 chars long. + */ +$cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ + +/** +======= +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + +/* + * Servers configuration + */ +$i = 0; + +/** + * First server + */ +$i++; +/* Authentication type */ +$cfg['Servers'][$i]['auth_type'] = 'cookie'; +/* Server parameters */ +$cfg['Servers'][$i]['host'] = 'localhost'; +$cfg['Servers'][$i]['compress'] = false; +$cfg['Servers'][$i]['AllowNoPassword'] = false; + +/** + * phpMyAdmin configuration storage settings. + */ + +/* User used to manipulate with storage */ +$cfg['Servers'][$i]['controlhost'] = ''; +$cfg['Servers'][$i]['controlport'] = ''; +$cfg['Servers'][$i]['controluser'] = 'phpmyadmin'; +$cfg['Servers'][$i]['controlpass'] = '%phpmyadmin_pass%'; + +/* Storage database and tables */ +$cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; +$cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark'; +$cfg['Servers'][$i]['relation'] = 'pma__relation'; +$cfg['Servers'][$i]['table_info'] = 'pma__table_info'; +$cfg['Servers'][$i]['table_coords'] = 'pma__table_coords'; +$cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages'; +$cfg['Servers'][$i]['column_info'] = 'pma__column_info'; +$cfg['Servers'][$i]['history'] = 'pma__history'; +$cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs'; +$cfg['Servers'][$i]['tracking'] = 'pma__tracking'; +$cfg['Servers'][$i]['userconfig'] = 'pma__userconfig'; +$cfg['Servers'][$i]['recent'] = 'pma__recent'; +$cfg['Servers'][$i]['favorite'] = 'pma__favorite'; +$cfg['Servers'][$i]['users'] = 'pma__users'; +$cfg['Servers'][$i]['usergroups'] = 'pma__usergroups'; +$cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding'; +$cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches'; +$cfg['Servers'][$i]['central_columns'] = 'pma__central_columns'; +$cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings'; +$cfg['Servers'][$i]['export_templates'] = 'pma__export_templates'; + +/** + * End of servers configuration + */ + +/** + * Directories for saving/loading files from server + */ +$cfg['UploadDir'] = '/var/lib/phpMyAdmin/upload'; +$cfg['SaveDir'] = '/var/lib/phpMyAdmin/save'; + +/* + * Temp dir for faster beahivour + * +*/ +$cfg['TempDir'] = '/tmp'; + + +/** + * Whether to display icons or text or both icons and text in table row + * action segment. Value can be either of 'icons', 'text' or 'both'. + * default = 'both' + */ +//$cfg['RowActionType'] = 'icons'; + +/** + * Defines whether a user should be displayed a "show all (records)" + * button in browse mode or not. + * default = false + */ +//$cfg['ShowAll'] = true; + +/** + * Number of rows displayed when browsing a result set. If the result + * set contains more rows, "Previous" and "Next". + * Possible values: 25, 50, 100, 250, 500 + * default = 25 + */ +//$cfg['MaxRows'] = 50; + +/** + * Disallow editing of binary fields + * valid values are: + * false allow editing + * 'blob' allow editing except for BLOB fields + * 'noblob' disallow editing except for BLOB fields + * 'all' disallow editing + * default = 'blob' + */ +//$cfg['ProtectBinary'] = false; + +/** + * Default language to use, if not browser-defined or user-defined + * (you find all languages in the locale folder) + * uncomment the desired line: + * default = 'en' + */ +//$cfg['DefaultLang'] = 'en'; +//$cfg['DefaultLang'] = 'de'; + +/** + * How many columns should be used for table display of a database? + * (a value larger than 1 results in some information being hidden) + * default = 1 + */ +//$cfg['PropertiesNumColumns'] = 2; + +/** + * Set to true if you want DB-based query history.If false, this utilizes + * JS-routines to display query history (lost by window close) + * + * This requires configuration storage enabled, see above. + * default = false + */ +//$cfg['QueryHistoryDB'] = true; + +/** + * When using DB-based query history, how many entries should be kept? + * default = 25 + */ +//$cfg['QueryHistoryMax'] = 100; + +/** + * Whether or not to query the user before sending the error report to + * the phpMyAdmin team when a JavaScript error occurs + * + * Available options + * ('ask' | 'always' | 'never') + * default = 'ask' + */ +//$cfg['SendErrorReports'] = 'always'; + +/** + * You can find more configuration options in the documentation + * in the doc/ folder or at . + */ diff --git a/install/rhel/7/pma/phpMyAdmin.conf b/install/rhel/7/pma/phpMyAdmin.conf new file mode 100644 index 000000000..b1b6b60d4 --- /dev/null +++ b/install/rhel/7/pma/phpMyAdmin.conf @@ -0,0 +1,45 @@ +# phpMyAdmin - Web based MySQL browser written in php +# +# Allows only localhost by default +# +# But allowing phpMyAdmin to anyone other than localhost should be considered +# dangerous unless properly secured by SSL + +Alias /phpMyAdmin /usr/share/phpMyAdmin +Alias /phpmyadmin /usr/share/phpMyAdmin + + + Order Deny,Allow + Deny from All + Allow from All + + + + Order Deny,Allow + Deny from All + Allow from All + + +# This directory does not require access over HTTP - taken from the original +# phpMyAdmin upstream tarball +# + + Order Deny,Allow + Deny from All + Allow from None + + +# This configuration prevents mod_security at phpMyAdmin directories from +# filtering SQL etc. This may break your mod_security implementation. +# +# +# +# SecRuleInheritance Off +# +# + + + Order Deny,Allow + Deny from All + Allow from None + diff --git a/install/rhel/7/postgresql/pg_hba.conf b/install/rhel/7/postgresql/pg_hba.conf new file mode 100644 index 000000000..1ba43941b --- /dev/null +++ b/install/rhel/7/postgresql/pg_hba.conf @@ -0,0 +1,11 @@ +# "local" is for Unix domain socket connections only +local all all ident + +# IPv4 local connections: +host all all 127.0.0.1/32 md5 + +# IPv6 local connections: +host all all ::1/128 md5 + +# Others +host all all 0.0.0.0/0 md5 diff --git a/install/rhel/7/proftpd/proftpd.conf b/install/rhel/7/proftpd/proftpd.conf new file mode 100644 index 000000000..a889ec82b --- /dev/null +++ b/install/rhel/7/proftpd/proftpd.conf @@ -0,0 +1,32 @@ +ServerName "FTP" +ServerIdent on "FTP Server ready." +ServerAdmin root@localhost +DefaultServer on +DefaultRoot ~ !adm + + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User nobody +Group nobody +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/rhel/7/remi-release.rpm b/install/rhel/7/remi-release.rpm new file mode 100644 index 000000000..7eea9560b Binary files /dev/null and b/install/rhel/7/remi-release.rpm differ diff --git a/install/rhel/7/roundcube/config.inc.php b/install/rhel/7/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/rhel/7/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/rhel/7/roundcube/main.inc.php b/install/rhel/7/roundcube/main.inc.php new file mode 100644 index 000000000..a27c306eb --- /dev/null +++ b/install/rhel/7/roundcube/main.inc.php @@ -0,0 +1,40 @@ + + Order Deny,Allow + Deny from all + Allow from all + diff --git a/install/rhel/7/roundcube/vesta.php b/install/rhel/7/roundcube/vesta.php new file mode 100644 index 000000000..1e9523a5c --- /dev/null +++ b/install/rhel/7/roundcube/vesta.php @@ -0,0 +1,70 @@ + + */ + +class rcube_vesta_password +{ + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} diff --git a/install/rhel/7/sudo/admin b/install/rhel/7/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/rhel/7/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/rhel/7/templates/dns/child-ns.tpl b/install/rhel/7/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/rhel/7/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/7/templates/dns/default.tpl b/install/rhel/7/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/rhel/7/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/7/templates/dns/gmail.tpl b/install/rhel/7/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/rhel/7/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/7/templates/web/awstats/awstats.tpl b/install/rhel/7/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/rhel/7/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/rhel/7/templates/web/awstats/index.tpl b/install/rhel/7/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/rhel/7/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/rhel/7/templates/web/awstats/nav.tpl b/install/rhel/7/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/rhel/7/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/rhel/7/templates/web/httpd/basedir.stpl b/install/rhel/7/templates/web/httpd/basedir.stpl new file mode 100644 index 000000000..b0474cc0c --- /dev/null +++ b/install/rhel/7/templates/web/httpd/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/basedir.tpl b/install/rhel/7/templates/web/httpd/basedir.tpl new file mode 100644 index 000000000..2720a2525 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/default.stpl b/install/rhel/7/templates/web/httpd/default.stpl new file mode 100644 index 000000000..1a982395f --- /dev/null +++ b/install/rhel/7/templates/web/httpd/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/default.tpl b/install/rhel/7/templates/web/httpd/default.tpl new file mode 100644 index 000000000..89700114a --- /dev/null +++ b/install/rhel/7/templates/web/httpd/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/hosting.stpl b/install/rhel/7/templates/web/httpd/hosting.stpl new file mode 100644 index 000000000..9da9c8ba7 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/hosting.tpl b/install/rhel/7/templates/web/httpd/hosting.tpl new file mode 100644 index 000000000..73970d4bc --- /dev/null +++ b/install/rhel/7/templates/web/httpd/hosting.tpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/phpcgi.sh b/install/rhel/7/templates/web/httpd/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/7/templates/web/httpd/phpcgi.stpl b/install/rhel/7/templates/web/httpd/phpcgi.stpl new file mode 100644 index 000000000..1a7432d22 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/shttpd.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/phpcgi.tpl b/install/rhel/7/templates/web/httpd/phpcgi.tpl new file mode 100644 index 000000000..67263035d --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/httpd.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/phpfcgid.sh b/install/rhel/7/templates/web/httpd/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/7/templates/web/httpd/phpfcgid.stpl b/install/rhel/7/templates/web/httpd/phpfcgid.stpl new file mode 100644 index 000000000..4c8ce9795 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/shttpd.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/phpfcgid.tpl b/install/rhel/7/templates/web/httpd/phpfcgid.tpl new file mode 100644 index 000000000..692530f86 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/httpd.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/nginx/caching.sh b/install/rhel/7/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/rhel/7/templates/web/nginx/caching.stpl b/install/rhel/7/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..5e1ac757b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/caching.tpl b/install/rhel/7/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..6d727c67f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/default.stpl b/install/rhel/7/templates/web/nginx/default.stpl new file mode 100755 index 000000000..22bbd55a6 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/default.tpl b/install/rhel/7/templates/web/nginx/default.tpl new file mode 100755 index 000000000..c1fec114f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/hosting.sh b/install/rhel/7/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/rhel/7/templates/web/nginx/hosting.stpl b/install/rhel/7/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..c3414149b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/hosting.tpl b/install/rhel/7/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..44d874962 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/http2.stpl b/install/rhel/7/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/http2.tpl b/install/rhel/7/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/rhel/7/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/default.stpl b/install/rhel/7/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/default.tpl b/install/rhel/7/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/freescout.stpl b/install/rhel/7/templates/web/nginx/php-fpm/freescout.stpl new file mode 100644 index 000000000..6e844da1b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/freescout.stpl @@ -0,0 +1,48 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + # Uncomment this location if you want to improve attachments downloading speed. + # Also make sure to set APP_DOWNLOAD_ATTACHMENTS_VIA=nginx in the .env file. + #location ^~ /storage/app/attachment/ { + # internal; + # alias /var/www/html/storage/app/attachment/; + #} + location ~* ^/storage/attachment/ { + expires 1M; + access_log off; + try_files $uri $uri/ /index.php?$query_string; + } + location ~* ^/(?:css|js)/.*\.(?:css|js)$ { + expires 2d; + access_log off; + add_header Cache-Control "public, must-revalidate"; + } + location ~* ^/(?:css|fonts|img|installer|js|modules|[^\\\]+\..*)$ { + expires 1M; + access_log off; + add_header Cache-Control "public"; + } + location ~ /\. { + deny all; + } +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/freescout.tpl b/install/rhel/7/templates/web/nginx/php-fpm/freescout.tpl new file mode 100644 index 000000000..1a9e6ffa6 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/freescout.tpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + # Uncomment this location if you want to improve attachments downloading speed. + # Also make sure to set APP_DOWNLOAD_ATTACHMENTS_VIA=nginx in the .env file. + #location ^~ /storage/app/attachment/ { + # internal; + # alias /var/www/html/storage/app/attachment/; + #} + location ~* ^/storage/attachment/ { + expires 1M; + access_log off; + try_files $uri $uri/ /index.php?$query_string; + } + location ~* ^/(?:css|js)/.*\.(?:css|js)$ { + expires 2d; + access_log off; + add_header Cache-Control "public, must-revalidate"; + } + location ~* ^/(?:css|fonts|img|installer|js|modules|[^\\\]+\..*)$ { + expires 1M; + access_log off; + add_header Cache-Control "public"; + } + location ~ /\. { + deny all; + } +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/invoiceninja.stpl b/install/rhel/7/templates/web/nginx/php-fpm/invoiceninja.stpl new file mode 100644 index 000000000..086e6a8e8 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/invoiceninja.stpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/invoiceninja.tpl b/install/rhel/7/templates/web/nginx/php-fpm/invoiceninja.tpl new file mode 100644 index 000000000..fd06523a9 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/invoiceninja.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/joomla.stpl b/install/rhel/7/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/joomla.tpl b/install/rhel/7/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/laravel.stpl b/install/rhel/7/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/laravel.tpl b/install/rhel/7/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/magento.stpl b/install/rhel/7/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/magento.tpl b/install/rhel/7/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/mautic.stpl b/install/rhel/7/templates/web/nginx/php-fpm/mautic.stpl new file mode 100644 index 000000000..a88e9b58f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/mautic.stpl @@ -0,0 +1,48 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/mautic.tpl b/install/rhel/7/templates/web/nginx/php-fpm/mautic.tpl new file mode 100644 index 000000000..177d48757 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/mautic.tpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/modx.stpl b/install/rhel/7/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/modx.tpl b/install/rhel/7/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/moodle.stpl b/install/rhel/7/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/moodle.tpl b/install/rhel/7/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/no-php.stpl b/install/rhel/7/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/no-php.tpl b/install/rhel/7/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/odoo.stpl b/install/rhel/7/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/odoo.tpl b/install/rhel/7/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/opencart.stpl b/install/rhel/7/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/opencart.tpl b/install/rhel/7/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/owncloud.stpl b/install/rhel/7/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/owncloud.tpl b/install/rhel/7/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/piwik.stpl b/install/rhel/7/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/piwik.tpl b/install/rhel/7/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl b/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/sendy.tpl b/install/rhel/7/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/single_page_application.stpl b/install/rhel/7/templates/web/nginx/php-fpm/single_page_application.stpl new file mode 100644 index 000000000..6f8f36ab3 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/single_page_application.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + location / { + try_files $uri $uri/ /index.html; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/single_page_application.tpl b/install/rhel/7/templates/web/nginx/php-fpm/single_page_application.tpl new file mode 100644 index 000000000..d3dbb548b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/single_page_application.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + location / { + try_files $uri $uri/ /index.html; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress.tpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.tpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/proxy_ip.tpl b/install/rhel/7/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/rhel/7/templates/web/php-fpm/default.tpl b/install/rhel/7/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/rhel/7/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/rhel/7/templates/web/php-fpm/no-php.tpl b/install/rhel/7/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..e677f3e9f --- /dev/null +++ b/install/rhel/7/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,13 @@ +;[%backend%] +;user = %user% +;group = %user% +;listen = /dev/null + +;listen.owner = %user% +;listen.group = nginx + +;pm = dynamic +;pm.max_children = 50 +;pm.start_servers = 3 +;pm.min_spare_servers = 2 +;pm.max_spare_servers = 10 diff --git a/install/rhel/7/templates/web/php-fpm/socket.tpl b/install/rhel/7/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..c22d0e2cd --- /dev/null +++ b/install/rhel/7/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/templates/web/skel/document_errors/403.html b/install/rhel/7/templates/web/skel/document_errors/403.html similarity index 100% rename from install/ubuntu/templates/web/skel/document_errors/403.html rename to install/rhel/7/templates/web/skel/document_errors/403.html diff --git a/install/ubuntu/templates/web/skel/document_errors/404.html b/install/rhel/7/templates/web/skel/document_errors/404.html similarity index 100% rename from install/ubuntu/templates/web/skel/document_errors/404.html rename to install/rhel/7/templates/web/skel/document_errors/404.html diff --git a/install/ubuntu/templates/web/skel/document_errors/50x.html b/install/rhel/7/templates/web/skel/document_errors/50x.html similarity index 100% rename from install/ubuntu/templates/web/skel/document_errors/50x.html rename to install/rhel/7/templates/web/skel/document_errors/50x.html diff --git a/install/rhel/7/templates/web/skel/public_html/index.html b/install/rhel/7/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/rhel/7/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/7/templates/web/skel/public_html/robots.txt b/install/rhel/7/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/7/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/7/templates/web/skel/public_shtml/index.html b/install/rhel/7/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/rhel/7/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/7/templates/web/skel/public_shtml/robots.txt b/install/rhel/7/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/7/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/7/templates/web/suspend/.htaccess b/install/rhel/7/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/rhel/7/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/rhel/7/templates/web/suspend/index.html b/install/rhel/7/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/rhel/7/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/rhel/7/templates/web/webalizer/webalizer.tpl b/install/rhel/7/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/rhel/7/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/rhel/7/vsftpd/vsftpd.conf b/install/rhel/7/vsftpd/vsftpd.conf new file mode 100644 index 000000000..26efb9586 --- /dev/null +++ b/install/rhel/7/vsftpd/vsftpd.conf @@ -0,0 +1,37 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +dual_log_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +chroot_local_user=YES +allow_writeable_chroot=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=YES +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES +ssl_enable=YES +allow_anon_ssl=YES +force_local_data_ssl=YES +force_local_logins_ssl=YES +ssl_tlsv1_2=YES +ssl_sslv2=NO +ssl_sslv3=NO +require_ssl_reuse=YES +ssl_ciphers=HIGH +idle_session_timeout=600 +data_connection_timeout=120 +rsa_cert_file=/usr/local/vesta/ssl/certificate.crt +rsa_private_key_file=/usr/local/vesta/ssl/certificate.key diff --git a/install/rhel/7/wsgi/httpd/wsgi.sh b/install/rhel/7/wsgi/httpd/wsgi.sh new file mode 100755 index 000000000..cb98116cb --- /dev/null +++ b/install/rhel/7/wsgi/httpd/wsgi.sh @@ -0,0 +1,33 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +echo "# Wsgi template +AddHandler wsgi-script .wsgi + +RewriteEngine On + +RewriteCond %{HTTP_HOST} ^www.$2\.ru\$ [NC] +RewriteRule ^(.*)\$ http://$2/\$1 [R=301,L] + +RewriteCond %{REQUEST_FILENAME} !-f +RewriteRule ^(.*)\$ /django.wsgi/\$1 [QSA,PT,L] +" > $docroot/.htaccess +chown $user:$user $docroot/.htaccess + + +echo "import os, sys +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/env/lib/python2.6/site-packages') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/shared/') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/') + +os.environ['DJANGO_SETTINGS_MODULE'] = 'main.settings' +import django.core.handlers.wsgi +application = django.core.handlers.wsgi.WSGIHandler()" > $docroot/django.wsgi +chown $user:$user $docroot/django.wsgi + +exit 0 diff --git a/install/rhel/7/wsgi/httpd/wsgi.stpl b/install/rhel/7/wsgi/httpd/wsgi.stpl new file mode 100755 index 000000000..e2fdd3f40 --- /dev/null +++ b/install/rhel/7/wsgi/httpd/wsgi.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/wsgi/httpd/wsgi.tpl b/install/rhel/7/wsgi/httpd/wsgi.tpl new file mode 100644 index 000000000..ad5d8a076 --- /dev/null +++ b/install/rhel/7/wsgi/httpd/wsgi.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/8/vsftpd/vsftpd.conf b/install/rhel/8/vsftpd/vsftpd.conf new file mode 100644 index 000000000..75e0104fe --- /dev/null +++ b/install/rhel/8/vsftpd/vsftpd.conf @@ -0,0 +1,40 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_promiscuous=YES +pasv_min_port=12000 +pasv_max_port=12100 +max_per_ip=10 +max_clients=100 +use_localtime=YES +utf8_filesystem=YES +ssl_enable=YES +allow_anon_ssl=NO +require_ssl_reuse=NO +ssl_ciphers=HIGH +ssl_tlsv1=YES +ssl_sslv2=NO +ssl_sslv3=NO +force_local_data_ssl=NO +force_local_logins_ssl=NO +rsa_cert_file=/usr/local/vesta/ssl/certificate.crt +rsa_private_key_file=/usr/local/vesta/ssl/certificate.key diff --git a/install/rhel/apc.ini b/install/rhel/apc.ini deleted file mode 100644 index b4e2d3493..000000000 --- a/install/rhel/apc.ini +++ /dev/null @@ -1,70 +0,0 @@ -; Enable apc extension module -extension = apc.so - -; Options for the APC module version >= 3.1.3 -; See http://www.php.net/manual/en/apc.configuration.php - -; This can be set to 0 to disable APC. -apc.enabled=1 -; The number of shared memory segments to allocate for the compiler cache. -apc.shm_segments=1 -; The size of each shared memory segment, with M/G suffix -apc.shm_size=128M -; A "hint" about the number of distinct source files that will be included or -; requested on your web server. Set to zero or omit if you are not sure; -apc.num_files_hint=1024 -; Just like num_files_hint, a "hint" about the number of distinct user cache -; variables to store. Set to zero or omit if you are not sure; -apc.user_entries_hint=4096 -; The number of seconds a cache entry is allowed to idle in a slot in case this -; cache entry slot is needed by another entry. -apc.ttl=0 -; use the SAPI request start time for TTL -apc.use_request_time=1 -; The number of seconds a user cache entry is allowed to idle in a slot in case -; this cache entry slot is needed by another entry. -apc.user_ttl=7200 -; The number of seconds that a cache entry may remain on the garbage-collection list. -apc.gc_ttl=3600 -; On by default, but can be set to off and used in conjunction with positive -; apc.filters so that files are only cached if matched by a positive filter. -apc.cache_by_default=1 -; A comma-separated list of POSIX extended regular expressions. -apc.filters -; The mktemp-style file_mask to pass to the mmap module -apc.mmap_file_mask=/tmp/apc.XXXXXX -; This file_update_protection setting puts a delay on caching brand new files. -apc.file_update_protection=2 -; Setting this enables APC for the CLI version of PHP (Mostly for testing and debugging). -apc.enable_cli=0 -; Prevents large files from being cached -apc.max_file_size=1M -; Whether to stat the main script file and the fullpath includes. -apc.stat=1 -; Vertification with ctime will avoid problems caused by programs such as svn or rsync by making -; sure inodes have not changed since the last stat. APC will normally only check mtime. -apc.stat_ctime=0 -; Whether to canonicalize paths in stat=0 mode or fall back to stat behaviour -apc.canonicalize=0 -; With write_lock enabled, only one process at a time will try to compile an -; uncached script while the other processes will run uncached -apc.write_lock=1 -; Logs any scripts that were automatically excluded from being cached due to early/late binding issues. -apc.report_autofilter=0 -; RFC1867 File Upload Progress hook handler -apc.rfc1867=0 -apc.rfc1867_prefix =upload_ -apc.rfc1867_name=APC_UPLOAD_PROGRESS -apc.rfc1867_freq=0 -apc.rfc1867_ttl=3600 -; Optimize include_once and require_once calls and avoid the expensive system calls used. -apc.include_once_override=0 -apc.lazy_classes=0 -apc.lazy_functions=0 -; Enables APC handling of signals, such as SIGSEGV, that write core files when signaled. -; APC will attempt to unmap the shared memory segment in order to exclude it from the core file -apc.coredump_unmap=0 -; Records a md5 hash of files. -apc.file_md5=0 -; not documented -apc.preload_path diff --git a/install/rhel/dovecot/conf.d/10-ssl.conf b/install/rhel/dovecot/conf.d/10-ssl.conf deleted file mode 100644 index aaf63255b..000000000 --- a/install/rhel/dovecot/conf.d/10-ssl.conf +++ /dev/null @@ -1,3 +0,0 @@ -ssl = yes -ssl_cert = ", because it will show the password in clear. -# You have to run "ssh -t hostname sudo ". -# -#Defaults requiretty - -Defaults env_reset -Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \ - LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \ - LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \ - LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \ - _XKB_CHARSET XAUTHORITY VESTA" - - -# Disable syslog loggging -Defaults !syslog - -## Next comes the main part: which users can run what software on -## which machines (the sudoers file can be shared between multiple -## systems). -## Syntax: -## -## user MACHINE=COMMANDS -## -## The COMMANDS section may have other options added to it. -## -## Allow root to run any commands anywhere -root ALL=(ALL) ALL - -## Allows members of the 'sys' group to run networking, software, -## service management apps and more. -# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS - -## Allows people in group wheel to run all commands -# %wheel ALL=(ALL) ALL - -## Same thing without a password -# %wheel ALL=(ALL) NOPASSWD: ALL - -## Allows members of the users group to mount and unmount the -## cdrom as root -# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom - -## Allows members of the users group to shutdown this system -# %users localhost=/sbin/shutdown -h now - -#includedir /etc/sudoers.d diff --git a/install/rhel/templates/dns/child-ns.tpl b/install/rhel/templates/dns/child-ns.tpl deleted file mode 100755 index 27f9b825b..000000000 --- a/install/rhel/templates/dns/child-ns.tpl +++ /dev/null @@ -1,11 +0,0 @@ -ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='6' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='7' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='8' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='9' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='11' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/templates/dns/default.tpl b/install/rhel/templates/dns/default.tpl deleted file mode 100755 index 38f963006..000000000 --- a/install/rhel/templates/dns/default.tpl +++ /dev/null @@ -1,9 +0,0 @@ -ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='4' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='5' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='6' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='8' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='9' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/templates/dns/gmail.tpl b/install/rhel/templates/dns/gmail.tpl deleted file mode 100755 index 950cfa456..000000000 --- a/install/rhel/templates/dns/gmail.tpl +++ /dev/null @@ -1,14 +0,0 @@ -ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='6' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='ghs.google.com.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='7' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='8' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='9' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='10' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='11' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX2.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='13' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX3.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='14' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/rhel/vesta.conf b/install/rhel/vesta.conf deleted file mode 100644 index eb2ae13fa..000000000 --- a/install/rhel/vesta.conf +++ /dev/null @@ -1,24 +0,0 @@ -WEB_SYSTEM='httpd' -WEB_RGROUPS='apache' -WEB_PORT='8080' -WEB_SSL='mod_ssl' -WEB_SSL_PORT='8443' -PROXY_SYSTEM='nginx' -PROXY_PORT='80' -PROXY_SSL_PORT='443' -FTP_SYSTEM='vsftpd' -MAIL_SYSTEM='exim' -IMAP_SYSTEM='dovecot' -ANTIVIRUS_SYSTEM='clamav' -ANTISPAM_SYSTEM='spamassassin' -DB_SYSTEM='mysql' -DNS_SYSTEM='named' -STATS_SYSTEM='webalizer,awstats' -BACKUP_SYSTEM='local' -CRON_SYSTEM='crond' -DISK_QUOTA='no' -FIREWALL_SYSTEM='iptables' -FIREWALL_EXTENSION='fail2ban' -REPOSITORY='cmmnt' -VERSION='0.9.8' -LANGUAGE='en' diff --git a/install/rhel/whmcs-module.php b/install/rhel/whmcs-module.php deleted file mode 100644 index b3b1710ee..000000000 --- a/install/rhel/whmcs-module.php +++ /dev/null @@ -1,342 +0,0 @@ - array( "Type" => "text", "Default" => "default"), - "SSH Access" => array( "Type" => "yesno", "Description" => "Tick to grant access", ), - "IP Address (optional)" => array( "Type" => "text" ), - ); - return $configarray; - -} - -function vesta_CreateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-user', - 'arg1' => $params["username"], - 'arg2' => $params["password"], - 'arg3' => $params["clientsdetails"]["email"], - 'arg4' => $params["configoption1"], - 'arg5' => $params["clientsdetails"]["firstname"], - 'arg6' => $params["clientsdetails"]["lastname"], - ); - $postdata = http_build_query($postvars); - - // Create user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - // Enable ssh access - if(($answer == 'OK') && ($params["configoption2"] == 'on')) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-shell', - 'arg1' => $params["username"], - 'arg2' => 'bash' - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - // Add domain - if(($answer == 'OK') && (!empty($params["domain"]))) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-domain', - 'arg1' => $params["username"], - 'arg2' => $params["domain"], - 'arg3' => $params["configoption3"], - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - return $result; - -} - -function vesta_TerminateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-delete-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Delete user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; - -} - -function vesta_SuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-suspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Susupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - -} - -function vesta_UnsuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-unsuspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Unsusupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - -} - -function vesta_ChangePassword($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-password', - 'arg1' => $params["username"], - 'arg2' => $params["password"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - return $result; - -} - -function vesta_ChangePackage($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-package', - 'arg1' => $params["username"], - 'arg2' => $params["configoption1"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - return $result; - -} - -function vesta_ClientArea($params) { - - $code = '
- - - - -
'; - return $code; - -} - -function vesta_AdminLink($params) { - - $code = '
- - - -
'; - return $code; - -} - -function vesta_LoginLink($params) { - - echo "control panel"; - -} - -function vesta_UsageUpdate($params) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-list-users', - 'arg1' => 'json' - ); - $postdata = http_build_query($postvars); - - // Get user stats - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - // Decode json data - $results = json_decode($answer, true); - - // Loop through results and update DB - foreach ($results AS $user=>$values) { - update_query("tblhosting",array( - "diskusage"=>$values['U_DISK'], - "disklimit"=>$values['DISK_QUOTA'], - "bwusage"=>$values['U_BANDWIDTH'], - "bwlimit"=>$values['BANDWIDTH'], - "lastupdate"=>"now()", - ),array("server"=>$params['serverid'], "username"=>$user)); - } - -} - -?> diff --git a/install/ubuntu/12.04/apache2/apache2.conf b/install/ubuntu/12.04/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/12.04/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/12.04/apache2/status.conf b/install/ubuntu/12.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/12.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/12.04/bind/named.conf b/install/ubuntu/12.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/12.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/clamd.conf b/install/ubuntu/12.04/clamav/clamd.conf similarity index 100% rename from install/ubuntu/clamd.conf rename to install/ubuntu/12.04/clamav/clamd.conf diff --git a/install/ubuntu/12.04/deb_signing.key b/install/ubuntu/12.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/12.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/12.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/12.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/12.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-master.conf b/install/ubuntu/12.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/12.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/12.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/12.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/12.04/dovecot/dovecot.conf b/install/ubuntu/12.04/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/12.04/exim/dnsbl.conf b/install/ubuntu/12.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/12.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/12.04/exim/exim4.conf.template b/install/ubuntu/12.04/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/12.04/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/12.04/exim/spam-blocks.conf b/install/ubuntu/12.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/12.04/fail2ban/action.d/vesta.conf b/install/ubuntu/12.04/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/12.04/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/12.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/12.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/ubuntu/12.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/12.04/fail2ban/jail.local b/install/ubuntu/12.04/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/12.04/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/12.04/firewall/ports.conf b/install/ubuntu/12.04/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/12.04/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/12.04/firewall/rules.conf b/install/ubuntu/12.04/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/12.04/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/12.04/logrotate/apache2 b/install/ubuntu/12.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/12.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/12.04/logrotate/dovecot b/install/ubuntu/12.04/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/12.04/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/12.04/logrotate/nginx b/install/ubuntu/12.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/12.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/12.04/logrotate/vesta b/install/ubuntu/12.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/12.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/12.04/mysql/my-large.cnf b/install/ubuntu/12.04/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/12.04/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.04/mysql/my-medium.cnf b/install/ubuntu/12.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/12.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.04/mysql/my-small.cnf b/install/ubuntu/12.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/12.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.04/nginx/nginx.conf b/install/ubuntu/12.04/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/12.04/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/12.04/nginx/phpmyadmin.inc b/install/ubuntu/12.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/12.04/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/12.04/nginx/phppgadmin.inc b/install/ubuntu/12.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/12.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.04/nginx/status.conf b/install/ubuntu/12.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/12.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/12.04/nginx/webmail.inc b/install/ubuntu/12.04/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/12.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.04/packages/default.pkg b/install/ubuntu/12.04/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/12.04/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/12.04/packages/gainsboro.pkg b/install/ubuntu/12.04/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/12.04/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/12.04/packages/palegreen.pkg b/install/ubuntu/12.04/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/12.04/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/12.04/packages/slategrey.pkg b/install/ubuntu/12.04/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/12.04/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/12.04/pga/config.inc.php b/install/ubuntu/12.04/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/12.04/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/12.04/pga/phppgadmin.conf b/install/ubuntu/12.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/12.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/12.04/php-fpm/www.conf b/install/ubuntu/12.04/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/12.04/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/12.04/pma/apache.conf b/install/ubuntu/12.04/pma/apache.conf new file mode 100644 index 000000000..ce2a9fe2b --- /dev/null +++ b/install/ubuntu/12.04/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/pma.conf b/install/ubuntu/12.04/pma/config.inc.php similarity index 98% rename from install/ubuntu/pma.conf rename to install/ubuntu/12.04/pma/config.inc.php index a643a065b..36093369b 100644 --- a/install/ubuntu/pma.conf +++ b/install/ubuntu/12.04/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { diff --git a/install/ubuntu/12.04/postgresql/pg_hba.conf b/install/ubuntu/12.04/postgresql/pg_hba.conf new file mode 100644 index 000000000..1ba43941b --- /dev/null +++ b/install/ubuntu/12.04/postgresql/pg_hba.conf @@ -0,0 +1,11 @@ +# "local" is for Unix domain socket connections only +local all all ident + +# IPv4 local connections: +host all all 127.0.0.1/32 md5 + +# IPv6 local connections: +host all all ::1/128 md5 + +# Others +host all all 0.0.0.0/0 md5 diff --git a/install/ubuntu/12.04/proftpd/proftpd.conf b/install/ubuntu/12.04/proftpd/proftpd.conf new file mode 100644 index 000000000..69ec6b2ec --- /dev/null +++ b/install/ubuntu/12.04/proftpd/proftpd.conf @@ -0,0 +1,32 @@ +ServerName "FTP" +ServerIdent on "FTP Server ready." +ServerAdmin root@localhost +DefaultServer on +DefaultRoot ~ !adm + + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/12.04/roundcube/apache.conf b/install/ubuntu/12.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/12.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/12.04/roundcube/config.inc.php b/install/ubuntu/12.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/12.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/12.04/roundcube/main.inc.php b/install/ubuntu/12.04/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/12.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/roundcube-driver.php b/install/ubuntu/12.04/roundcube/vesta.php similarity index 100% rename from install/ubuntu/roundcube-driver.php rename to install/ubuntu/12.04/roundcube/vesta.php diff --git a/install/ubuntu/12.04/sudo/admin b/install/ubuntu/12.04/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/12.04/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/12.04/templates/dns/child-ns.tpl b/install/ubuntu/12.04/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/12.04/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/12.04/templates/dns/default.tpl b/install/ubuntu/12.04/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/12.04/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/12.04/templates/dns/gmail.tpl b/install/ubuntu/12.04/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/12.04/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/12.04/templates/web/apache2/basedir.stpl b/install/ubuntu/12.04/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..379f87da1 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/basedir.tpl b/install/ubuntu/12.04/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..bf87511bd --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/templates/web/apache2/default.stpl b/install/ubuntu/12.04/templates/web/apache2/default.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/debian/templates/web/apache2/default.stpl rename to install/ubuntu/12.04/templates/web/apache2/default.stpl index da523c138..8c8b7a3a2 --- a/install/debian/templates/web/apache2/default.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/default.stpl @@ -15,6 +15,10 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/ubuntu/templates/web/apache2/default.tpl b/install/ubuntu/12.04/templates/web/apache2/default.tpl old mode 100755 new mode 100644 similarity index 81% rename from install/ubuntu/templates/web/apache2/default.tpl rename to install/ubuntu/12.04/templates/web/apache2/default.tpl index b95c1ee38..7fa97eb73 --- a/install/ubuntu/templates/web/apache2/default.tpl +++ b/install/ubuntu/12.04/templates/web/apache2/default.tpl @@ -14,6 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/ubuntu/12.04/templates/web/apache2/hosting.stpl b/install/ubuntu/12.04/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..ffb9a998f --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/hosting.tpl b/install/ubuntu/12.04/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..3ed5acd1c --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/12.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/debian/templates/web/apache2/phpcgi.stpl b/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl old mode 100755 new mode 100644 similarity index 82% rename from install/debian/templates/web/apache2/phpcgi.stpl rename to install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl index 58c4baf90..7bbf5be59 --- a/install/debian/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl @@ -15,6 +15,10 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php SetHandler phpcgi-script diff --git a/install/debian/templates/web/apache2/phpcgi.tpl b/install/ubuntu/12.04/templates/web/apache2/phpcgi.tpl old mode 100755 new mode 100644 similarity index 79% rename from install/debian/templates/web/apache2/phpcgi.tpl rename to install/ubuntu/12.04/templates/web/apache2/phpcgi.tpl index 21be2cdd7..8978bd127 --- a/install/debian/templates/web/apache2/phpcgi.tpl +++ b/install/ubuntu/12.04/templates/web/apache2/phpcgi.tpl @@ -14,6 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php SetHandler phpcgi-script diff --git a/install/ubuntu/12.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/ubuntu/templates/web/apache2/phpfcgid.stpl rename to install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl index 20a580093..7c49603d5 --- a/install/ubuntu/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl @@ -15,6 +15,10 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp SetHandler fcgid-script diff --git a/install/debian/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.tpl old mode 100755 new mode 100644 similarity index 80% rename from install/debian/templates/web/apache2/phpfcgid.tpl rename to install/ubuntu/12.04/templates/web/apache2/phpfcgid.tpl index 72e7d8d44..661f66bd3 --- a/install/debian/templates/web/apache2/phpfcgid.tpl +++ b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.tpl @@ -14,6 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp SetHandler fcgid-script diff --git a/install/ubuntu/12.04/templates/web/awstats/awstats.tpl b/install/ubuntu/12.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/12.04/templates/web/awstats/index.tpl b/install/ubuntu/12.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/12.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/12.04/templates/web/awstats/nav.tpl b/install/ubuntu/12.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/12.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/12.04/templates/web/nginx/caching.sh b/install/ubuntu/12.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/12.04/templates/web/nginx/caching.stpl b/install/ubuntu/12.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/templates/web/nginx/caching.stpl b/install/ubuntu/12.04/templates/web/nginx/caching.tpl similarity index 90% rename from install/debian/templates/web/nginx/caching.stpl rename to install/ubuntu/12.04/templates/web/nginx/caching.tpl index ca6cffe32..36761b65c 100755 --- a/install/debian/templates/web/nginx/caching.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/caching.tpl @@ -1,9 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - ssl on; - ssl_certificate %ssl_pem%; - ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { diff --git a/install/ubuntu/12.04/templates/web/nginx/default.stpl b/install/ubuntu/12.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/default.tpl b/install/ubuntu/12.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.sh b/install/ubuntu/12.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.tpl b/install/ubuntu/12.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.stpl b/install/ubuntu/12.04/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.tpl b/install/ubuntu/12.04/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/12.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/12.04/templates/web/php-fpm/default.tpl b/install/ubuntu/12.04/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/12.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/12.04/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/12.04/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/12.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/12.04/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/12.04/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/12.04/templates/web/skel/document_errors/403.html b/install/ubuntu/12.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/12.04/templates/web/skel/document_errors/404.html b/install/ubuntu/12.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/12.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/12.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/12.04/templates/web/skel/public_html/index.html b/install/ubuntu/12.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/12.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/12.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/12.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/12.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/12.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/12.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/12.04/templates/web/suspend/.htaccess b/install/ubuntu/12.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/12.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/12.04/templates/web/suspend/index.html b/install/ubuntu/12.04/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/12.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/12.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/12.04/vsftpd/vsftpd.conf b/install/ubuntu/12.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..1ca1a9923 --- /dev/null +++ b/install/ubuntu/12.04/vsftpd/vsftpd.conf @@ -0,0 +1,26 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES diff --git a/install/ubuntu/12.10/apache2/apache2.conf b/install/ubuntu/12.10/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/12.10/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/12.10/apache2/status.conf b/install/ubuntu/12.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/12.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/12.10/bind/named.conf b/install/ubuntu/12.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/12.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/12.10/clamav/clamd.conf b/install/ubuntu/12.10/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/12.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/12.10/deb_signing.key b/install/ubuntu/12.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/12.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/12.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/12.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/12.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-master.conf b/install/ubuntu/12.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/12.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/12.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/12.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/12.10/dovecot/dovecot.conf b/install/ubuntu/12.10/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/12.10/exim/dnsbl.conf b/install/ubuntu/12.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/12.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/12.10/exim/exim4.conf.template b/install/ubuntu/12.10/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/12.10/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/12.10/exim/spam-blocks.conf b/install/ubuntu/12.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/12.10/fail2ban/action.d/vesta.conf b/install/ubuntu/12.10/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/12.10/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/12.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/12.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/ubuntu/12.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/12.10/fail2ban/jail.local b/install/ubuntu/12.10/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/12.10/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/12.10/firewall/ports.conf b/install/ubuntu/12.10/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/12.10/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/12.10/firewall/rules.conf b/install/ubuntu/12.10/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/12.10/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/12.10/logrotate/apache2 b/install/ubuntu/12.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/12.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/12.10/logrotate/dovecot b/install/ubuntu/12.10/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/12.10/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/12.10/logrotate/nginx b/install/ubuntu/12.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/12.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/12.10/logrotate/vesta b/install/ubuntu/12.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/12.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/12.10/mysql/my-large.cnf b/install/ubuntu/12.10/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/12.10/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.10/mysql/my-medium.cnf b/install/ubuntu/12.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/12.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.10/mysql/my-small.cnf b/install/ubuntu/12.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/12.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.10/nginx/nginx.conf b/install/ubuntu/12.10/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/12.10/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/12.10/nginx/phpmyadmin.inc b/install/ubuntu/12.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/12.10/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/12.10/nginx/phppgadmin.inc b/install/ubuntu/12.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/12.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.10/nginx/status.conf b/install/ubuntu/12.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/12.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/12.10/nginx/webmail.inc b/install/ubuntu/12.10/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/12.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.10/packages/default.pkg b/install/ubuntu/12.10/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/12.10/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/12.10/packages/gainsboro.pkg b/install/ubuntu/12.10/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/12.10/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/12.10/packages/palegreen.pkg b/install/ubuntu/12.10/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/12.10/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/12.10/packages/slategrey.pkg b/install/ubuntu/12.10/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/12.10/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/12.10/pga/config.inc.php b/install/ubuntu/12.10/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/12.10/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/12.10/pga/phppgadmin.conf b/install/ubuntu/12.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/12.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/12.10/php-fpm/www.conf b/install/ubuntu/12.10/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/12.10/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/12.10/pma/apache.conf b/install/ubuntu/12.10/pma/apache.conf new file mode 100644 index 000000000..ce2a9fe2b --- /dev/null +++ b/install/ubuntu/12.10/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/12.10/pma/config.inc.php b/install/ubuntu/12.10/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/12.10/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/12.10/roundcube/apache.conf b/install/ubuntu/12.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/12.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/12.10/roundcube/config.inc.php b/install/ubuntu/12.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/12.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/12.10/roundcube/main.inc.php b/install/ubuntu/12.10/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/12.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/12.10/roundcube/vesta.php b/install/ubuntu/12.10/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/12.10/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/12.10/sudo/admin b/install/ubuntu/12.10/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/12.10/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/12.10/templates/dns/child-ns.tpl b/install/ubuntu/12.10/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/12.10/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/12.10/templates/dns/default.tpl b/install/ubuntu/12.10/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/12.10/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/12.10/templates/dns/gmail.tpl b/install/ubuntu/12.10/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/12.10/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/12.10/templates/web/apache2/basedir.stpl b/install/ubuntu/12.10/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..379f87da1 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/basedir.tpl b/install/ubuntu/12.10/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..bf87511bd --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/templates/web/apache2/basedir.stpl b/install/ubuntu/12.10/templates/web/apache2/default.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/debian/templates/web/apache2/basedir.stpl rename to install/ubuntu/12.10/templates/web/apache2/default.stpl index 96de57af7..8c8b7a3a2 --- a/install/debian/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/12.10/templates/web/apache2/default.stpl @@ -15,7 +15,10 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/ubuntu/templates/web/apache2/basedir.tpl b/install/ubuntu/12.10/templates/web/apache2/default.tpl old mode 100755 new mode 100644 similarity index 81% rename from install/ubuntu/templates/web/apache2/basedir.tpl rename to install/ubuntu/12.10/templates/web/apache2/default.tpl index 07ec38c98..7fa97eb73 --- a/install/ubuntu/templates/web/apache2/basedir.tpl +++ b/install/ubuntu/12.10/templates/web/apache2/default.tpl @@ -14,7 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/ubuntu/12.10/templates/web/apache2/hosting.stpl b/install/ubuntu/12.10/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..ffb9a998f --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/hosting.tpl b/install/ubuntu/12.10/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..3ed5acd1c --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/12.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..7bbf5be59 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/12.10/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..8978bd127 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..7c49603d5 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..661f66bd3 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/awstats/awstats.tpl b/install/ubuntu/12.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/12.10/templates/web/awstats/index.tpl b/install/ubuntu/12.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/12.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/12.10/templates/web/awstats/nav.tpl b/install/ubuntu/12.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/12.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.sh b/install/ubuntu/12.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.stpl b/install/ubuntu/12.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/templates/web/nginx/caching.stpl b/install/ubuntu/12.10/templates/web/nginx/caching.tpl similarity index 90% rename from install/ubuntu/templates/web/nginx/caching.stpl rename to install/ubuntu/12.10/templates/web/nginx/caching.tpl index ca6cffe32..36761b65c 100755 --- a/install/ubuntu/templates/web/nginx/caching.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/caching.tpl @@ -1,9 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - ssl on; - ssl_certificate %ssl_pem%; - ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { diff --git a/install/ubuntu/12.10/templates/web/nginx/default.stpl b/install/ubuntu/12.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/default.tpl b/install/ubuntu/12.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.sh b/install/ubuntu/12.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.tpl b/install/ubuntu/12.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.stpl b/install/ubuntu/12.10/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.tpl b/install/ubuntu/12.10/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/12.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/12.10/templates/web/php-fpm/default.tpl b/install/ubuntu/12.10/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/12.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/12.10/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/12.10/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/12.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/12.10/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/12.10/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/12.10/templates/web/skel/document_errors/403.html b/install/ubuntu/12.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/12.10/templates/web/skel/document_errors/404.html b/install/ubuntu/12.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/12.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/12.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/12.10/templates/web/skel/public_html/index.html b/install/ubuntu/12.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/12.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/12.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/12.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/12.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/12.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/12.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/12.10/templates/web/suspend/.htaccess b/install/ubuntu/12.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/12.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/12.10/templates/web/suspend/index.html b/install/ubuntu/12.10/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/12.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/12.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/12.10/vsftpd/vsftpd.conf b/install/ubuntu/12.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..1ca1a9923 --- /dev/null +++ b/install/ubuntu/12.10/vsftpd/vsftpd.conf @@ -0,0 +1,26 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES diff --git a/install/ubuntu/13.04/apache2/apache2.conf b/install/ubuntu/13.04/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/13.04/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/13.04/apache2/status.conf b/install/ubuntu/13.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/13.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/13.04/bind/named.conf b/install/ubuntu/13.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/13.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/13.04/clamav/clamd.conf b/install/ubuntu/13.04/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/13.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/13.04/deb_signing.key b/install/ubuntu/13.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/13.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/13.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/13.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/13.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-master.conf b/install/ubuntu/13.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/13.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/13.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/13.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/13.04/dovecot/dovecot.conf b/install/ubuntu/13.04/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/13.04/exim/dnsbl.conf b/install/ubuntu/13.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/13.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/13.04/exim/exim4.conf.template b/install/ubuntu/13.04/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/13.04/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/13.04/exim/spam-blocks.conf b/install/ubuntu/13.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/13.04/fail2ban/action.d/vesta.conf b/install/ubuntu/13.04/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/13.04/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/13.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/13.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/ubuntu/13.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/13.04/fail2ban/jail.local b/install/ubuntu/13.04/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/13.04/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/13.04/firewall/ports.conf b/install/ubuntu/13.04/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/13.04/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/13.04/firewall/rules.conf b/install/ubuntu/13.04/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/13.04/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/13.04/logrotate/apache2 b/install/ubuntu/13.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/13.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/13.04/logrotate/dovecot b/install/ubuntu/13.04/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/13.04/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/13.04/logrotate/nginx b/install/ubuntu/13.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/13.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/13.04/logrotate/vesta b/install/ubuntu/13.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/13.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/13.04/mysql/my-large.cnf b/install/ubuntu/13.04/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/13.04/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.04/mysql/my-medium.cnf b/install/ubuntu/13.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/13.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.04/mysql/my-small.cnf b/install/ubuntu/13.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/13.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.04/nginx/nginx.conf b/install/ubuntu/13.04/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/13.04/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/13.04/nginx/phpmyadmin.inc b/install/ubuntu/13.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/13.04/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/13.04/nginx/phppgadmin.inc b/install/ubuntu/13.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/13.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.04/nginx/status.conf b/install/ubuntu/13.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/13.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/13.04/nginx/webmail.inc b/install/ubuntu/13.04/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/13.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.04/packages/default.pkg b/install/ubuntu/13.04/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/13.04/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/13.04/packages/gainsboro.pkg b/install/ubuntu/13.04/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/13.04/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/13.04/packages/palegreen.pkg b/install/ubuntu/13.04/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/13.04/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/13.04/packages/slategrey.pkg b/install/ubuntu/13.04/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/13.04/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/13.04/pga/config.inc.php b/install/ubuntu/13.04/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/13.04/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/13.04/pga/phppgadmin.conf b/install/ubuntu/13.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/13.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/13.04/php-fpm/www.conf b/install/ubuntu/13.04/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/13.04/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/13.04/pma/apache.conf b/install/ubuntu/13.04/pma/apache.conf new file mode 100644 index 000000000..ce2a9fe2b --- /dev/null +++ b/install/ubuntu/13.04/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/13.04/pma/config.inc.php b/install/ubuntu/13.04/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/13.04/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/13.04/roundcube/apache.conf b/install/ubuntu/13.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/13.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/13.04/roundcube/config.inc.php b/install/ubuntu/13.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/13.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/13.04/roundcube/main.inc.php b/install/ubuntu/13.04/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/13.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/13.04/roundcube/vesta.php b/install/ubuntu/13.04/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/13.04/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/13.04/sudo/admin b/install/ubuntu/13.04/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/13.04/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/13.04/templates/dns/child-ns.tpl b/install/ubuntu/13.04/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/13.04/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/13.04/templates/dns/default.tpl b/install/ubuntu/13.04/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/13.04/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/13.04/templates/dns/gmail.tpl b/install/ubuntu/13.04/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/13.04/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/13.04/templates/web/apache2/basedir.stpl b/install/ubuntu/13.04/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..379f87da1 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/basedir.tpl b/install/ubuntu/13.04/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..bf87511bd --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/templates/web/apache2/basedir.stpl b/install/ubuntu/13.04/templates/web/apache2/default.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/ubuntu/templates/web/apache2/basedir.stpl rename to install/ubuntu/13.04/templates/web/apache2/default.stpl index 96de57af7..8c8b7a3a2 --- a/install/ubuntu/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/default.stpl @@ -15,7 +15,10 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/debian/templates/web/apache2/basedir.tpl b/install/ubuntu/13.04/templates/web/apache2/default.tpl old mode 100755 new mode 100644 similarity index 81% rename from install/debian/templates/web/apache2/basedir.tpl rename to install/ubuntu/13.04/templates/web/apache2/default.tpl index 07ec38c98..7fa97eb73 --- a/install/debian/templates/web/apache2/basedir.tpl +++ b/install/ubuntu/13.04/templates/web/apache2/default.tpl @@ -14,7 +14,10 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot% + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp AllowOverride All diff --git a/install/ubuntu/templates/web/apache2/hosting.stpl b/install/ubuntu/13.04/templates/web/apache2/hosting.stpl old mode 100755 new mode 100644 similarity index 83% rename from install/ubuntu/templates/web/apache2/hosting.stpl rename to install/ubuntu/13.04/templates/web/apache2/hosting.stpl index c1c91e22e..907dc462e --- a/install/ubuntu/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/hosting.stpl @@ -15,15 +15,17 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value upload_max_filesize 10M php_admin_value max_execution_time 20 php_admin_value post_max_size 8M php_admin_value memory_limit 32M php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp - php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' AllowOverride All diff --git a/install/ubuntu/templates/web/apache2/hosting.tpl b/install/ubuntu/13.04/templates/web/apache2/hosting.tpl old mode 100755 new mode 100644 similarity index 81% rename from install/ubuntu/templates/web/apache2/hosting.tpl rename to install/ubuntu/13.04/templates/web/apache2/hosting.tpl index 8f3ec012a..3382b6144 --- a/install/ubuntu/templates/web/apache2/hosting.tpl +++ b/install/ubuntu/13.04/templates/web/apache2/hosting.tpl @@ -14,15 +14,17 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value upload_max_filesize 10M php_admin_value max_execution_time 20 php_admin_value post_max_size 8M php_admin_value memory_limit 32M php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp - php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' AllowOverride All diff --git a/install/ubuntu/13.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/13.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..7bbf5be59 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/13.04/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..8978bd127 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..7c49603d5 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..661f66bd3 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/awstats/awstats.tpl b/install/ubuntu/13.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/13.04/templates/web/awstats/index.tpl b/install/ubuntu/13.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/13.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/13.04/templates/web/awstats/nav.tpl b/install/ubuntu/13.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/13.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.sh b/install/ubuntu/13.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.stpl b/install/ubuntu/13.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/templates/web/nginx/caching.stpl b/install/ubuntu/13.04/templates/web/nginx/caching.tpl similarity index 90% rename from install/rhel/templates/web/nginx/caching.stpl rename to install/ubuntu/13.04/templates/web/nginx/caching.tpl index ca6cffe32..36761b65c 100755 --- a/install/rhel/templates/web/nginx/caching.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/caching.tpl @@ -1,9 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - ssl on; - ssl_certificate %ssl_pem%; - ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { diff --git a/install/ubuntu/13.04/templates/web/nginx/default.stpl b/install/ubuntu/13.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/default.tpl b/install/ubuntu/13.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.sh b/install/ubuntu/13.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.tpl b/install/ubuntu/13.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.stpl b/install/ubuntu/13.04/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.tpl b/install/ubuntu/13.04/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/13.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/13.04/templates/web/php-fpm/default.tpl b/install/ubuntu/13.04/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/13.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/13.04/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/13.04/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/13.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/13.04/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/13.04/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/13.04/templates/web/skel/document_errors/403.html b/install/ubuntu/13.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/13.04/templates/web/skel/document_errors/404.html b/install/ubuntu/13.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/13.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/13.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/13.04/templates/web/skel/public_html/index.html b/install/ubuntu/13.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/13.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/13.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/13.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/13.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/13.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/13.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/13.04/templates/web/suspend/.htaccess b/install/ubuntu/13.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/13.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/13.04/templates/web/suspend/index.html b/install/ubuntu/13.04/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/13.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/13.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/13.04/vsftpd/vsftpd.conf b/install/ubuntu/13.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..1ca1a9923 --- /dev/null +++ b/install/ubuntu/13.04/vsftpd/vsftpd.conf @@ -0,0 +1,26 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES diff --git a/install/ubuntu/13.10/apache2/apache2.conf b/install/ubuntu/13.10/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/13.10/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/13.10/apache2/status.conf b/install/ubuntu/13.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/13.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/13.10/bind/named.conf b/install/ubuntu/13.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/13.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/13.10/clamav/clamd.conf b/install/ubuntu/13.10/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/13.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/13.10/deb_signing.key b/install/ubuntu/13.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/13.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/13.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/13.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/13.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-master.conf b/install/ubuntu/13.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/13.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/13.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/13.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/13.10/dovecot/dovecot.conf b/install/ubuntu/13.10/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/13.10/exim/dnsbl.conf b/install/ubuntu/13.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/13.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/13.10/exim/exim4.conf.template b/install/ubuntu/13.10/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/13.10/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/13.10/exim/spam-blocks.conf b/install/ubuntu/13.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/13.10/fail2ban/action.d/vesta.conf b/install/ubuntu/13.10/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/13.10/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/13.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/13.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/ubuntu/13.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/13.10/fail2ban/jail.local b/install/ubuntu/13.10/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/13.10/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/13.10/firewall/ports.conf b/install/ubuntu/13.10/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/13.10/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/13.10/firewall/rules.conf b/install/ubuntu/13.10/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/13.10/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/13.10/logrotate/apache2 b/install/ubuntu/13.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/13.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/13.10/logrotate/dovecot b/install/ubuntu/13.10/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/13.10/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/13.10/logrotate/nginx b/install/ubuntu/13.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/13.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/13.10/logrotate/vesta b/install/ubuntu/13.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/13.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/13.10/mysql/my-large.cnf b/install/ubuntu/13.10/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/13.10/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.10/mysql/my-medium.cnf b/install/ubuntu/13.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/13.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.10/mysql/my-small.cnf b/install/ubuntu/13.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/13.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.10/nginx/nginx.conf b/install/ubuntu/13.10/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/13.10/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/13.10/nginx/phpmyadmin.inc b/install/ubuntu/13.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/13.10/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/13.10/nginx/phppgadmin.inc b/install/ubuntu/13.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/13.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.10/nginx/status.conf b/install/ubuntu/13.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/13.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/13.10/nginx/webmail.inc b/install/ubuntu/13.10/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/13.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.10/packages/default.pkg b/install/ubuntu/13.10/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/13.10/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/13.10/packages/gainsboro.pkg b/install/ubuntu/13.10/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/13.10/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/13.10/packages/palegreen.pkg b/install/ubuntu/13.10/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/13.10/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/13.10/packages/slategrey.pkg b/install/ubuntu/13.10/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/13.10/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/13.10/pga/config.inc.php b/install/ubuntu/13.10/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/13.10/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/13.10/pga/phppgadmin.conf b/install/ubuntu/13.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/13.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/13.10/php-fpm/www.conf b/install/ubuntu/13.10/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/13.10/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/13.10/pma/apache.conf b/install/ubuntu/13.10/pma/apache.conf new file mode 100644 index 000000000..ce2a9fe2b --- /dev/null +++ b/install/ubuntu/13.10/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/13.10/pma/config.inc.php b/install/ubuntu/13.10/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/13.10/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/13.10/roundcube/apache.conf b/install/ubuntu/13.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/13.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/13.10/roundcube/config.inc.php b/install/ubuntu/13.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/13.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/13.10/roundcube/main.inc.php b/install/ubuntu/13.10/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/13.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/13.10/roundcube/vesta.php b/install/ubuntu/13.10/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/13.10/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/13.10/sudo/admin b/install/ubuntu/13.10/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/13.10/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/13.10/templates/dns/child-ns.tpl b/install/ubuntu/13.10/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/13.10/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/13.10/templates/dns/default.tpl b/install/ubuntu/13.10/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/13.10/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/13.10/templates/dns/gmail.tpl b/install/ubuntu/13.10/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/13.10/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/13.10/templates/web/apache2/basedir.stpl b/install/ubuntu/13.10/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..37c4a4b39 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/basedir.tpl b/install/ubuntu/13.10/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/default.stpl b/install/ubuntu/13.10/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/default.tpl b/install/ubuntu/13.10/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/hosting.stpl b/install/ubuntu/13.10/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..dee0eda9c --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/hosting.tpl b/install/ubuntu/13.10/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/13.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..6cd15df00 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/13.10/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..9c0ca5027 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/awstats/awstats.tpl b/install/ubuntu/13.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/13.10/templates/web/awstats/index.tpl b/install/ubuntu/13.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/13.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/13.10/templates/web/awstats/nav.tpl b/install/ubuntu/13.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/13.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.sh b/install/ubuntu/13.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.stpl b/install/ubuntu/13.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.tpl b/install/ubuntu/13.10/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/default.stpl b/install/ubuntu/13.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/default.tpl b/install/ubuntu/13.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.sh b/install/ubuntu/13.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.tpl b/install/ubuntu/13.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.stpl b/install/ubuntu/13.10/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.tpl b/install/ubuntu/13.10/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/13.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/13.10/templates/web/php-fpm/default.tpl b/install/ubuntu/13.10/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/13.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/13.10/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/13.10/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/13.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/13.10/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/13.10/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/13.10/templates/web/skel/document_errors/403.html b/install/ubuntu/13.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/13.10/templates/web/skel/document_errors/404.html b/install/ubuntu/13.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/13.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/13.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/13.10/templates/web/skel/public_html/index.html b/install/ubuntu/13.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/13.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/13.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/13.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/13.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/13.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/13.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/13.10/templates/web/suspend/.htaccess b/install/ubuntu/13.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/13.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/13.10/templates/web/suspend/index.html b/install/ubuntu/13.10/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/13.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/13.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/13.10/vsftpd/vsftpd.conf b/install/ubuntu/13.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..1ca1a9923 --- /dev/null +++ b/install/ubuntu/13.10/vsftpd/vsftpd.conf @@ -0,0 +1,26 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES diff --git a/install/ubuntu/14.04/apache2/apache2.conf b/install/ubuntu/14.04/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/14.04/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/14.04/apache2/status.conf b/install/ubuntu/14.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/14.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/14.04/bind/named.conf b/install/ubuntu/14.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/14.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/14.04/clamav/clamd.conf b/install/ubuntu/14.04/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/14.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/14.04/deb_signing.key b/install/ubuntu/14.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/14.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/14.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/14.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/14.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-master.conf b/install/ubuntu/14.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/14.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/14.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/14.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/14.04/dovecot/dovecot.conf b/install/ubuntu/14.04/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/14.04/exim/dnsbl.conf b/install/ubuntu/14.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/14.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/14.04/exim/exim4.conf.template b/install/ubuntu/14.04/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/14.04/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/14.04/exim/spam-blocks.conf b/install/ubuntu/14.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/14.04/fail2ban/action.d/vesta.conf b/install/ubuntu/14.04/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/14.04/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/14.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/14.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/ubuntu/14.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/14.04/fail2ban/jail.local b/install/ubuntu/14.04/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/14.04/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/14.04/firewall/ports.conf b/install/ubuntu/14.04/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/14.04/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/14.04/firewall/rules.conf b/install/ubuntu/14.04/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/14.04/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/14.04/logrotate/apache2 b/install/ubuntu/14.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/14.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/14.04/logrotate/dovecot b/install/ubuntu/14.04/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/14.04/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/14.04/logrotate/nginx b/install/ubuntu/14.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/14.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/14.04/logrotate/vesta b/install/ubuntu/14.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/14.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/14.04/mysql/my-large.cnf b/install/ubuntu/14.04/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/14.04/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.04/mysql/my-medium.cnf b/install/ubuntu/14.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/14.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.04/mysql/my-small.cnf b/install/ubuntu/14.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/14.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/nginx.conf b/install/ubuntu/14.04/nginx/nginx.conf similarity index 51% rename from install/debian/nginx.conf rename to install/ubuntu/14.04/nginx/nginx.conf index 91a43671a..c44ab6502 100644 --- a/install/debian/nginx.conf +++ b/install/ubuntu/14.04/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -21,7 +23,7 @@ http { client_body_timeout 1m; client_header_buffer_size 2k; client_body_buffer_size 256k; - client_max_body_size 100m; + client_max_body_size 256m; large_client_header_buffers 4 8k; send_timeout 30; keepalive_timeout 60 60; @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -48,13 +50,13 @@ http { # Compression gzip on; + gzip_vary on; gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css text/javascript - application/x-javascript; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -68,10 +70,34 @@ http { proxy_buffers 32 4k; + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + # SSL PCI Compliance - ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH; - ssl_session_cache shared:SSL:10m; - ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; # Error pages @@ -80,14 +106,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -95,6 +123,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/14.04/nginx/phpmyadmin.inc b/install/ubuntu/14.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/14.04/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/14.04/nginx/phppgadmin.inc b/install/ubuntu/14.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/14.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.04/nginx/status.conf b/install/ubuntu/14.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/14.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/14.04/nginx/webmail.inc b/install/ubuntu/14.04/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/14.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.04/packages/default.pkg b/install/ubuntu/14.04/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/14.04/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/14.04/packages/gainsboro.pkg b/install/ubuntu/14.04/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/14.04/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/14.04/packages/palegreen.pkg b/install/ubuntu/14.04/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/14.04/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/14.04/packages/slategrey.pkg b/install/ubuntu/14.04/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/14.04/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/14.04/pga/config.inc.php b/install/ubuntu/14.04/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/14.04/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/14.04/pga/phppgadmin.conf b/install/ubuntu/14.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/14.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/14.04/php-fpm/www.conf b/install/ubuntu/14.04/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/14.04/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/14.04/pma/apache.conf b/install/ubuntu/14.04/pma/apache.conf new file mode 100644 index 000000000..ce2a9fe2b --- /dev/null +++ b/install/ubuntu/14.04/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/14.04/pma/config.inc.php b/install/ubuntu/14.04/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/14.04/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/14.04/roundcube/apache.conf b/install/ubuntu/14.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/14.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/14.04/roundcube/config.inc.php b/install/ubuntu/14.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/14.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/14.04/roundcube/main.inc.php b/install/ubuntu/14.04/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/14.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/14.04/roundcube/vesta.php b/install/ubuntu/14.04/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/14.04/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/14.04/sudo/admin b/install/ubuntu/14.04/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/14.04/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/14.04/templates/dns/child-ns.tpl b/install/ubuntu/14.04/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/14.04/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/14.04/templates/dns/default.tpl b/install/ubuntu/14.04/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/14.04/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/14.04/templates/dns/gmail.tpl b/install/ubuntu/14.04/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/14.04/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/14.04/templates/web/apache2/basedir.stpl b/install/ubuntu/14.04/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..37c4a4b39 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/basedir.tpl b/install/ubuntu/14.04/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/default.stpl b/install/ubuntu/14.04/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/default.tpl b/install/ubuntu/14.04/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/hosting.stpl b/install/ubuntu/14.04/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..dee0eda9c --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/hosting.tpl b/install/ubuntu/14.04/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/14.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..6cd15df00 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/14.04/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..9c0ca5027 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/awstats/awstats.tpl b/install/ubuntu/14.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/14.04/templates/web/awstats/index.tpl b/install/ubuntu/14.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/14.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/14.04/templates/web/awstats/nav.tpl b/install/ubuntu/14.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/14.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.sh b/install/ubuntu/14.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.stpl b/install/ubuntu/14.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.tpl b/install/ubuntu/14.04/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/default.stpl b/install/ubuntu/14.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/default.tpl b/install/ubuntu/14.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.sh b/install/ubuntu/14.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.tpl b/install/ubuntu/14.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.stpl b/install/ubuntu/14.04/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.tpl b/install/ubuntu/14.04/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/invoiceninja.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/invoiceninja.stpl new file mode 100644 index 000000000..086e6a8e8 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/invoiceninja.stpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/invoiceninja.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/invoiceninja.tpl new file mode 100644 index 000000000..fd06523a9 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/invoiceninja.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/14.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/14.04/templates/web/php-fpm/default.tpl b/install/ubuntu/14.04/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/14.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/14.04/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/14.04/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/14.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/14.04/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/14.04/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/14.04/templates/web/skel/document_errors/403.html b/install/ubuntu/14.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/14.04/templates/web/skel/document_errors/404.html b/install/ubuntu/14.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/14.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/14.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/14.04/templates/web/skel/public_html/index.html b/install/ubuntu/14.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/14.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/14.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/14.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/14.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/14.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/14.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/14.04/templates/web/suspend/.htaccess b/install/ubuntu/14.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/14.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/14.04/templates/web/suspend/index.html b/install/ubuntu/14.04/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/14.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/14.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/14.04/vsftpd/vsftpd.conf b/install/ubuntu/14.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..1ca1a9923 --- /dev/null +++ b/install/ubuntu/14.04/vsftpd/vsftpd.conf @@ -0,0 +1,26 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES diff --git a/install/ubuntu/14.10/apache2/apache2.conf b/install/ubuntu/14.10/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/14.10/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/14.10/apache2/status.conf b/install/ubuntu/14.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/14.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/14.10/bind/named.conf b/install/ubuntu/14.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/14.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/14.10/clamav/clamd.conf b/install/ubuntu/14.10/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/14.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/14.10/deb_signing.key b/install/ubuntu/14.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/14.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/14.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/14.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/14.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-master.conf b/install/ubuntu/14.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/14.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/14.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/14.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/14.10/dovecot/dovecot.conf b/install/ubuntu/14.10/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/14.10/exim/dnsbl.conf b/install/ubuntu/14.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/14.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/14.10/exim/exim4.conf.template b/install/ubuntu/14.10/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/14.10/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/14.10/exim/spam-blocks.conf b/install/ubuntu/14.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/14.10/fail2ban/action.d/vesta.conf b/install/ubuntu/14.10/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/14.10/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/14.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/14.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/ubuntu/14.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/14.10/fail2ban/jail.local b/install/ubuntu/14.10/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/14.10/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/14.10/firewall/ports.conf b/install/ubuntu/14.10/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/14.10/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/14.10/firewall/rules.conf b/install/ubuntu/14.10/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/14.10/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/14.10/logrotate/apache2 b/install/ubuntu/14.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/14.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/14.10/logrotate/dovecot b/install/ubuntu/14.10/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/14.10/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/14.10/logrotate/nginx b/install/ubuntu/14.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/14.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/14.10/logrotate/vesta b/install/ubuntu/14.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/14.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/14.10/mysql/my-large.cnf b/install/ubuntu/14.10/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/14.10/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.10/mysql/my-medium.cnf b/install/ubuntu/14.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/14.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.10/mysql/my-small.cnf b/install/ubuntu/14.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/14.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.10/nginx/nginx.conf b/install/ubuntu/14.10/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/14.10/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/14.10/nginx/phpmyadmin.inc b/install/ubuntu/14.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/14.10/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/14.10/nginx/phppgadmin.inc b/install/ubuntu/14.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/14.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.10/nginx/status.conf b/install/ubuntu/14.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/14.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/14.10/nginx/webmail.inc b/install/ubuntu/14.10/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/14.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.10/packages/default.pkg b/install/ubuntu/14.10/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/14.10/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/14.10/packages/gainsboro.pkg b/install/ubuntu/14.10/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/14.10/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/14.10/packages/palegreen.pkg b/install/ubuntu/14.10/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/14.10/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/14.10/packages/slategrey.pkg b/install/ubuntu/14.10/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/14.10/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/14.10/pga/config.inc.php b/install/ubuntu/14.10/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/14.10/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/14.10/pga/phppgadmin.conf b/install/ubuntu/14.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/14.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/14.10/php-fpm/www.conf b/install/ubuntu/14.10/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/14.10/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/14.10/pma/apache.conf b/install/ubuntu/14.10/pma/apache.conf new file mode 100644 index 000000000..ce2a9fe2b --- /dev/null +++ b/install/ubuntu/14.10/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/14.10/pma/config.inc.php b/install/ubuntu/14.10/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/14.10/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/14.10/roundcube/apache.conf b/install/ubuntu/14.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/14.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/14.10/roundcube/config.inc.php b/install/ubuntu/14.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/14.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/14.10/roundcube/main.inc.php b/install/ubuntu/14.10/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/14.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/14.10/roundcube/vesta.php b/install/ubuntu/14.10/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/14.10/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/14.10/sudo/admin b/install/ubuntu/14.10/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/14.10/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/14.10/templates/dns/child-ns.tpl b/install/ubuntu/14.10/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/14.10/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/14.10/templates/dns/default.tpl b/install/ubuntu/14.10/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/14.10/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/14.10/templates/dns/gmail.tpl b/install/ubuntu/14.10/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/14.10/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/14.10/templates/web/apache2/basedir.stpl b/install/ubuntu/14.10/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..37c4a4b39 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/basedir.tpl b/install/ubuntu/14.10/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/default.stpl b/install/ubuntu/14.10/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/default.tpl b/install/ubuntu/14.10/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/hosting.stpl b/install/ubuntu/14.10/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..dee0eda9c --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/hosting.tpl b/install/ubuntu/14.10/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/14.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..6cd15df00 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/14.10/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..9c0ca5027 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/awstats/awstats.tpl b/install/ubuntu/14.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/14.10/templates/web/awstats/index.tpl b/install/ubuntu/14.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/14.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/14.10/templates/web/awstats/nav.tpl b/install/ubuntu/14.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/14.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.sh b/install/ubuntu/14.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.stpl b/install/ubuntu/14.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.tpl b/install/ubuntu/14.10/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/default.stpl b/install/ubuntu/14.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/default.tpl b/install/ubuntu/14.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.sh b/install/ubuntu/14.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.tpl b/install/ubuntu/14.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.stpl b/install/ubuntu/14.10/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.tpl b/install/ubuntu/14.10/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/14.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/14.10/templates/web/php-fpm/default.tpl b/install/ubuntu/14.10/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/14.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/14.10/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/14.10/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/14.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/14.10/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/14.10/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/14.10/templates/web/skel/document_errors/403.html b/install/ubuntu/14.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/14.10/templates/web/skel/document_errors/404.html b/install/ubuntu/14.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/14.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/14.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/14.10/templates/web/skel/public_html/index.html b/install/ubuntu/14.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/14.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/14.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/14.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/14.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/14.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/14.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/14.10/templates/web/suspend/.htaccess b/install/ubuntu/14.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/14.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/14.10/templates/web/suspend/index.html b/install/ubuntu/14.10/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/14.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/14.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/14.10/vsftpd/vsftpd.conf b/install/ubuntu/14.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..1ca1a9923 --- /dev/null +++ b/install/ubuntu/14.10/vsftpd/vsftpd.conf @@ -0,0 +1,26 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES diff --git a/install/ubuntu/15.04/apache2/apache2.conf b/install/ubuntu/15.04/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/15.04/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/15.04/apache2/status.conf b/install/ubuntu/15.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/15.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/15.04/bind/named.conf b/install/ubuntu/15.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/15.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/15.04/clamav/clamd.conf b/install/ubuntu/15.04/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/15.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/15.04/deb_signing.key b/install/ubuntu/15.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/15.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/15.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/15.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/15.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-master.conf b/install/ubuntu/15.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/15.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/15.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/15.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/15.04/dovecot/dovecot.conf b/install/ubuntu/15.04/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/15.04/exim/dnsbl.conf b/install/ubuntu/15.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/15.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/15.04/exim/exim4.conf.template b/install/ubuntu/15.04/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/15.04/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/15.04/exim/spam-blocks.conf b/install/ubuntu/15.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/15.04/fail2ban/action.d/vesta.conf b/install/ubuntu/15.04/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/15.04/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/15.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/15.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..36ec10019 --- /dev/null +++ b/install/ubuntu/15.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/15.04/fail2ban/jail.local b/install/ubuntu/15.04/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/15.04/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/15.04/firewall/ports.conf b/install/ubuntu/15.04/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/15.04/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/15.04/firewall/rules.conf b/install/ubuntu/15.04/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/15.04/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/15.04/logrotate/apache2 b/install/ubuntu/15.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/15.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/15.04/logrotate/dovecot b/install/ubuntu/15.04/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/15.04/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/15.04/logrotate/nginx b/install/ubuntu/15.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/15.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/15.04/logrotate/vesta b/install/ubuntu/15.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/15.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/15.04/mysql/my-large.cnf b/install/ubuntu/15.04/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/15.04/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/15.04/mysql/my-medium.cnf b/install/ubuntu/15.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/15.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/15.04/mysql/my-small.cnf b/install/ubuntu/15.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/15.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/15.04/nginx/nginx.conf b/install/ubuntu/15.04/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/15.04/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/15.04/nginx/phpmyadmin.inc b/install/ubuntu/15.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/15.04/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/15.04/nginx/phppgadmin.inc b/install/ubuntu/15.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/15.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/15.04/nginx/status.conf b/install/ubuntu/15.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/15.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/15.04/nginx/webmail.inc b/install/ubuntu/15.04/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/15.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/15.04/packages/default.pkg b/install/ubuntu/15.04/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/15.04/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/15.04/packages/gainsboro.pkg b/install/ubuntu/15.04/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/15.04/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/15.04/packages/palegreen.pkg b/install/ubuntu/15.04/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/15.04/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/15.04/packages/slategrey.pkg b/install/ubuntu/15.04/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/15.04/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/15.04/pga/config.inc.php b/install/ubuntu/15.04/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/15.04/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/15.04/pga/phppgadmin.conf b/install/ubuntu/15.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/15.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/15.04/php-fpm/www.conf b/install/ubuntu/15.04/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/15.04/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/15.04/pma/apache.conf b/install/ubuntu/15.04/pma/apache.conf new file mode 100644 index 000000000..ce2a9fe2b --- /dev/null +++ b/install/ubuntu/15.04/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/15.04/pma/config.inc.php b/install/ubuntu/15.04/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/15.04/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/15.04/roundcube/apache.conf b/install/ubuntu/15.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/15.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/15.04/roundcube/config.inc.php b/install/ubuntu/15.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/15.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/15.04/roundcube/main.inc.php b/install/ubuntu/15.04/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/15.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/15.04/roundcube/vesta.php b/install/ubuntu/15.04/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/15.04/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/15.04/sudo/admin b/install/ubuntu/15.04/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/15.04/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/15.04/templates/dns/child-ns.tpl b/install/ubuntu/15.04/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/15.04/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/15.04/templates/dns/default.tpl b/install/ubuntu/15.04/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/15.04/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/15.04/templates/dns/gmail.tpl b/install/ubuntu/15.04/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/15.04/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/15.04/templates/web/apache2/basedir.stpl b/install/ubuntu/15.04/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..37c4a4b39 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/basedir.tpl b/install/ubuntu/15.04/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/default.stpl b/install/ubuntu/15.04/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/default.tpl b/install/ubuntu/15.04/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/hosting.stpl b/install/ubuntu/15.04/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..dee0eda9c --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/hosting.tpl b/install/ubuntu/15.04/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/15.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..6cd15df00 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/15.04/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..9c0ca5027 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/awstats/awstats.tpl b/install/ubuntu/15.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/15.04/templates/web/awstats/index.tpl b/install/ubuntu/15.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/15.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/15.04/templates/web/awstats/nav.tpl b/install/ubuntu/15.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/15.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.sh b/install/ubuntu/15.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.stpl b/install/ubuntu/15.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.tpl b/install/ubuntu/15.04/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/default.stpl b/install/ubuntu/15.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/default.tpl b/install/ubuntu/15.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.sh b/install/ubuntu/15.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.tpl b/install/ubuntu/15.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.stpl b/install/ubuntu/15.04/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.tpl b/install/ubuntu/15.04/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/15.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/15.04/templates/web/php-fpm/default.tpl b/install/ubuntu/15.04/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/15.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/15.04/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/15.04/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/15.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/15.04/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/15.04/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/15.04/templates/web/skel/document_errors/403.html b/install/ubuntu/15.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/15.04/templates/web/skel/document_errors/404.html b/install/ubuntu/15.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/15.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/15.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/15.04/templates/web/skel/public_html/index.html b/install/ubuntu/15.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/15.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/15.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/15.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/15.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/15.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/15.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/15.04/templates/web/suspend/.htaccess b/install/ubuntu/15.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/15.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/15.04/templates/web/suspend/index.html b/install/ubuntu/15.04/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/15.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/15.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/15.04/vsftpd/vsftpd.conf b/install/ubuntu/15.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..1ca1a9923 --- /dev/null +++ b/install/ubuntu/15.04/vsftpd/vsftpd.conf @@ -0,0 +1,26 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES diff --git a/install/ubuntu/15.10/apache2/apache2.conf b/install/ubuntu/15.10/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/15.10/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/15.10/apache2/status.conf b/install/ubuntu/15.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/15.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/15.10/bind/named.conf b/install/ubuntu/15.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/15.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/15.10/clamav/clamd.conf b/install/ubuntu/15.10/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/15.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/15.10/deb_signing.key b/install/ubuntu/15.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/15.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/15.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/15.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/15.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/15.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/15.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/15.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/15.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/15.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/15.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/15.10/dovecot/conf.d/10-master.conf b/install/ubuntu/15.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/15.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/15.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/15.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/15.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/15.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/15.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/15.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/15.10/dovecot/dovecot.conf b/install/ubuntu/15.10/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/15.10/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/15.10/exim/dnsbl.conf b/install/ubuntu/15.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/15.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/15.10/exim/exim4.conf.template b/install/ubuntu/15.10/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/15.10/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/15.10/exim/spam-blocks.conf b/install/ubuntu/15.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/15.10/fail2ban/action.d/vesta.conf b/install/ubuntu/15.10/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/15.10/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/15.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/15.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/15.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/15.10/fail2ban/jail.local b/install/ubuntu/15.10/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/15.10/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/15.10/firewall/ports.conf b/install/ubuntu/15.10/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/15.10/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/15.10/firewall/rules.conf b/install/ubuntu/15.10/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/15.10/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/15.10/logrotate/apache2 b/install/ubuntu/15.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/15.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/15.10/logrotate/dovecot b/install/ubuntu/15.10/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/15.10/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/15.10/logrotate/nginx b/install/ubuntu/15.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/15.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/15.10/logrotate/vesta b/install/ubuntu/15.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/15.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/15.10/mysql/my-large.cnf b/install/ubuntu/15.10/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/15.10/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/15.10/mysql/my-medium.cnf b/install/ubuntu/15.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/15.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/15.10/mysql/my-small.cnf b/install/ubuntu/15.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/15.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/15.10/nginx/nginx.conf b/install/ubuntu/15.10/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/15.10/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/15.10/nginx/phpmyadmin.inc b/install/ubuntu/15.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/15.10/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/15.10/nginx/phppgadmin.inc b/install/ubuntu/15.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/15.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/15.10/nginx/status.conf b/install/ubuntu/15.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/15.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/15.10/nginx/webmail.inc b/install/ubuntu/15.10/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/15.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/15.10/packages/default.pkg b/install/ubuntu/15.10/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/15.10/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/15.10/packages/gainsboro.pkg b/install/ubuntu/15.10/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/15.10/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/15.10/packages/palegreen.pkg b/install/ubuntu/15.10/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/15.10/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/15.10/packages/slategrey.pkg b/install/ubuntu/15.10/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/15.10/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/15.10/pga/config.inc.php b/install/ubuntu/15.10/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/15.10/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/15.10/pga/phppgadmin.conf b/install/ubuntu/15.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/15.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/15.10/php-fpm/www.conf b/install/ubuntu/15.10/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/15.10/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/15.10/pma/apache.conf b/install/ubuntu/15.10/pma/apache.conf new file mode 100644 index 000000000..ce2a9fe2b --- /dev/null +++ b/install/ubuntu/15.10/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/15.10/pma/config.inc.php b/install/ubuntu/15.10/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/15.10/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/15.10/roundcube/apache.conf b/install/ubuntu/15.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/15.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/15.10/roundcube/config.inc.php b/install/ubuntu/15.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/15.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/15.10/roundcube/main.inc.php b/install/ubuntu/15.10/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/15.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/15.10/roundcube/vesta.php b/install/ubuntu/15.10/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/15.10/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/15.10/sudo/admin b/install/ubuntu/15.10/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/15.10/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/15.10/templates/dns/child-ns.tpl b/install/ubuntu/15.10/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/15.10/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/15.10/templates/dns/default.tpl b/install/ubuntu/15.10/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/15.10/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/15.10/templates/dns/gmail.tpl b/install/ubuntu/15.10/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/15.10/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/15.10/templates/web/apache2/basedir.stpl b/install/ubuntu/15.10/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..37c4a4b39 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/apache2/basedir.tpl b/install/ubuntu/15.10/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/apache2/default.stpl b/install/ubuntu/15.10/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/apache2/default.tpl b/install/ubuntu/15.10/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/apache2/hosting.stpl b/install/ubuntu/15.10/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..dee0eda9c --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/apache2/hosting.tpl b/install/ubuntu/15.10/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/15.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..6cd15df00 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/15.10/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..9c0ca5027 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.10/templates/web/awstats/awstats.tpl b/install/ubuntu/15.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/15.10/templates/web/awstats/index.tpl b/install/ubuntu/15.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/15.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/15.10/templates/web/awstats/nav.tpl b/install/ubuntu/15.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/15.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/15.10/templates/web/nginx/caching.sh b/install/ubuntu/15.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/15.10/templates/web/nginx/caching.stpl b/install/ubuntu/15.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/caching.tpl b/install/ubuntu/15.10/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/default.stpl b/install/ubuntu/15.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.10/templates/web/nginx/default.tpl b/install/ubuntu/15.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.sh b/install/ubuntu/15.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.tpl b/install/ubuntu/15.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.stpl b/install/ubuntu/15.10/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.tpl b/install/ubuntu/15.10/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/15.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/15.10/templates/web/php-fpm/default.tpl b/install/ubuntu/15.10/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/15.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/15.10/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/15.10/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/15.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/15.10/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/15.10/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/15.10/templates/web/skel/document_errors/403.html b/install/ubuntu/15.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/15.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/15.10/templates/web/skel/document_errors/404.html b/install/ubuntu/15.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/15.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/15.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/15.10/templates/web/skel/public_html/index.html b/install/ubuntu/15.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/15.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/15.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/15.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/15.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/15.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/15.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/15.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/15.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/15.10/templates/web/suspend/.htaccess b/install/ubuntu/15.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/15.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/15.10/templates/web/suspend/index.html b/install/ubuntu/15.10/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/15.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/15.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/15.10/vsftpd/vsftpd.conf b/install/ubuntu/15.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..1ca1a9923 --- /dev/null +++ b/install/ubuntu/15.10/vsftpd/vsftpd.conf @@ -0,0 +1,26 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES diff --git a/install/ubuntu/16.04/apache2/apache2.conf b/install/ubuntu/16.04/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/16.04/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/16.04/apache2/status.conf b/install/ubuntu/16.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/16.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/16.04/bind/named.conf b/install/ubuntu/16.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/16.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/16.04/clamav/clamd.conf b/install/ubuntu/16.04/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/16.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/16.04/deb_signing.key b/install/ubuntu/16.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/16.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/16.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/16.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/16.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/16.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/16.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/16.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/16.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/16.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/16.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/16.04/dovecot/conf.d/10-master.conf b/install/ubuntu/16.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/16.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/16.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/16.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..24cbf3e26 --- /dev/null +++ b/install/ubuntu/16.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,5 @@ +ssl = yes +ssl_protocols = !SSLv2 !SSLv3 + +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/16.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/16.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/16.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/16.04/dovecot/dovecot.conf b/install/ubuntu/16.04/dovecot/dovecot.conf new file mode 100644 index 000000000..163460bab --- /dev/null +++ b/install/ubuntu/16.04/dovecot/dovecot.conf @@ -0,0 +1,24 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf + +namespace inbox { + type = private + separator = / + prefix = + inbox = yes + + mailbox Sent { + auto = subscribe + special_use = \Sent + } + mailbox Drafts { + auto = subscribe + special_use = \Drafts + } + mailbox Trash { + auto = subscribe + special_use = \Trash + } +} diff --git a/install/ubuntu/16.04/exim/dnsbl.conf b/install/ubuntu/16.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/16.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/16.04/exim/exim4.conf.template b/install/ubuntu/16.04/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/16.04/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/16.04/exim/spam-blocks.conf b/install/ubuntu/16.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/16.04/fail2ban/action.d/vesta.conf b/install/ubuntu/16.04/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/16.04/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/16.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/16.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/16.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/16.04/fail2ban/jail.local b/install/ubuntu/16.04/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/16.04/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/16.04/firewall/ports.conf b/install/ubuntu/16.04/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/16.04/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/16.04/firewall/rules.conf b/install/ubuntu/16.04/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/16.04/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/16.04/logrotate/apache2 b/install/ubuntu/16.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/16.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/16.04/logrotate/dovecot b/install/ubuntu/16.04/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/16.04/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/16.04/logrotate/nginx b/install/ubuntu/16.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/16.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/16.04/logrotate/vesta b/install/ubuntu/16.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/16.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/16.04/mysql/my-large.cnf b/install/ubuntu/16.04/mysql/my-large.cnf new file mode 100644 index 000000000..7201377cd --- /dev/null +++ b/install/ubuntu/16.04/mysql/my-large.cnf @@ -0,0 +1,41 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/16.04/mysql/my-medium.cnf b/install/ubuntu/16.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/16.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/16.04/mysql/my-small.cnf b/install/ubuntu/16.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/16.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/16.04/nginx/nginx.conf b/install/ubuntu/16.04/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/16.04/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/16.04/nginx/phpmyadmin.inc b/install/ubuntu/16.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/16.04/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/16.04/nginx/phppgadmin.inc b/install/ubuntu/16.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/16.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/16.04/nginx/status.conf b/install/ubuntu/16.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/16.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/16.04/nginx/webmail.inc b/install/ubuntu/16.04/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/16.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/16.04/packages/default.pkg b/install/ubuntu/16.04/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/16.04/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/16.04/packages/gainsboro.pkg b/install/ubuntu/16.04/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/16.04/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/16.04/packages/palegreen.pkg b/install/ubuntu/16.04/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/16.04/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/16.04/packages/slategrey.pkg b/install/ubuntu/16.04/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/16.04/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/16.04/pga/config.inc.php b/install/ubuntu/16.04/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/16.04/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/16.04/pga/phppgadmin.conf b/install/ubuntu/16.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/16.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/16.04/php-fpm/www.conf b/install/ubuntu/16.04/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/16.04/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/16.04/pma/apache.conf b/install/ubuntu/16.04/pma/apache.conf new file mode 100644 index 000000000..81c1743a3 --- /dev/null +++ b/install/ubuntu/16.04/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/ + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/16.04/pma/config.inc.php b/install/ubuntu/16.04/pma/config.inc.php new file mode 100644 index 000000000..fb131d65f --- /dev/null +++ b/install/ubuntu/16.04/pma/config.inc.php @@ -0,0 +1,154 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/16.04/roundcube/apache.conf b/install/ubuntu/16.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/16.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/16.04/roundcube/config.inc.php b/install/ubuntu/16.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/16.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/16.04/roundcube/main.inc.php b/install/ubuntu/16.04/roundcube/main.inc.php new file mode 100644 index 000000000..44b19793f --- /dev/null +++ b/install/ubuntu/16.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = true; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 30 seconds +$rcmail_config['draft_autosave'] = 30; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/16.04/roundcube/vesta.php b/install/ubuntu/16.04/roundcube/vesta.php new file mode 100644 index 000000000..b6646b2bb --- /dev/null +++ b/install/ubuntu/16.04/roundcube/vesta.php @@ -0,0 +1,73 @@ + + */ +class rcube_vesta_password +{ + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} \ No newline at end of file diff --git a/install/ubuntu/16.04/sudo/admin b/install/ubuntu/16.04/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/16.04/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/16.04/templates/dns/child-ns.tpl b/install/ubuntu/16.04/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/16.04/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/16.04/templates/dns/default.tpl b/install/ubuntu/16.04/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/16.04/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/16.04/templates/dns/gmail.tpl b/install/ubuntu/16.04/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/16.04/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/16.04/templates/web/apache2/basedir.stpl b/install/ubuntu/16.04/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..37c4a4b39 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/apache2/basedir.tpl b/install/ubuntu/16.04/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/apache2/default.stpl b/install/ubuntu/16.04/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/apache2/default.tpl b/install/ubuntu/16.04/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/apache2/hosting.stpl b/install/ubuntu/16.04/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..dee0eda9c --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/apache2/hosting.tpl b/install/ubuntu/16.04/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/16.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..6cd15df00 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/16.04/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..9c0ca5027 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.04/templates/web/awstats/awstats.tpl b/install/ubuntu/16.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/16.04/templates/web/awstats/index.tpl b/install/ubuntu/16.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/16.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/16.04/templates/web/awstats/nav.tpl b/install/ubuntu/16.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/16.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/16.04/templates/web/nginx/caching.sh b/install/ubuntu/16.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..118e7b381 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/caching.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi diff --git a/install/ubuntu/16.04/templates/web/nginx/caching.stpl b/install/ubuntu/16.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/caching.tpl b/install/ubuntu/16.04/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/default.stpl b/install/ubuntu/16.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.04/templates/web/nginx/default.tpl b/install/ubuntu/16.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.sh b/install/ubuntu/16.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.tpl b/install/ubuntu/16.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.stpl b/install/ubuntu/16.04/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.tpl b/install/ubuntu/16.04/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/invoiceninja.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/invoiceninja.stpl new file mode 100644 index 000000000..086e6a8e8 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/invoiceninja.stpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/invoiceninja.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/invoiceninja.tpl new file mode 100644 index 000000000..fd06523a9 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/invoiceninja.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/mautic.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/mautic.stpl new file mode 100644 index 000000000..a88e9b58f --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/mautic.stpl @@ -0,0 +1,48 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/mautic.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/mautic.tpl new file mode 100644 index 000000000..177d48757 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/mautic.tpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/16.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/16.04/templates/web/php-fpm/default.tpl b/install/ubuntu/16.04/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/16.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/16.04/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/16.04/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/16.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/16.04/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/16.04/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/16.04/templates/web/skel/document_errors/403.html b/install/ubuntu/16.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/16.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/16.04/templates/web/skel/document_errors/404.html b/install/ubuntu/16.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/16.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/16.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/16.04/templates/web/skel/public_html/index.html b/install/ubuntu/16.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/16.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/16.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/16.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/16.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/16.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/16.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/16.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/16.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/16.04/templates/web/suspend/.htaccess b/install/ubuntu/16.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/16.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/16.04/templates/web/suspend/index.html b/install/ubuntu/16.04/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/16.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/16.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/16.04/vsftpd/vsftpd.conf b/install/ubuntu/16.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..034b016d2 --- /dev/null +++ b/install/ubuntu/16.04/vsftpd/vsftpd.conf @@ -0,0 +1,27 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_min_port=12000 +pasv_max_port=12100 +max_per_ip=10 +max_clients=100 +use_localtime=YES diff --git a/install/ubuntu/16.10/apache2/apache2.conf b/install/ubuntu/16.10/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/16.10/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/16.10/apache2/status.conf b/install/ubuntu/16.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/16.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/16.10/bind/named.conf b/install/ubuntu/16.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/16.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/16.10/clamav/clamd.conf b/install/ubuntu/16.10/clamav/clamd.conf new file mode 100644 index 000000000..4e04356ea --- /dev/null +++ b/install/ubuntu/16.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +# AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/16.10/deb_signing.key b/install/ubuntu/16.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/16.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/16.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/16.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/16.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/16.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/16.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/16.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/16.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/16.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/16.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/16.10/dovecot/conf.d/10-master.conf b/install/ubuntu/16.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/16.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/16.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/16.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..24cbf3e26 --- /dev/null +++ b/install/ubuntu/16.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,5 @@ +ssl = yes +ssl_protocols = !SSLv2 !SSLv3 + +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/16.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/16.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/16.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/16.10/dovecot/dovecot.conf b/install/ubuntu/16.10/dovecot/dovecot.conf new file mode 100644 index 000000000..311a33517 --- /dev/null +++ b/install/ubuntu/16.10/dovecot/dovecot.conf @@ -0,0 +1,24 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf + +namespace { + type = private + separator = / + prefix = + inbox = yes + + mailbox Sent { + auto = subscribe + special_use = \Sent + } + mailbox Drafts { + auto = subscribe + special_use = \Drafts + } + mailbox Trash { + auto = subscribe + special_use = \Trash + } +} diff --git a/install/ubuntu/16.10/exim/dnsbl.conf b/install/ubuntu/16.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/16.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/16.10/exim/exim4.conf.template b/install/ubuntu/16.10/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/16.10/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/16.10/exim/spam-blocks.conf b/install/ubuntu/16.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/16.10/fail2ban/action.d/vesta.conf b/install/ubuntu/16.10/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/16.10/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/16.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/16.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/16.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/16.10/fail2ban/jail.local b/install/ubuntu/16.10/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/16.10/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/16.10/firewall/ports.conf b/install/ubuntu/16.10/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/16.10/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/16.10/firewall/rules.conf b/install/ubuntu/16.10/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/16.10/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/16.10/logrotate/apache2 b/install/ubuntu/16.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/16.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/16.10/logrotate/dovecot b/install/ubuntu/16.10/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/16.10/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/16.10/logrotate/nginx b/install/ubuntu/16.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/16.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/16.10/logrotate/vesta b/install/ubuntu/16.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/16.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/16.10/mysql/my-large.cnf b/install/ubuntu/16.10/mysql/my-large.cnf new file mode 100644 index 000000000..7201377cd --- /dev/null +++ b/install/ubuntu/16.10/mysql/my-large.cnf @@ -0,0 +1,41 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/16.10/mysql/my-medium.cnf b/install/ubuntu/16.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/16.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/16.10/mysql/my-small.cnf b/install/ubuntu/16.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/16.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/16.10/nginx/nginx.conf b/install/ubuntu/16.10/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/16.10/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/16.10/nginx/phpmyadmin.inc b/install/ubuntu/16.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/16.10/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/16.10/nginx/phppgadmin.inc b/install/ubuntu/16.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/16.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/16.10/nginx/status.conf b/install/ubuntu/16.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/16.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/16.10/nginx/webmail.inc b/install/ubuntu/16.10/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/16.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/16.10/packages/default.pkg b/install/ubuntu/16.10/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/16.10/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/16.10/packages/gainsboro.pkg b/install/ubuntu/16.10/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/16.10/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/16.10/packages/palegreen.pkg b/install/ubuntu/16.10/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/16.10/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/16.10/packages/slategrey.pkg b/install/ubuntu/16.10/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/16.10/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/16.10/pga/config.inc.php b/install/ubuntu/16.10/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/16.10/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/16.10/pga/phppgadmin.conf b/install/ubuntu/16.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/16.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/16.10/php-fpm/www.conf b/install/ubuntu/16.10/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/16.10/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/16.10/pma/apache.conf b/install/ubuntu/16.10/pma/apache.conf new file mode 100644 index 000000000..81c1743a3 --- /dev/null +++ b/install/ubuntu/16.10/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/ + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/16.10/pma/config.inc.php b/install/ubuntu/16.10/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/16.10/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/16.10/roundcube/apache.conf b/install/ubuntu/16.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/16.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/16.10/roundcube/config.inc.php b/install/ubuntu/16.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/16.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/16.10/roundcube/main.inc.php b/install/ubuntu/16.10/roundcube/main.inc.php new file mode 100644 index 000000000..44b19793f --- /dev/null +++ b/install/ubuntu/16.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = true; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 30 seconds +$rcmail_config['draft_autosave'] = 30; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/16.10/roundcube/vesta.php b/install/ubuntu/16.10/roundcube/vesta.php new file mode 100644 index 000000000..b4a2a6b6c --- /dev/null +++ b/install/ubuntu/16.10/roundcube/vesta.php @@ -0,0 +1,72 @@ + + */ +class rcube_vesta_password { + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} \ No newline at end of file diff --git a/install/ubuntu/16.10/sudo/admin b/install/ubuntu/16.10/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/16.10/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/16.10/templates/dns/child-ns.tpl b/install/ubuntu/16.10/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/16.10/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/16.10/templates/dns/default.tpl b/install/ubuntu/16.10/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/16.10/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/16.10/templates/dns/gmail.tpl b/install/ubuntu/16.10/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/16.10/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/16.10/templates/web/apache2/basedir.stpl b/install/ubuntu/16.10/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..37c4a4b39 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/apache2/basedir.tpl b/install/ubuntu/16.10/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/apache2/default.stpl b/install/ubuntu/16.10/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/apache2/default.tpl b/install/ubuntu/16.10/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/apache2/hosting.stpl b/install/ubuntu/16.10/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..dee0eda9c --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/apache2/hosting.tpl b/install/ubuntu/16.10/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/16.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..6cd15df00 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/16.10/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..9c0ca5027 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/16.10/templates/web/awstats/awstats.tpl b/install/ubuntu/16.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/16.10/templates/web/awstats/index.tpl b/install/ubuntu/16.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/16.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/16.10/templates/web/awstats/nav.tpl b/install/ubuntu/16.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/16.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/16.10/templates/web/nginx/caching.sh b/install/ubuntu/16.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/16.10/templates/web/nginx/caching.stpl b/install/ubuntu/16.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/caching.tpl b/install/ubuntu/16.10/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/default.stpl b/install/ubuntu/16.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.10/templates/web/nginx/default.tpl b/install/ubuntu/16.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.sh b/install/ubuntu/16.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..62620789a --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%sdocroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.tpl b/install/ubuntu/16.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.stpl b/install/ubuntu/16.10/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.tpl b/install/ubuntu/16.10/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..e7f3dcc6b --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d9793aeb --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 000000000..f33ed5070 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 000000000..c0a5239e0 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/16.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/16.10/templates/web/php-fpm/default.tpl b/install/ubuntu/16.10/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/16.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/16.10/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/16.10/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/16.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/16.10/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/16.10/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/16.10/templates/web/skel/document_errors/403.html b/install/ubuntu/16.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/16.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/16.10/templates/web/skel/document_errors/404.html b/install/ubuntu/16.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/16.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/16.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/16.10/templates/web/skel/public_html/index.html b/install/ubuntu/16.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/16.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/16.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/16.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/16.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/16.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/16.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/16.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/16.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/16.10/templates/web/suspend/.htaccess b/install/ubuntu/16.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/16.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/16.10/templates/web/suspend/index.html b/install/ubuntu/16.10/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/16.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/16.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/16.10/vsftpd/vsftpd.conf b/install/ubuntu/16.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..034b016d2 --- /dev/null +++ b/install/ubuntu/16.10/vsftpd/vsftpd.conf @@ -0,0 +1,27 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_min_port=12000 +pasv_max_port=12100 +max_per_ip=10 +max_clients=100 +use_localtime=YES diff --git a/install/ubuntu/17.04/apache2/apache2.conf b/install/ubuntu/17.04/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/17.04/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/17.04/apache2/status.conf b/install/ubuntu/17.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/17.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/17.04/bind/named.conf b/install/ubuntu/17.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/17.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/17.04/clamav/clamd.conf b/install/ubuntu/17.04/clamav/clamd.conf new file mode 100644 index 000000000..4e04356ea --- /dev/null +++ b/install/ubuntu/17.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +# AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/17.04/deb_signing.key b/install/ubuntu/17.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/17.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/17.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/17.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/17.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/17.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/17.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/17.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-master.conf b/install/ubuntu/17.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/17.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/17.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..24cbf3e26 --- /dev/null +++ b/install/ubuntu/17.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,5 @@ +ssl = yes +ssl_protocols = !SSLv2 !SSLv3 + +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/17.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/17.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/17.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/17.04/dovecot/dovecot.conf b/install/ubuntu/17.04/dovecot/dovecot.conf new file mode 100644 index 000000000..311a33517 --- /dev/null +++ b/install/ubuntu/17.04/dovecot/dovecot.conf @@ -0,0 +1,24 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf + +namespace { + type = private + separator = / + prefix = + inbox = yes + + mailbox Sent { + auto = subscribe + special_use = \Sent + } + mailbox Drafts { + auto = subscribe + special_use = \Drafts + } + mailbox Trash { + auto = subscribe + special_use = \Trash + } +} diff --git a/install/ubuntu/17.04/exim/dnsbl.conf b/install/ubuntu/17.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/17.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/17.04/exim/exim4.conf.template b/install/ubuntu/17.04/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/17.04/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/17.04/exim/spam-blocks.conf b/install/ubuntu/17.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/17.04/fail2ban/action.d/vesta.conf b/install/ubuntu/17.04/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/17.04/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/17.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/17.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/17.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/17.04/fail2ban/jail.local b/install/ubuntu/17.04/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/17.04/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/17.04/firewall/ports.conf b/install/ubuntu/17.04/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/17.04/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/17.04/firewall/rules.conf b/install/ubuntu/17.04/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/17.04/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/17.04/logrotate/apache2 b/install/ubuntu/17.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/17.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/17.04/logrotate/dovecot b/install/ubuntu/17.04/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/17.04/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/17.04/logrotate/nginx b/install/ubuntu/17.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/17.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/17.04/logrotate/vesta b/install/ubuntu/17.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/17.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/17.04/mysql/my-large.cnf b/install/ubuntu/17.04/mysql/my-large.cnf new file mode 100644 index 000000000..7201377cd --- /dev/null +++ b/install/ubuntu/17.04/mysql/my-large.cnf @@ -0,0 +1,41 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/17.04/mysql/my-medium.cnf b/install/ubuntu/17.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/17.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/17.04/mysql/my-small.cnf b/install/ubuntu/17.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/17.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/17.04/nginx/nginx.conf b/install/ubuntu/17.04/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/17.04/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/17.04/nginx/phpmyadmin.inc b/install/ubuntu/17.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/17.04/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/17.04/nginx/phppgadmin.inc b/install/ubuntu/17.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/17.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/17.04/nginx/status.conf b/install/ubuntu/17.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/17.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/17.04/nginx/webmail.inc b/install/ubuntu/17.04/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/17.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/17.04/packages/default.pkg b/install/ubuntu/17.04/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/17.04/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/17.04/packages/gainsboro.pkg b/install/ubuntu/17.04/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/17.04/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/17.04/packages/palegreen.pkg b/install/ubuntu/17.04/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/17.04/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/17.04/packages/slategrey.pkg b/install/ubuntu/17.04/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/17.04/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/17.04/pga/config.inc.php b/install/ubuntu/17.04/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/17.04/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/17.04/pga/phppgadmin.conf b/install/ubuntu/17.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/17.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/17.04/php-fpm/www.conf b/install/ubuntu/17.04/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/17.04/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/17.04/pma/apache.conf b/install/ubuntu/17.04/pma/apache.conf new file mode 100644 index 000000000..81c1743a3 --- /dev/null +++ b/install/ubuntu/17.04/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/ + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/17.04/pma/config.inc.php b/install/ubuntu/17.04/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/17.04/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/17.04/roundcube/apache.conf b/install/ubuntu/17.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/17.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/17.04/roundcube/config.inc.php b/install/ubuntu/17.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/17.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/17.04/roundcube/main.inc.php b/install/ubuntu/17.04/roundcube/main.inc.php new file mode 100644 index 000000000..44b19793f --- /dev/null +++ b/install/ubuntu/17.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = true; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 30 seconds +$rcmail_config['draft_autosave'] = 30; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/17.04/roundcube/vesta.php b/install/ubuntu/17.04/roundcube/vesta.php new file mode 100644 index 000000000..b6646b2bb --- /dev/null +++ b/install/ubuntu/17.04/roundcube/vesta.php @@ -0,0 +1,73 @@ + + */ +class rcube_vesta_password +{ + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} \ No newline at end of file diff --git a/install/ubuntu/17.04/sudo/admin b/install/ubuntu/17.04/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/17.04/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/17.04/templates/dns/child-ns.tpl b/install/ubuntu/17.04/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/17.04/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/17.04/templates/dns/default.tpl b/install/ubuntu/17.04/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/17.04/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/17.04/templates/dns/gmail.tpl b/install/ubuntu/17.04/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/17.04/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/17.04/templates/web/apache2/basedir.stpl b/install/ubuntu/17.04/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..04c39fcf6 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/apache2/basedir.tpl b/install/ubuntu/17.04/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/apache2/default.stpl b/install/ubuntu/17.04/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/apache2/default.tpl b/install/ubuntu/17.04/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/apache2/hosting.stpl b/install/ubuntu/17.04/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..6d99c97c9 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/apache2/hosting.tpl b/install/ubuntu/17.04/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/17.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..b7bd884ee --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..37865a5ba --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.04/templates/web/awstats/awstats.tpl b/install/ubuntu/17.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/17.04/templates/web/awstats/index.tpl b/install/ubuntu/17.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/17.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/17.04/templates/web/awstats/nav.tpl b/install/ubuntu/17.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/17.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.sh b/install/ubuntu/17.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.stpl b/install/ubuntu/17.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.tpl b/install/ubuntu/17.04/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/default.stpl b/install/ubuntu/17.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.04/templates/web/nginx/default.tpl b/install/ubuntu/17.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.sh b/install/ubuntu/17.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/debian/templates/web/nginx/hosting.stpl b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl similarity index 94% rename from install/debian/templates/web/nginx/hosting.stpl rename to install/ubuntu/17.04/templates/web/nginx/hosting.stpl index d778d6333..1ef8994b6 100755 --- a/install/debian/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.tpl b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.stpl b/install/ubuntu/17.04/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.tpl b/install/ubuntu/17.04/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/invoiceninja.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/invoiceninja.stpl new file mode 100644 index 000000000..086e6a8e8 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/invoiceninja.stpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/invoiceninja.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/invoiceninja.tpl new file mode 100644 index 000000000..fd06523a9 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/invoiceninja.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/mautic.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/mautic.stpl new file mode 100644 index 000000000..a88e9b58f --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/mautic.stpl @@ -0,0 +1,48 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/mautic.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/mautic.tpl new file mode 100644 index 000000000..177d48757 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/mautic.tpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..0b3510004 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d933b306 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/17.04/templates/web/php-fpm/default.tpl b/install/ubuntu/17.04/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/17.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/17.04/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/17.04/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/17.04/templates/web/skel/document_errors/403.html b/install/ubuntu/17.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/17.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/17.04/templates/web/skel/document_errors/404.html b/install/ubuntu/17.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/17.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/17.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/17.04/templates/web/skel/public_html/index.html b/install/ubuntu/17.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/17.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/17.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/17.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/17.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/17.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/17.04/templates/web/suspend/.htaccess b/install/ubuntu/17.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/17.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/17.04/templates/web/suspend/index.html b/install/ubuntu/17.04/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/17.04/vsftpd/vsftpd.conf b/install/ubuntu/17.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..034b016d2 --- /dev/null +++ b/install/ubuntu/17.04/vsftpd/vsftpd.conf @@ -0,0 +1,27 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_min_port=12000 +pasv_max_port=12100 +max_per_ip=10 +max_clients=100 +use_localtime=YES diff --git a/install/ubuntu/17.10/apache2/apache2.conf b/install/ubuntu/17.10/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/17.10/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/17.10/apache2/status.conf b/install/ubuntu/17.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/17.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/17.10/bind/named.conf b/install/ubuntu/17.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/17.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/17.10/clamav/clamd.conf b/install/ubuntu/17.10/clamav/clamd.conf new file mode 100644 index 000000000..4e04356ea --- /dev/null +++ b/install/ubuntu/17.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +# AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/17.10/deb_signing.key b/install/ubuntu/17.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/17.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/17.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/17.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/17.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/17.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/17.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/17.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-master.conf b/install/ubuntu/17.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/17.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..24cbf3e26 --- /dev/null +++ b/install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,5 @@ +ssl = yes +ssl_protocols = !SSLv2 !SSLv3 + +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/17.10/dovecot/dovecot.conf b/install/ubuntu/17.10/dovecot/dovecot.conf new file mode 100644 index 000000000..311a33517 --- /dev/null +++ b/install/ubuntu/17.10/dovecot/dovecot.conf @@ -0,0 +1,24 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf + +namespace { + type = private + separator = / + prefix = + inbox = yes + + mailbox Sent { + auto = subscribe + special_use = \Sent + } + mailbox Drafts { + auto = subscribe + special_use = \Drafts + } + mailbox Trash { + auto = subscribe + special_use = \Trash + } +} diff --git a/install/ubuntu/17.10/exim/dnsbl.conf b/install/ubuntu/17.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/17.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/17.10/exim/exim4.conf.template b/install/ubuntu/17.10/exim/exim4.conf.template new file mode 100644 index 000000000..fc346486f --- /dev/null +++ b/install/ubuntu/17.10/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/17.10/exim/spam-blocks.conf b/install/ubuntu/17.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/17.10/fail2ban/action.d/vesta.conf b/install/ubuntu/17.10/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/17.10/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/17.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/17.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/17.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/17.10/fail2ban/jail.local b/install/ubuntu/17.10/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/17.10/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/17.10/firewall/ports.conf b/install/ubuntu/17.10/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/17.10/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/17.10/firewall/rules.conf b/install/ubuntu/17.10/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/17.10/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/17.10/logrotate/apache2 b/install/ubuntu/17.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/17.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/17.10/logrotate/dovecot b/install/ubuntu/17.10/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/17.10/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/17.10/logrotate/nginx b/install/ubuntu/17.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/17.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/17.10/logrotate/vesta b/install/ubuntu/17.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/17.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/17.10/mysql/my-large.cnf b/install/ubuntu/17.10/mysql/my-large.cnf new file mode 100644 index 000000000..7201377cd --- /dev/null +++ b/install/ubuntu/17.10/mysql/my-large.cnf @@ -0,0 +1,41 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/17.10/mysql/my-medium.cnf b/install/ubuntu/17.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/17.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/17.10/mysql/my-small.cnf b/install/ubuntu/17.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/17.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/17.10/nginx/nginx.conf b/install/ubuntu/17.10/nginx/nginx.conf new file mode 100644 index 000000000..6bc999f95 --- /dev/null +++ b/install/ubuntu/17.10/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/17.10/nginx/phpmyadmin.inc b/install/ubuntu/17.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/17.10/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/17.10/nginx/phppgadmin.inc b/install/ubuntu/17.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/17.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/17.10/nginx/status.conf b/install/ubuntu/17.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/17.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/17.10/nginx/webmail.inc b/install/ubuntu/17.10/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/17.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/17.10/packages/default.pkg b/install/ubuntu/17.10/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/17.10/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/17.10/packages/gainsboro.pkg b/install/ubuntu/17.10/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/17.10/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/17.10/packages/palegreen.pkg b/install/ubuntu/17.10/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/17.10/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/17.10/packages/slategrey.pkg b/install/ubuntu/17.10/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/17.10/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/17.10/pga/config.inc.php b/install/ubuntu/17.10/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/17.10/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/17.10/pga/phppgadmin.conf b/install/ubuntu/17.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/17.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/17.10/php-fpm/www.conf b/install/ubuntu/17.10/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/17.10/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/17.10/pma/apache.conf b/install/ubuntu/17.10/pma/apache.conf new file mode 100644 index 000000000..81c1743a3 --- /dev/null +++ b/install/ubuntu/17.10/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/ + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/17.10/pma/config.inc.php b/install/ubuntu/17.10/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/17.10/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/17.10/roundcube/apache.conf b/install/ubuntu/17.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/17.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/17.10/roundcube/config.inc.php b/install/ubuntu/17.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/17.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/17.10/roundcube/main.inc.php b/install/ubuntu/17.10/roundcube/main.inc.php new file mode 100644 index 000000000..44b19793f --- /dev/null +++ b/install/ubuntu/17.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = true; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 30 seconds +$rcmail_config['draft_autosave'] = 30; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/17.10/roundcube/vesta.php b/install/ubuntu/17.10/roundcube/vesta.php new file mode 100644 index 000000000..c271004d9 --- /dev/null +++ b/install/ubuntu/17.10/roundcube/vesta.php @@ -0,0 +1,72 @@ + + */ +class rcube_vesta_password { + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} diff --git a/install/ubuntu/17.10/sudo/admin b/install/ubuntu/17.10/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/17.10/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/17.10/templates/dns/child-ns.tpl b/install/ubuntu/17.10/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/17.10/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/17.10/templates/dns/default.tpl b/install/ubuntu/17.10/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/17.10/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/17.10/templates/dns/gmail.tpl b/install/ubuntu/17.10/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/17.10/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/17.10/templates/web/apache2/basedir.stpl b/install/ubuntu/17.10/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..04c39fcf6 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/apache2/basedir.tpl b/install/ubuntu/17.10/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/apache2/default.stpl b/install/ubuntu/17.10/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/apache2/default.tpl b/install/ubuntu/17.10/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/apache2/hosting.stpl b/install/ubuntu/17.10/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..6d99c97c9 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/apache2/hosting.tpl b/install/ubuntu/17.10/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/17.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..b7bd884ee --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..37865a5ba --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/17.10/templates/web/awstats/awstats.tpl b/install/ubuntu/17.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/17.10/templates/web/awstats/index.tpl b/install/ubuntu/17.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/17.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/17.10/templates/web/awstats/nav.tpl b/install/ubuntu/17.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/17.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.sh b/install/ubuntu/17.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.stpl b/install/ubuntu/17.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.tpl b/install/ubuntu/17.10/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/default.stpl b/install/ubuntu/17.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.10/templates/web/nginx/default.tpl b/install/ubuntu/17.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.sh b/install/ubuntu/17.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/templates/web/nginx/hosting.stpl b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl similarity index 94% rename from install/ubuntu/templates/web/nginx/hosting.stpl rename to install/ubuntu/17.10/templates/web/nginx/hosting.stpl index d778d6333..1ef8994b6 100755 --- a/install/ubuntu/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.tpl b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.stpl b/install/ubuntu/17.10/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.tpl b/install/ubuntu/17.10/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..d85bcce38 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..9c24c3ea8 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..d71863141 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..4f0b9ec7b --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..f85032bae --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..9d9840006 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..0d7930fae --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..6fd64db6b --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,94 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..704405f37 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..477f6f01b --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..fdab43aae --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..f410ab77c --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..f15a68c57 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..bc8b53a37 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..d6697d7a9 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..908b9aeb8 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..891566b93 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..78c1bb784 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..5ffc9ed5c --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..0b3510004 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..5cb553119 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..e0aeb524a --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..0d933b306 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/17.10/templates/web/php-fpm/default.tpl b/install/ubuntu/17.10/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/17.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/17.10/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/17.10/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/17.10/templates/web/skel/document_errors/403.html b/install/ubuntu/17.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/17.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/17.10/templates/web/skel/document_errors/404.html b/install/ubuntu/17.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/17.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/17.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/17.10/templates/web/skel/public_html/index.html b/install/ubuntu/17.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/17.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/17.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/17.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/17.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/17.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/17.10/templates/web/suspend/.htaccess b/install/ubuntu/17.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/17.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/17.10/templates/web/suspend/index.html b/install/ubuntu/17.10/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/17.10/vsftpd/vsftpd.conf b/install/ubuntu/17.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..034b016d2 --- /dev/null +++ b/install/ubuntu/17.10/vsftpd/vsftpd.conf @@ -0,0 +1,27 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_min_port=12000 +pasv_max_port=12100 +max_per_ip=10 +max_clients=100 +use_localtime=YES diff --git a/install/ubuntu/18.04/apache2/apache2.conf b/install/ubuntu/18.04/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/18.04/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/18.04/apache2/status.conf b/install/ubuntu/18.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/18.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/18.04/bind/named.conf b/install/ubuntu/18.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/18.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/18.04/clamav/clamd.conf b/install/ubuntu/18.04/clamav/clamd.conf new file mode 100644 index 000000000..4e04356ea --- /dev/null +++ b/install/ubuntu/18.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +# AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/18.04/deb_signing.key b/install/ubuntu/18.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/18.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/18.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/18.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/18.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/18.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..7a20878ae --- /dev/null +++ b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,9 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv +namespace inbox { + inbox = yes +} +first_valid_uid = 1000 +mbox_write_locks = fcntl diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-master.conf b/install/ubuntu/18.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/18.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..24cbf3e26 --- /dev/null +++ b/install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,5 @@ +ssl = yes +ssl_protocols = !SSLv2 !SSLv3 + +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/18.04/dovecot/dovecot.conf b/install/ubuntu/18.04/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/18.04/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/18.04/exim/dnsbl.conf b/install/ubuntu/18.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/18.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/18.04/exim/exim4.conf.template b/install/ubuntu/18.04/exim/exim4.conf.template new file mode 100644 index 000000000..c904441fb --- /dev/null +++ b/install/ubuntu/18.04/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/18.04/exim/spam-blocks.conf b/install/ubuntu/18.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/18.04/fail2ban/action.d/vesta.conf b/install/ubuntu/18.04/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/18.04/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/18.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/18.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/18.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/18.04/fail2ban/jail.local b/install/ubuntu/18.04/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/18.04/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/18.04/firewall/ports.conf b/install/ubuntu/18.04/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/18.04/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/18.04/firewall/rules.conf b/install/ubuntu/18.04/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/18.04/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/18.04/logrotate/apache2 b/install/ubuntu/18.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/18.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/18.04/logrotate/dovecot b/install/ubuntu/18.04/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/18.04/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/18.04/logrotate/nginx b/install/ubuntu/18.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/18.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/18.04/logrotate/vesta b/install/ubuntu/18.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/18.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/18.04/mysql/my-large.cnf b/install/ubuntu/18.04/mysql/my-large.cnf new file mode 100644 index 000000000..7201377cd --- /dev/null +++ b/install/ubuntu/18.04/mysql/my-large.cnf @@ -0,0 +1,41 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/18.04/mysql/my-medium.cnf b/install/ubuntu/18.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/18.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/18.04/mysql/my-small.cnf b/install/ubuntu/18.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/18.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/18.04/nginx/nginx.conf b/install/ubuntu/18.04/nginx/nginx.conf new file mode 100644 index 000000000..ecf42842e --- /dev/null +++ b/install/ubuntu/18.04/nginx/nginx.conf @@ -0,0 +1,140 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 60s; + client_body_timeout 60s; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 60s; + keepalive_timeout 30s; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_static on; + gzip_vary on; + gzip_comp_level 6; + gzip_min_length 1024; + gzip_buffers 16 8k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_buffers 32 4k; + proxy_connect_timeout 30s; + proxy_send_timeout 90s; + proxy_read_timeout 90s; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/13; + set_real_ip_from 104.24.0.0/14; + #set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:20m; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"; + ssl_prefer_server_ciphers on; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/18.04/nginx/phpmyadmin.inc b/install/ubuntu/18.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/18.04/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/18.04/nginx/phppgadmin.inc b/install/ubuntu/18.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/18.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/18.04/nginx/status.conf b/install/ubuntu/18.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/18.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/18.04/nginx/webmail.inc b/install/ubuntu/18.04/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/18.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/18.04/packages/default.pkg b/install/ubuntu/18.04/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/18.04/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.04/packages/gainsboro.pkg b/install/ubuntu/18.04/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/18.04/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.04/packages/palegreen.pkg b/install/ubuntu/18.04/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/18.04/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.04/packages/slategrey.pkg b/install/ubuntu/18.04/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/18.04/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.04/pga/config.inc.php b/install/ubuntu/18.04/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/18.04/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/18.04/pga/phppgadmin.conf b/install/ubuntu/18.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/18.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/18.04/php-fpm/www.conf b/install/ubuntu/18.04/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/18.04/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/18.04/pma/apache.conf b/install/ubuntu/18.04/pma/apache.conf new file mode 100644 index 000000000..81c1743a3 --- /dev/null +++ b/install/ubuntu/18.04/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/ + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/18.04/pma/config.inc.php b/install/ubuntu/18.04/pma/config.inc.php new file mode 100644 index 000000000..36093369b --- /dev/null +++ b/install/ubuntu/18.04/pma/config.inc.php @@ -0,0 +1,152 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/18.04/roundcube/apache.conf b/install/ubuntu/18.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/18.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/18.04/roundcube/config.inc.php b/install/ubuntu/18.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/18.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/18.04/roundcube/main.inc.php b/install/ubuntu/18.04/roundcube/main.inc.php new file mode 100644 index 000000000..32e0d4734 --- /dev/null +++ b/install/ubuntu/18.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcube/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail'; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = true; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 30 seconds +$rcmail_config['draft_autosave'] = 30; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/18.04/roundcube/vesta.php b/install/ubuntu/18.04/roundcube/vesta.php new file mode 100644 index 000000000..b4a2a6b6c --- /dev/null +++ b/install/ubuntu/18.04/roundcube/vesta.php @@ -0,0 +1,72 @@ + + */ +class rcube_vesta_password { + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} \ No newline at end of file diff --git a/install/ubuntu/18.04/sudo/admin b/install/ubuntu/18.04/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/18.04/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/18.04/templates/dns/child-ns.tpl b/install/ubuntu/18.04/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/18.04/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/18.04/templates/dns/default.tpl b/install/ubuntu/18.04/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/18.04/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/18.04/templates/dns/gmail.tpl b/install/ubuntu/18.04/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/18.04/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/18.04/templates/web/apache2/basedir.stpl b/install/ubuntu/18.04/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..04c39fcf6 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/apache2/basedir.tpl b/install/ubuntu/18.04/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/apache2/default.stpl b/install/ubuntu/18.04/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/apache2/default.tpl b/install/ubuntu/18.04/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/apache2/hosting.stpl b/install/ubuntu/18.04/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..6d99c97c9 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/apache2/hosting.tpl b/install/ubuntu/18.04/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/18.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..b7bd884ee --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..37865a5ba --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.04/templates/web/awstats/awstats.tpl b/install/ubuntu/18.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/18.04/templates/web/awstats/index.tpl b/install/ubuntu/18.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/18.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/18.04/templates/web/awstats/nav.tpl b/install/ubuntu/18.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/18.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.sh b/install/ubuntu/18.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.stpl b/install/ubuntu/18.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.tpl b/install/ubuntu/18.04/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/default.stpl b/install/ubuntu/18.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.04/templates/web/nginx/default.tpl b/install/ubuntu/18.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.sh b/install/ubuntu/18.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.stpl b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..1ef8994b6 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.tpl b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.stpl b/install/ubuntu/18.04/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.tpl b/install/ubuntu/18.04/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..003e91807 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..51f1f4085 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,60 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..e8dd8bf64 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cs-cart.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cs-cart.stpl new file mode 100644 index 000000000..9348a2690 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cs-cart.stpl @@ -0,0 +1,227 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + ############################################################################ + + # Default encoding + charset utf-8; + + ############################################################################ + + # Compression + gzip on; + gzip_disable "msie6"; + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types text/plain application/xml + application/javascript + text/css + text/js + text/xml + application/x-javascript + text/javascript + application/json + application/xml+rss; + + ############################################################################ + + # Other settings + client_max_body_size 100m; + client_body_buffer_size 128k; + client_header_timeout 3m; + client_body_timeout 3m; + send_timeout 3m; + client_header_buffer_size 1k; + large_client_header_buffers 4 16k; + + ############################################################################ + + error_page 598 = @backend; + + ############################################################################ + + location @backend { + try_files $uri $uri/ /$2$3 /$3 /index.php =404; + # The path to the PHP-FPM daemon socket + fastcgi_pass unix:/var/run/php/%domain%.sock; + # + fastcgi_index index.php; + fastcgi_read_timeout 360; + # Including the contents of fastcgi_params.conf + ################################################################################ + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_param REQUEST_URI $request_uri; + fastcgi_param DOCUMENT_URI $document_uri; + fastcgi_param DOCUMENT_ROOT $document_root; + fastcgi_param SERVER_PROTOCOL $server_protocol; + fastcgi_param HTTPS $https if_not_empty; + fastcgi_param GATEWAY_INTERFACE CGI/1.1; + fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + fastcgi_param REMOTE_ADDR $remote_addr; + fastcgi_param REMOTE_PORT $remote_port; + fastcgi_param SERVER_ADDR $server_addr; + fastcgi_param SERVER_PORT $server_port; + fastcgi_param SERVER_NAME $server_name; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param REDIRECT_STATUS 200; + ################################################################################ + } + + ############################################################################ + + location / { + index index.php index.html index.htm; + try_files $uri $uri/ /index.php?$args; + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?api/ { + rewrite ^/(\w+/)?(\w+/)?api/(.*)$ /api.php?_d=$3&ajax_custom=1&$args last; + rewrite_log off; + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?var/database/ { + return 404; + } + + location ~ ^/(\w+/)?(\w+/)?var/backups/ { + return 404; + } + + location ~ ^/(\w+/)?(\w+/)?var/restore/ { + return 404; + } + + location ~ ^/(\w+/)?(\w+/)?var/themes_repository/ { + allow all; + location ~* \.(tpl|php.?)$ { + return 404; + } + } + + location ~ ^/(\w+/)?(\w+/)?var/ { + return 404; + location ~* /(\w+/)?(\w+/)?(.+\.(js|css|png|jpe?g|gz|yml|xml))$ { + try_files $uri $uri/ /$2$3 /$3 /index.php?$args; + allow all; + access_log off; + expires 1M; + add_header Cache-Control public; + add_header Access-Control-Allow-Origin *; + } + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?app/payments/ { + return 404; + location ~ \.php$ { + return 598; + } + } + + location ~ ^/(\w+/)?(\w+/)?app/addons/rus_exim_1c/ { + return 404; + location ~ \.php$ { + return 598; + } + } + + location ~ ^/(\w+/)?(\w+/)?app/ { + return 404; + } + + ############################################################################ + + location ~ ^/(favicon|apple-touch-icon-|homescreen-|firefox-icon-|coast-icon-|mstile-).*\.(png|ico)$ { + access_log off; + try_files $uri =404; + expires max; + add_header Access-Control-Allow-Origin *; + add_header Cache-Control public; + } + + location ~* /(\w+/)?(\w+/)?(.+\.(jpe?g|jpg|ico|gif|png|css|js|pdf|txt|tar|woff|svg|ttf|eot|csv|zip|xml|yml))$ { + access_log off; + try_files $uri $uri/ /$2$3 /$3 /index.php?$args; + expires max; + add_header Access-Control-Allow-Origin *; + add_header Cache-Control public; + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?design/ { + allow all; + location ~* \.(tpl|php.?)$ { + return 404; + } + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?images/ { + allow all; + location ~* \.(php.?)$ { + return 404; + } + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?js/ { + allow all; + location ~* \.(php.?)$ { + return 404; + } + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?init.php { + return 404; + } + + location ~* \.(tpl.?)$ { + return 404; + } + + location ~ /\.(ht|git) { + return 404; + } + + location ~* \.php$ { + return 598 ; + } + + ################################################################################ + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cs-cart.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cs-cart.tpl new file mode 100644 index 000000000..2fef4068c --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cs-cart.tpl @@ -0,0 +1,224 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ############################################################################ + + # Default encoding + charset utf-8; + + ############################################################################ + + # Compression + gzip on; + gzip_disable "msie6"; + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types text/plain application/xml + application/javascript + text/css + text/js + text/xml + application/x-javascript + text/javascript + application/json + application/xml+rss; + + ############################################################################ + + # Other settings + client_max_body_size 100m; + client_body_buffer_size 128k; + client_header_timeout 3m; + client_body_timeout 3m; + send_timeout 3m; + client_header_buffer_size 1k; + large_client_header_buffers 4 16k; + + ############################################################################ + + error_page 598 = @backend; + + ############################################################################ + + location @backend { + try_files $uri $uri/ /$2$3 /$3 /index.php =404; + # The path to the PHP-FPM daemon socket + fastcgi_pass unix:/var/run/php/%domain%.sock; + # + fastcgi_index index.php; + fastcgi_read_timeout 360; + # Including the contents of fastcgi_params.conf + ################################################################################ + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_param REQUEST_URI $request_uri; + fastcgi_param DOCUMENT_URI $document_uri; + fastcgi_param DOCUMENT_ROOT $document_root; + fastcgi_param SERVER_PROTOCOL $server_protocol; + fastcgi_param HTTPS $https if_not_empty; + fastcgi_param GATEWAY_INTERFACE CGI/1.1; + fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + fastcgi_param REMOTE_ADDR $remote_addr; + fastcgi_param REMOTE_PORT $remote_port; + fastcgi_param SERVER_ADDR $server_addr; + fastcgi_param SERVER_PORT $server_port; + fastcgi_param SERVER_NAME $server_name; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param REDIRECT_STATUS 200; + ################################################################################ + } + + ############################################################################ + + location / { + index index.php index.html index.htm; + try_files $uri $uri/ /index.php?$args; + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?api/ { + rewrite ^/(\w+/)?(\w+/)?api/(.*)$ /api.php?_d=$3&ajax_custom=1&$args last; + rewrite_log off; + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?var/database/ { + return 404; + } + + location ~ ^/(\w+/)?(\w+/)?var/backups/ { + return 404; + } + + location ~ ^/(\w+/)?(\w+/)?var/restore/ { + return 404; + } + + location ~ ^/(\w+/)?(\w+/)?var/themes_repository/ { + allow all; + location ~* \.(tpl|php.?)$ { + return 404; + } + } + + location ~ ^/(\w+/)?(\w+/)?var/ { + return 404; + location ~* /(\w+/)?(\w+/)?(.+\.(js|css|png|jpe?g|gz|yml|xml))$ { + try_files $uri $uri/ /$2$3 /$3 /index.php?$args; + allow all; + access_log off; + expires 1M; + add_header Cache-Control public; + add_header Access-Control-Allow-Origin *; + } + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?app/payments/ { + return 404; + location ~ \.php$ { + return 598; + } + } + + location ~ ^/(\w+/)?(\w+/)?app/addons/rus_exim_1c/ { + return 404; + location ~ \.php$ { + return 598; + } + } + + location ~ ^/(\w+/)?(\w+/)?app/ { + return 404; + } + + ############################################################################ + + location ~ ^/(favicon|apple-touch-icon-|homescreen-|firefox-icon-|coast-icon-|mstile-).*\.(png|ico)$ { + access_log off; + try_files $uri =404; + expires max; + add_header Access-Control-Allow-Origin *; + add_header Cache-Control public; + } + + location ~* /(\w+/)?(\w+/)?(.+\.(jpe?g|jpg|ico|gif|png|css|js|pdf|txt|tar|woff|svg|ttf|eot|csv|zip|xml|yml))$ { + access_log off; + try_files $uri $uri/ /$2$3 /$3 /index.php?$args; + expires max; + add_header Access-Control-Allow-Origin *; + add_header Cache-Control public; + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?design/ { + allow all; + location ~* \.(tpl|php.?)$ { + return 404; + } + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?images/ { + allow all; + location ~* \.(php.?)$ { + return 404; + } + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?js/ { + allow all; + location ~* \.(php.?)$ { + return 404; + } + } + + ############################################################################ + + location ~ ^/(\w+/)?(\w+/)?init.php { + return 404; + } + + location ~* \.(tpl.?)$ { + return 404; + } + + location ~ /\.(ht|git) { + return 404; + } + + location ~* \.php$ { + return 598 ; + } + + ################################################################################ + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..96495ee85 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,126 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..38de83d29 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..c9387bfb4 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,71 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..6b20ba9d9 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,84 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..041ebba05 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..231d9441b --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,93 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/invoiceninja.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/invoiceninja.stpl new file mode 100644 index 000000000..086e6a8e8 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/invoiceninja.stpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/invoiceninja.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/invoiceninja.tpl new file mode 100644 index 000000000..fd06523a9 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/invoiceninja.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + sendfile off; + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..886b586ec --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..8e6e87744 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..5d05ea725 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,197 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/mautic.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/mautic.stpl new file mode 100644 index 000000000..a88e9b58f --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/mautic.stpl @@ -0,0 +1,48 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/mautic.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/mautic.tpl new file mode 100644 index 000000000..177d48757 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/mautic.tpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri /index.php?$query_string; + } + + location ~ '\.php$' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..23ce8eb88 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..10629c65f --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..7b3aff96d --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..223eb97a2 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..5b6e55e8f --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..b43fdc755 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,84 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..0a4a412f6 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..c9f918541 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..0b3510004 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl new file mode 100644 index 000000000..eebb3e428 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl @@ -0,0 +1,105 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl new file mode 100644 index 000000000..2c5c99880 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl @@ -0,0 +1,100 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..38de83d29 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..39cce361a --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..264ca01ae --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,71 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/18.04/templates/web/php-fpm/default.tpl b/install/ubuntu/18.04/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/18.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/18.04/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/18.04/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/18.04/templates/web/skel/document_errors/403.html b/install/ubuntu/18.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/18.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/18.04/templates/web/skel/document_errors/404.html b/install/ubuntu/18.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/18.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/18.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/18.04/templates/web/skel/public_html/index.html b/install/ubuntu/18.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/18.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/18.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/18.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/18.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/18.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/18.04/templates/web/suspend/.htaccess b/install/ubuntu/18.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/18.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/18.04/templates/web/suspend/index.html b/install/ubuntu/18.04/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/18.04/vsftpd/vsftpd.conf b/install/ubuntu/18.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..75e0104fe --- /dev/null +++ b/install/ubuntu/18.04/vsftpd/vsftpd.conf @@ -0,0 +1,40 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_promiscuous=YES +pasv_min_port=12000 +pasv_max_port=12100 +max_per_ip=10 +max_clients=100 +use_localtime=YES +utf8_filesystem=YES +ssl_enable=YES +allow_anon_ssl=NO +require_ssl_reuse=NO +ssl_ciphers=HIGH +ssl_tlsv1=YES +ssl_sslv2=NO +ssl_sslv3=NO +force_local_data_ssl=NO +force_local_logins_ssl=NO +rsa_cert_file=/usr/local/vesta/ssl/certificate.crt +rsa_private_key_file=/usr/local/vesta/ssl/certificate.key diff --git a/install/ubuntu/18.10/apache2/apache2.conf b/install/ubuntu/18.10/apache2/apache2.conf new file mode 100644 index 000000000..2756132ae --- /dev/null +++ b/install/ubuntu/18.10/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/18.10/apache2/status.conf b/install/ubuntu/18.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/18.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/18.10/bind/named.conf b/install/ubuntu/18.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/18.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/18.10/clamav/clamd.conf b/install/ubuntu/18.10/clamav/clamd.conf new file mode 100644 index 000000000..4e04356ea --- /dev/null +++ b/install/ubuntu/18.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +# AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/18.10/deb_signing.key b/install/ubuntu/18.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/18.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/18.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/18.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/18.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..7a20878ae --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,9 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv +namespace inbox { + inbox = yes +} +first_valid_uid = 1000 +mbox_write_locks = fcntl diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-master.conf b/install/ubuntu/18.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..24cbf3e26 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,5 @@ +ssl = yes +ssl_protocols = !SSLv2 !SSLv3 + +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/18.10/dovecot/dovecot.conf b/install/ubuntu/18.10/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/18.10/exim/dnsbl.conf b/install/ubuntu/18.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/18.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/18.10/exim/exim4.conf.template b/install/ubuntu/18.10/exim/exim4.conf.template new file mode 100644 index 000000000..c904441fb --- /dev/null +++ b/install/ubuntu/18.10/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/18.10/exim/spam-blocks.conf b/install/ubuntu/18.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/18.10/fail2ban/action.d/vesta.conf b/install/ubuntu/18.10/fail2ban/action.d/vesta.conf new file mode 100644 index 000000000..0edfc3491 --- /dev/null +++ b/install/ubuntu/18.10/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/18.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/18.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/18.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/18.10/fail2ban/jail.local b/install/ubuntu/18.10/fail2ban/jail.local new file mode 100644 index 000000000..013f81c46 --- /dev/null +++ b/install/ubuntu/18.10/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/18.10/firewall/ports.conf b/install/ubuntu/18.10/firewall/ports.conf new file mode 100644 index 000000000..b730d012c --- /dev/null +++ b/install/ubuntu/18.10/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/18.10/firewall/rules.conf b/install/ubuntu/18.10/firewall/rules.conf new file mode 100644 index 000000000..fba98e1e4 --- /dev/null +++ b/install/ubuntu/18.10/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/18.10/logrotate/apache2 b/install/ubuntu/18.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/18.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/18.10/logrotate/dovecot b/install/ubuntu/18.10/logrotate/dovecot new file mode 100644 index 000000000..ac4fd6e9f --- /dev/null +++ b/install/ubuntu/18.10/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/18.10/logrotate/nginx b/install/ubuntu/18.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/18.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/18.10/logrotate/vesta b/install/ubuntu/18.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/18.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/18.10/mysql/my-large.cnf b/install/ubuntu/18.10/mysql/my-large.cnf new file mode 100644 index 000000000..7201377cd --- /dev/null +++ b/install/ubuntu/18.10/mysql/my-large.cnf @@ -0,0 +1,41 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/18.10/mysql/my-medium.cnf b/install/ubuntu/18.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/18.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/18.10/mysql/my-small.cnf b/install/ubuntu/18.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/18.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/18.10/nginx/nginx.conf b/install/ubuntu/18.10/nginx/nginx.conf new file mode 100644 index 000000000..3b954e440 --- /dev/null +++ b/install/ubuntu/18.10/nginx/nginx.conf @@ -0,0 +1,140 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 60s; + client_body_timeout 60s; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 60s; + keepalive_timeout 30s; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_static on; + gzip_vary on; + gzip_comp_level 6; + gzip_min_length 1024; + gzip_buffers 16 8k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_buffers 32 4k; + proxy_connect_timeout 30s; + proxy_send_timeout 90s; + proxy_read_timeout 90s; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/13; + set_real_ip_from 104.24.0.0/14; + #set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:20m; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"; + ssl_prefer_server_ciphers on; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/18.10/nginx/phpmyadmin.inc b/install/ubuntu/18.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..cdfc93c4d --- /dev/null +++ b/install/ubuntu/18.10/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/18.10/nginx/phppgadmin.inc b/install/ubuntu/18.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..47cfcf4e2 --- /dev/null +++ b/install/ubuntu/18.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/18.10/nginx/status.conf b/install/ubuntu/18.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/18.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/18.10/nginx/webmail.inc b/install/ubuntu/18.10/nginx/webmail.inc new file mode 100644 index 000000000..768c90495 --- /dev/null +++ b/install/ubuntu/18.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/18.10/packages/default.pkg b/install/ubuntu/18.10/packages/default.pkg new file mode 100644 index 000000000..c2a935743 --- /dev/null +++ b/install/ubuntu/18.10/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.10/packages/gainsboro.pkg b/install/ubuntu/18.10/packages/gainsboro.pkg new file mode 100644 index 000000000..76d7dae2a --- /dev/null +++ b/install/ubuntu/18.10/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.10/packages/palegreen.pkg b/install/ubuntu/18.10/packages/palegreen.pkg new file mode 100644 index 000000000..3db5fe57e --- /dev/null +++ b/install/ubuntu/18.10/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.10/packages/slategrey.pkg b/install/ubuntu/18.10/packages/slategrey.pkg new file mode 100644 index 000000000..d89e796fd --- /dev/null +++ b/install/ubuntu/18.10/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.10/pga/config.inc.php b/install/ubuntu/18.10/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/ubuntu/18.10/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/18.10/pga/phppgadmin.conf b/install/ubuntu/18.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/18.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/18.10/php-fpm/www.conf b/install/ubuntu/18.10/php-fpm/www.conf new file mode 100644 index 000000000..3c87f33cc --- /dev/null +++ b/install/ubuntu/18.10/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/18.10/pma/apache.conf b/install/ubuntu/18.10/pma/apache.conf new file mode 100644 index 000000000..81c1743a3 --- /dev/null +++ b/install/ubuntu/18.10/pma/apache.conf @@ -0,0 +1,43 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/ + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/debian/pma.conf b/install/ubuntu/18.10/pma/config.inc.php similarity index 100% rename from install/debian/pma.conf rename to install/ubuntu/18.10/pma/config.inc.php diff --git a/install/ubuntu/18.10/postgresql/pg_hba.conf b/install/ubuntu/18.10/postgresql/pg_hba.conf new file mode 100644 index 000000000..1ba43941b --- /dev/null +++ b/install/ubuntu/18.10/postgresql/pg_hba.conf @@ -0,0 +1,11 @@ +# "local" is for Unix domain socket connections only +local all all ident + +# IPv4 local connections: +host all all 127.0.0.1/32 md5 + +# IPv6 local connections: +host all all ::1/128 md5 + +# Others +host all all 0.0.0.0/0 md5 diff --git a/install/ubuntu/18.10/proftpd/proftpd.conf b/install/ubuntu/18.10/proftpd/proftpd.conf new file mode 100644 index 000000000..69ec6b2ec --- /dev/null +++ b/install/ubuntu/18.10/proftpd/proftpd.conf @@ -0,0 +1,32 @@ +ServerName "FTP" +ServerIdent on "FTP Server ready." +ServerAdmin root@localhost +DefaultServer on +DefaultRoot ~ !adm + + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/18.10/roundcube/apache.conf b/install/ubuntu/18.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/18.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/18.10/roundcube/config.inc.php b/install/ubuntu/18.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/18.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/18.10/roundcube/main.inc.php b/install/ubuntu/18.10/roundcube/main.inc.php new file mode 100644 index 000000000..32e0d4734 --- /dev/null +++ b/install/ubuntu/18.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcube/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail'; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = true; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 30 seconds +$rcmail_config['draft_autosave'] = 30; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/18.10/roundcube/vesta.php b/install/ubuntu/18.10/roundcube/vesta.php new file mode 100644 index 000000000..b4a2a6b6c --- /dev/null +++ b/install/ubuntu/18.10/roundcube/vesta.php @@ -0,0 +1,72 @@ + + */ +class rcube_vesta_password { + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} \ No newline at end of file diff --git a/install/ubuntu/18.10/sudo/admin b/install/ubuntu/18.10/sudo/admin new file mode 100644 index 000000000..331fa1f2d --- /dev/null +++ b/install/ubuntu/18.10/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/18.10/templates/dns/child-ns.tpl b/install/ubuntu/18.10/templates/dns/child-ns.tpl new file mode 100755 index 000000000..42c046e4f --- /dev/null +++ b/install/ubuntu/18.10/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/18.10/templates/dns/default.tpl b/install/ubuntu/18.10/templates/dns/default.tpl new file mode 100755 index 000000000..e0a37e628 --- /dev/null +++ b/install/ubuntu/18.10/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/18.10/templates/dns/gmail.tpl b/install/ubuntu/18.10/templates/dns/gmail.tpl new file mode 100755 index 000000000..219c9d24e --- /dev/null +++ b/install/ubuntu/18.10/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/18.10/templates/web/apache2/basedir.stpl b/install/ubuntu/18.10/templates/web/apache2/basedir.stpl new file mode 100644 index 000000000..04c39fcf6 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/basedir.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/basedir.tpl b/install/ubuntu/18.10/templates/web/apache2/basedir.tpl new file mode 100644 index 000000000..a9d05ee66 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/default.stpl b/install/ubuntu/18.10/templates/web/apache2/default.stpl new file mode 100644 index 000000000..a5c509a9e --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/default.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/default.tpl b/install/ubuntu/18.10/templates/web/apache2/default.tpl new file mode 100644 index 000000000..e591a1cf1 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/default.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/hosting.stpl b/install/ubuntu/18.10/templates/web/apache2/hosting.stpl new file mode 100644 index 000000000..6d99c97c9 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,50 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/hosting.tpl b/install/ubuntu/18.10/templates/web/apache2/hosting.tpl new file mode 100644 index 000000000..b7c12699d --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/18.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl new file mode 100644 index 000000000..b7bd884ee --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl new file mode 100644 index 000000000..9d04361da --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 000000000..37865a5ba --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 000000000..152e7c694 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,32 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value sys_temp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/awstats/awstats.tpl b/install/ubuntu/18.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/18.10/templates/web/awstats/index.tpl b/install/ubuntu/18.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/18.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/18.10/templates/web/awstats/nav.tpl b/install/ubuntu/18.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.sh b/install/ubuntu/18.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..09d8efe75 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.stpl b/install/ubuntu/18.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..e149b98b5 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.tpl b/install/ubuntu/18.10/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/default.stpl b/install/ubuntu/18.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..0e669b3dc --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/default.tpl b/install/ubuntu/18.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.sh b/install/ubuntu/18.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.stpl b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..1ef8994b6 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.tpl b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.stpl b/install/ubuntu/18.10/templates/web/nginx/http2.stpl new file mode 100644 index 000000000..f225becd2 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.tpl b/install/ubuntu/18.10/templates/web/nginx/http2.tpl new file mode 100644 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..003e91807 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..f9e90393e --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..51f1f4085 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,60 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..d2422be2e --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..e8dd8bf64 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..54f81b998 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..96495ee85 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,126 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..3ea453471 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..38de83d29 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..c9387bfb4 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,71 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..0a9a75ed2 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 000000000..6b20ba9d9 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,84 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 000000000..0ae7568bb --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 000000000..041ebba05 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 000000000..6b41f319c --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 000000000..231d9441b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,93 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 000000000..452aa9e6f --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..886b586ec --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..91b7a8f16 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 000000000..8e6e87744 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 000000000..d14b0173b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 000000000..5d05ea725 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,197 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 000000000..3f292fff2 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 000000000..23ce8eb88 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 000000000..342d3ecf3 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 000000000..10629c65f --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 000000000..c20ba6482 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 000000000..7b3aff96d --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 000000000..7ff8aa1d9 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 000000000..223eb97a2 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 000000000..b1240aae0 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 000000000..5b6e55e8f --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 000000000..d0a9060b0 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..b43fdc755 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,84 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..e3ec31de8 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..0a4a412f6 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..f94fb7de5 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..c9f918541 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..297fe0e85 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 000000000..0b3510004 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 000000000..b27b427dd --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl new file mode 100644 index 000000000..eebb3e428 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl @@ -0,0 +1,105 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl new file mode 100644 index 000000000..2c5c99880 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl @@ -0,0 +1,100 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..38de83d29 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..a8909efbe --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..39cce361a --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..bccb8b3db --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 000000000..264ca01ae --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,71 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 000000000..39e366b73 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/18.10/templates/web/php-fpm/default.tpl b/install/ubuntu/18.10/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..816fa21f9 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/php-fpm/default.tpl @@ -0,0 +1,22 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..047c33edc --- /dev/null +++ b/install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/18.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/18.10/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..e427045ce --- /dev/null +++ b/install/ubuntu/18.10/templates/web/php-fpm/socket.tpl @@ -0,0 +1,25 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[sys_temp_dir] = /home/%user%/tmp +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/18.10/templates/web/skel/document_errors/403.html b/install/ubuntu/18.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/18.10/templates/web/skel/document_errors/404.html b/install/ubuntu/18.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/18.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/18.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/18.10/templates/web/skel/public_html/index.html b/install/ubuntu/18.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/18.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/18.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/18.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/18.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..1144ade96 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/18.10/templates/web/suspend/.htaccess b/install/ubuntu/18.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/18.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/18.10/templates/web/suspend/index.html b/install/ubuntu/18.10/templates/web/suspend/index.html new file mode 100755 index 000000000..f2d04e1f0 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+
+ Please contact the technical support department. +
+ + diff --git a/install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/18.10/vsftpd/vsftpd.conf b/install/ubuntu/18.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..75e0104fe --- /dev/null +++ b/install/ubuntu/18.10/vsftpd/vsftpd.conf @@ -0,0 +1,40 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_promiscuous=YES +pasv_min_port=12000 +pasv_max_port=12100 +max_per_ip=10 +max_clients=100 +use_localtime=YES +utf8_filesystem=YES +ssl_enable=YES +allow_anon_ssl=NO +require_ssl_reuse=NO +ssl_ciphers=HIGH +ssl_tlsv1=YES +ssl_sslv2=NO +ssl_sslv3=NO +force_local_data_ssl=NO +force_local_logins_ssl=NO +rsa_cert_file=/usr/local/vesta/ssl/certificate.crt +rsa_private_key_file=/usr/local/vesta/ssl/certificate.key diff --git a/install/ubuntu/apache2.readme.txt b/install/ubuntu/apache2.readme.txt deleted file mode 100644 index b8d05cbe1..000000000 --- a/install/ubuntu/apache2.readme.txt +++ /dev/null @@ -1,11 +0,0 @@ -# -# _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| -# _| _| _| _| _| _| _| -# _| _| _|_|_| _|_| _| _|_|_|_| -# _| _| _| _| _| _| _| -# _| _|_|_|_| _|_|_| _| _| _| -# -# -# Server is manager by Vesta Control Panel. -# See /etc/apache2/conf.d/vesta.conf to get a full list of running vhosts. -# diff --git a/install/ubuntu/certificate.crt b/install/ubuntu/certificate.crt deleted file mode 100644 index 4a3230ac2..000000000 --- a/install/ubuntu/certificate.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDqjCCApICCQCBAQdAxoNnAjANBgkqhkiG9w0BAQUFADCBljELMAkGA1UEBhMC -VVMxFjAUBgNVBAgMDU1hc3NhY2h1c2V0dHMxEzARBgNVBAcMClN3YW1wc2NvdHQx -EDAOBgNVBAoMB1Zlc3RhQ1AxCzAJBgNVBAsMAklUMRowGAYDVQQDDBFwYW5lbC52 -ZXN0YWNwLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B2ZXN0YWNwLmNvbTAeFw0x -MzA5MjMwNzA0NDVaFw0xNDA5MjMwNzA0NDVaMIGWMQswCQYDVQQGEwJVUzEWMBQG -A1UECAwNTWFzc2FjaHVzZXR0czETMBEGA1UEBwwKU3dhbXBzY290dDEQMA4GA1UE -CgwHVmVzdGFDUDELMAkGA1UECwwCSVQxGjAYBgNVBAMMEXBhbmVsLnZlc3RhY3Au -Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHZlc3RhY3AuY29tMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu84meigHrwPmzEbFpKe/o8FTKwO5w1VL0HU -ILVW5EBGT76VEBqpWC+x0QrChHit14FV7m+hZRvhhkulXrknChTTNA500EVNZ5Wb -UpDWezZDivTKAHzzq0aUwKB230Tz+k3j+duBcbzwFwirnDXb5dE5RqzBOhiIvDw9 -mjP66UyH8RxFF+pTAPlcF18zWak7KnaDreyGknzy7m+Zqs07uLnb0wTgcwIcqREP -eqgw0E8xrEdjz1N9HIvxi+glfnjNgHja3cCYhe9ZCpDDr9ERXrEcULrqRuch6Zfv -QKoscG4dankbq0V4DfpMBYMTvFvFLLp/uWvwLjunzfu37XmBLQIDAQABMA0GCSqG -SIb3DQEBBQUAA4IBAQBl+GF4Ii+7cW0tWVTsDh0Kw+rjc9bEA0eF4p3LBLEsFRkP -Yeqp2t0g8RTAAiq3OyUWYISzOX8xu0i56/3jUFazABBjz0P0w2A0BfRZS5TAEwxJ -TS9zAgobBuLtTh3FDJJIRXLJOKLJZVUmi6D+8QIQVOox0925tMIxGc9CxLK05bIc -HUYdHsn1gDwmTWem/XED559eWV/vGnvf3Ea0EHU76kTQaLPkul2y8BTbbLaHSw96 -1xFc8x9gqxWTT70YmBpZIApmSzvOGVXqTduMY/CeEbmigo1/1i2YMVjePFEDYnmE -/f6rNQrtM9kgtE+glWdA7zHlaigKl3SVof1ETStB ------END CERTIFICATE----- diff --git a/install/ubuntu/certificate.key b/install/ubuntu/certificate.key deleted file mode 100644 index eb913d684..000000000 --- a/install/ubuntu/certificate.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAvu84meigHrwPmzEbFpKe/o8FTKwO5w1VL0HUILVW5EBGT76V -EBqpWC+x0QrChHit14FV7m+hZRvhhkulXrknChTTNA500EVNZ5WbUpDWezZDivTK -AHzzq0aUwKB230Tz+k3j+duBcbzwFwirnDXb5dE5RqzBOhiIvDw9mjP66UyH8RxF -F+pTAPlcF18zWak7KnaDreyGknzy7m+Zqs07uLnb0wTgcwIcqREPeqgw0E8xrEdj -z1N9HIvxi+glfnjNgHja3cCYhe9ZCpDDr9ERXrEcULrqRuch6ZfvQKoscG4dankb -q0V4DfpMBYMTvFvFLLp/uWvwLjunzfu37XmBLQIDAQABAoIBAF59YsSAJCWxqgOC -dMZh/z85JkVAbQuZRIvjhwg81eiVinZSedCDcUUMLXKnYYZPdrDM9+rM4dF4z843 -R3quJIzPq4n6kYK0mU7m8fwVY5+MRjbRV9qP+8LKZjlB8DIkHJ3FyEnRgKj5+NNd -Xhgra0y7kx3Pxrxqgdit80qJ6OVlN2gsMjUcDBhqQev9Xs8cKYjYc1uPtFw14B2G -5fsNE8cHJA+hH/aym7xTaEQlz/JOKn2GsH/dOhm3RM2QygdyrVOBBj6rKSi03LMb -7QOkDvZ3nBltxQKOqs2PkYyEAdqR4dMZIPNxye/k21iVovLeMVe4lG7BmNOD6XwB -+TOhYh0CgYEA9WyUeSNPP309Br65wg61GdapWmQIaj7HSZE06BWhp82PPwHaF1yY -p9hWgo6fDxwHiTSLeUqEPXJMaPG+RxvYFc7Lc3JjOKU4ezR9fqz01LLtWXHVVT/x -RZuogMyaDhIjhwMyu4mybpUMkBQ/B3DFufrzTv0y8ljAc0nlFsuXaPMCgYEAxymI -btxZFGES6UNG7ldEaihll9MpP22/VghUeAaia0qgnXlYkbngIIhGpGJUkvZ2pduE -tfw2S20k38qvrWXx/NhLxmiVSIvq5TFi/22dfT20kfrdCcnkrp/tRpeR72IrQ6Kx -+6l7QHV5Gjcc4rvNc8mw7itVu+StgCYx+koD9V8CgYA8sThaaLf9XGxOEbaAXgC9 -Pg+tcdV+6L2B3O33gvnyNGx7SWr0ogqCX4atTLXbF7RpYtwnB52CUJTC0x2aGjGq -2vQHPb95z6oTFdz/CaiWPRVjLDp0lZaF/0OBbpeeaS/uAIV4SUod/LAZpVgc7++F -2aB35TfHJNma6ShFJd3wrwKBgBH444DtjXRTVjuKgKodYeUahCBxQ7Wfl7aRxd2W -66027MuJGb78wQbuhUFsRimE6CwLZSxu+A9SaBNx3OyO2Ilyk1PyOBZ12dqY3FAk -eiPFH7hUpQGvIF3JvMW0A81QVIsj8V++aYrljuoYsxiaze128+pqKrBr8GQyDiyB -5V2NAoGBAIPWovM20cbx6LpEuFN5Pmkl500F6sTc8F3DQVRe3JhwVhqHQXv7tUE1 -VHMqpMybUQin8q/RXvJ0vr2sQEe2fVC2a0FWJTqww1eMwu1V9ppUJAfXfaYWY+XJ -4d3myajakr0Eh3ia+IrSBcMRJ2sD3sL5KQC6jbD0R8odex4syiu2 ------END RSA PRIVATE KEY----- diff --git a/install/ubuntu/freshclam.conf b/install/ubuntu/freshclam.conf deleted file mode 100644 index 5e6ca56c1..000000000 --- a/install/ubuntu/freshclam.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Automatically created by the clamav-freshclam postinst -# Comments will get lost when you reconfigure the clamav-freshclam package - -DatabaseOwner clamav -UpdateLogFile /var/log/clamav/freshclam.log -LogVerbose false -LogSyslog false -LogFacility LOG_LOCAL6 -LogFileMaxSize 0 -LogTime true -Foreground false -Debug false -MaxAttempts 5 -DatabaseDirectory /var/lib/clamav -DNSDatabaseInfo current.cvd.clamav.net -AllowSupplementaryGroups false -PidFile /var/run/clamav/freshclam.pid -ConnectTimeout 30 -ReceiveTimeout 30 -TestDatabases yes -ScriptedUpdates yes -CompressLocalDatabase no -Bytecode true -# Check for new database 24 times a day -Checks 24 -DatabaseMirror db.local.clamav.net -DatabaseMirror database.clamav.net diff --git a/install/ubuntu/nginx.readme.txt b/install/ubuntu/nginx.readme.txt deleted file mode 100644 index e5db79e79..000000000 --- a/install/ubuntu/nginx.readme.txt +++ /dev/null @@ -1,11 +0,0 @@ -# -# _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| -# _| _| _| _| _| _| _| -# _| _| _|_|_| _|_| _| _|_|_|_| -# _| _| _| _| _| _| _| -# _| _|_|_|_| _|_|_| _| _| _| -# -# -# Server is manager by Vesta Control Panel. -# See /etc/nginx/conf.d/vesta.conf to get a full list of running vhosts. -# diff --git a/install/ubuntu/sudoers.admin.conf b/install/ubuntu/sudoers.admin.conf deleted file mode 100644 index b4f870395..000000000 --- a/install/ubuntu/sudoers.admin.conf +++ /dev/null @@ -1,3 +0,0 @@ -# Created by vesta installer -admin ALL=(ALL) ALL -admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/sudoers.conf b/install/ubuntu/sudoers.conf deleted file mode 100644 index 0e3058d18..000000000 --- a/install/ubuntu/sudoers.conf +++ /dev/null @@ -1,31 +0,0 @@ -# -# This file MUST be edited with the 'visudo' command as root. -# -# Please consider adding local content in /etc/sudoers.d/ instead of -# directly modifying this file. -# -# See the man page for details on how to write a sudoers file. -# -Defaults env_reset -Defaults mail_badpass -Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -Defaults env_keep="VESTA" - -# Host alias specification - -# User alias specification - -# Cmnd alias specification - -# User privilege specification -root ALL=(ALL:ALL) ALL - -# Members of the admin group may gain root privileges -%admin ALL=(ALL) ALL - -# Allow members of group sudo to execute any command -%sudo ALL=(ALL:ALL) ALL - -# See sudoers(5) for more information on "#include" directives: - -#includedir /etc/sudoers.d diff --git a/install/ubuntu/templates/dns/child-ns.tpl b/install/ubuntu/templates/dns/child-ns.tpl deleted file mode 100755 index 27f9b825b..000000000 --- a/install/ubuntu/templates/dns/child-ns.tpl +++ /dev/null @@ -1,11 +0,0 @@ -ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='6' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='7' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='8' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='9' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='11' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/templates/dns/default.tpl b/install/ubuntu/templates/dns/default.tpl deleted file mode 100755 index 38f963006..000000000 --- a/install/ubuntu/templates/dns/default.tpl +++ /dev/null @@ -1,9 +0,0 @@ -ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='4' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='5' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='6' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='8' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='9' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/templates/dns/gmail.tpl b/install/ubuntu/templates/dns/gmail.tpl deleted file mode 100755 index 59b4779f2..000000000 --- a/install/ubuntu/templates/dns/gmail.tpl +++ /dev/null @@ -1,14 +0,0 @@ -ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='6' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='ghs.google.com.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='7' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='8' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='9' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='10' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='11' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX2.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='13' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX3.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' -ID='14' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a ip4:%ip% include:_spf.google.com ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/templates/web/skel/public_html/index.html b/install/ubuntu/templates/web/skel/public_html/index.html deleted file mode 100755 index 4f5bb7244..000000000 --- a/install/ubuntu/templates/web/skel/public_html/index.html +++ /dev/null @@ -1,26 +0,0 @@ - - - %domain% — Coming Soon - - - - - - -

%domain%

- - - - - diff --git a/install/ubuntu/templates/web/skel/public_shtml/index.html b/install/ubuntu/templates/web/skel/public_shtml/index.html deleted file mode 100755 index 4f5bb7244..000000000 --- a/install/ubuntu/templates/web/skel/public_shtml/index.html +++ /dev/null @@ -1,26 +0,0 @@ - - - %domain% — Coming Soon - - - - - - -

%domain%

- - - - - diff --git a/install/ubuntu/vesta.conf b/install/ubuntu/vesta.conf deleted file mode 100644 index 6c148bd17..000000000 --- a/install/ubuntu/vesta.conf +++ /dev/null @@ -1,24 +0,0 @@ -WEB_SYSTEM='apache2' -WEB_RGROUPS='www-data' -WEB_PORT='8080' -WEB_SSL='mod_ssl' -WEB_SSL_PORT='8443' -PROXY_SYSTEM='nginx' -PROXY_PORT='80' -PROXY_SSL_PORT='443' -FTP_SYSTEM='vsftpd' -MAIL_SYSTEM='exim4' -IMAP_SYSTEM='dovecot' -ANTIVIRUS_SYSTEM='clamav-daemon' -ANTISPAM_SYSTEM='spamassassin' -DB_SYSTEM='mysql' -DNS_SYSTEM='bind9' -STATS_SYSTEM='webalizer,awstats' -BACKUP_SYSTEM='local' -CRON_SYSTEM='cron' -DISK_QUOTA='no' -FIREWALL_SYSTEM='iptables' -FIREWALL_EXTENSION='fail2ban' -REPOSITORY='cmmnt' -VERSION='0.9.8' -LANGUAGE='en' diff --git a/install/ubuntu/whmcs-module.php b/install/ubuntu/whmcs-module.php deleted file mode 100644 index b3b1710ee..000000000 --- a/install/ubuntu/whmcs-module.php +++ /dev/null @@ -1,342 +0,0 @@ - array( "Type" => "text", "Default" => "default"), - "SSH Access" => array( "Type" => "yesno", "Description" => "Tick to grant access", ), - "IP Address (optional)" => array( "Type" => "text" ), - ); - return $configarray; - -} - -function vesta_CreateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-user', - 'arg1' => $params["username"], - 'arg2' => $params["password"], - 'arg3' => $params["clientsdetails"]["email"], - 'arg4' => $params["configoption1"], - 'arg5' => $params["clientsdetails"]["firstname"], - 'arg6' => $params["clientsdetails"]["lastname"], - ); - $postdata = http_build_query($postvars); - - // Create user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - // Enable ssh access - if(($answer == 'OK') && ($params["configoption2"] == 'on')) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-shell', - 'arg1' => $params["username"], - 'arg2' => 'bash' - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - // Add domain - if(($answer == 'OK') && (!empty($params["domain"]))) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-domain', - 'arg1' => $params["username"], - 'arg2' => $params["domain"], - 'arg3' => $params["configoption3"], - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - return $result; - -} - -function vesta_TerminateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-delete-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Delete user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; - -} - -function vesta_SuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-suspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Susupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - -} - -function vesta_UnsuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-unsuspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Unsusupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - -} - -function vesta_ChangePassword($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-password', - 'arg1' => $params["username"], - 'arg2' => $params["password"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - return $result; - -} - -function vesta_ChangePackage($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-package', - 'arg1' => $params["username"], - 'arg2' => $params["configoption1"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - return $result; - -} - -function vesta_ClientArea($params) { - - $code = '
- - - - -
'; - return $code; - -} - -function vesta_AdminLink($params) { - - $code = '
- - - -
'; - return $code; - -} - -function vesta_LoginLink($params) { - - echo "control panel"; - -} - -function vesta_UsageUpdate($params) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-list-users', - 'arg1' => 'json' - ); - $postdata = http_build_query($postvars); - - // Get user stats - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - // Decode json data - $results = json_decode($answer, true); - - // Loop through results and update DB - foreach ($results AS $user=>$values) { - update_query("tblhosting",array( - "diskusage"=>$values['U_DISK'], - "disklimit"=>$values['DISK_QUOTA'], - "bwusage"=>$values['U_BANDWIDTH'], - "bwlimit"=>$values['BANDWIDTH'], - "lastupdate"=>"now()", - ),array("server"=>$params['serverid'], "username"=>$user)); - } - -} - -?> diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh new file mode 100644 index 000000000..9efdc29ad --- /dev/null +++ b/install/vst-install-amazon.sh @@ -0,0 +1,1456 @@ +#!/bin/bash + +# Vesta Amazon installer v.05 + +#----------------------------------------------------------# +# Variables&Functions # +#----------------------------------------------------------# +export PATH=$PATH:/sbin +RHOST='r.vestacp.com' +CHOST='c.vestacp.com' +REPO='cmmnt' +VERSION='rhel' +VESTA='/usr/local/vesta' +memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) +arch=$(uname -i) +os='rhel' +release='6' +codename="${os}_$release" +vestacp="$VESTA/install/$VERSION/$release" + +# Defining software pack for all distros +software="nginx httpd mod_ssl mod_ruid2 mod_fcgid mod_extract_forwarded + php php-common php-cli php-bcmath php-gd php-imap php-mbstring php-mcrypt + php-mysql php-pdo php-soap php-tidy php-xml php-xmlrpc php-fpm php-pgsql + awstats webalizer vsftpd proftpd bind bind-utils bind-libs exim dovecot + clamd clamav-update spamassassin mysql mysql-server phpMyAdmin postgresql + postgresql-server postgresql-contrib phpPgAdmin e2fsprogs openssh-clients + ImageMagick curl mc screen ftp zip unzip flex sqlite pcre sudo bc jwhois + mailx lsof tar telnet rrdtool net-tools ntp GeoIP freetype fail2ban + which vesta vesta-nginx vesta-php vim-common expect vesta-ioncube + vesta-softaculous" + +# Defining help function +help() { + echo "Usage: $0 [OPTIONS] + -a, --apache Install Apache [yes|no] default: yes + -n, --nginx Install Nginx [yes|no] default: yes + -w, --phpfpm Install PHP-FPM [yes|no] default: no + -v, --vsftpd Install Vsftpd [yes|no] default: yes + -j, --proftpd Install ProFTPD [yes|no] default: no + -k, --named Install Bind [yes|no] default: yes + -m, --mysql Install MySQL [yes|no] default: yes + -g, --postgresql Install PostgreSQL [yes|no] default: no + -x, --exim Install Exim [yes|no] default: yes + -z, --dovecot Install Dovecot [yes|no] default: yes + -c, --clamav Install ClamAV [yes|no] default: yes + -t, --spamassassin Install SpamAssassin [yes|no] default: yes + -i, --iptables Install Iptables [yes|no] default: yes + -b, --fail2ban Install Fail2ban [yes|no] default: yes + -r, --remi Install Remi repo [yes|no] default: yes + -o, --softaculous Install Softaculous [yes|no] default: yes + -q, --quota Filesystem Quota [yes|no] default: no + -l, --lang Default language default: en + -y, --interactive Interactive install [yes|no] default: yes + -s, --hostname Set hostname + -u, --ssl Add LE SSL for hostname [yes|no] default: no + -e, --email Set admin email + -d, --port Set Vesta port + -p, --password Set admin password + -f, --force Force installation + -h, --help Print this help + + Example: bash $0 -e demo@vestacp.com -p p4ssw0rd --apache no --phpfpm yes" + exit 1 +} + +# Defining password-gen function +gen_pass() { + MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' + LENGTH=10 + while [ ${n:=1} -le $LENGTH ]; do + PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}" + let n+=1 + done + echo "$PASS" +} + +# Defining 32 char blowfish_secret +blowfish_secret=`openssl rand -base64 32`; + +# Defining return code check function +check_result() { + if [ $1 -ne 0 ]; then + echo "Error: $2" + exit $1 + fi +} + +# Defining function to set default value +set_default_value() { + eval variable=\$$1 + if [ -z "$variable" ]; then + eval $1=$2 + fi + if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then + eval $1=$2 + fi +} + +# Defining function to set default language value +set_default_lang() { + if [ -z "$lang" ]; then + eval lang=$1 + fi + lang_list=" + ar cz el fa hu ja no pt se ua + bs da en fi id ka pl ro tr vi + cn de es fr it nl pt-BR ru tw + bg ko sr th ur" + if !(echo $lang_list |grep -w $lang 1>&2>/dev/null); then + eval lang=$1 + fi +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +# Translating argument to --gnu-long-options +for arg; do + delim="" + case "$arg" in + --apache) args="${args}-a " ;; + --nginx) args="${args}-n " ;; + --phpfpm) args="${args}-w " ;; + --vsftpd) args="${args}-v " ;; + --proftpd) args="${args}-j " ;; + --named) args="${args}-k " ;; + --mysql) args="${args}-m " ;; + --postgresql) args="${args}-g " ;; + --exim) args="${args}-x " ;; + --dovecot) args="${args}-z " ;; + --clamav) args="${args}-c " ;; + --spamassassin) args="${args}-t " ;; + --iptables) args="${args}-i " ;; + --fail2ban) args="${args}-b " ;; + --remi) args="${args}-r " ;; + --softaculous) args="${args}-o " ;; + --quota) args="${args}-q " ;; + --lang) args="${args}-l " ;; + --interactive) args="${args}-y " ;; + --hostname) args="${args}-s " ;; + --ssl) args="${args}-u " ;; + --email) args="${args}-e " ;; + --port) args="${args}-d " ;; + --password) args="${args}-p " ;; + --force) args="${args}-f " ;; + --help) args="${args}-h " ;; + *) [[ "${arg:0:1}" == "-" ]] || delim="\"" + args="${args}${delim}${arg}${delim} ";; + esac +done +eval set -- "$args" + +# Parsing arguments +while getopts "a:n:w:v:j:k:m:g:x:z:c:t:i:b:r:o:q:l:y:s:u:e:d:p:fh" Option; do + case $Option in + a) apache=$OPTARG ;; # Apache + n) nginx=$OPTARG ;; # Nginx + w) phpfpm=$OPTARG ;; # PHP-FPM + v) vsftpd=$OPTARG ;; # Vsftpd + j) proftpd=$OPTARG ;; # Proftpd + k) named=$OPTARG ;; # Named + m) mysql=$OPTARG ;; # MySQL + g) postgresql=$OPTARG ;; # PostgreSQL + x) exim=$OPTARG ;; # Exim + z) dovecot=$OPTARG ;; # Dovecot + c) clamd=$OPTARG ;; # ClamAV + t) spamd=$OPTARG ;; # SpamAssassin + i) iptables=$OPTARG ;; # Iptables + b) fail2ban=$OPTARG ;; # Fail2ban + r) remi=$OPTARG ;; # Remi repo + o) softaculous=$OPTARG ;; # Softaculous plugin + q) quota=$OPTARG ;; # FS Quota + l) lang=$OPTARG ;; # Language + y) interactive=$OPTARG ;; # Interactive install + s) servername=$OPTARG ;; # Hostname + u) ssl=$OPTARG ;; # Add Let's Encrypt SSL for hostname + e) email=$OPTARG ;; # Admin email + d) port=$OPTARG ;; # Vesta port + p) vpass=$OPTARG ;; # Admin password + f) force='yes' ;; # Force install + h) help ;; # Help + *) help ;; # Print help (default) + esac +done + +# Defining default software stack +set_default_value 'nginx' 'yes' +set_default_value 'apache' 'yes' +set_default_value 'phpfpm' 'no' +set_default_value 'vsftpd' 'yes' +set_default_value 'proftpd' 'no' +set_default_value 'named' 'yes' +set_default_value 'mysql' 'yes' +set_default_value 'postgresql' 'no' +set_default_value 'mongodb' 'no' +set_default_value 'exim' 'yes' +set_default_value 'dovecot' 'yes' +if [ $memory -lt 1500000 ]; then + set_default_value 'clamd' 'no' + set_default_value 'spamd' 'no' +else + set_default_value 'clamd' 'yes' + set_default_value 'spamd' 'yes' +fi +set_default_value 'iptables' 'yes' +set_default_value 'fail2ban' 'yes' +set_default_value 'remi' 'yes' +set_default_value 'softaculous' 'yes' +set_default_value 'quota' 'no' +set_default_value 'interactive' 'yes' +set_default_value 'ssl' 'no' +set_default_lang 'en' + +# Checking software conflicts +if [ "$phpfpm" = 'yes' ]; then + apache='no' + nginx='yes' +fi +if [ "$proftpd" = 'yes' ]; then + vsftpd='no' +fi +if [ "$exim" = 'no' ]; then + clamd='no' + spamd='no' + dovecot='no' +fi +if [ "$iptables" = 'no' ]; then + fail2ban='no' +fi + +# Checking root permissions +if [ "x$(id -u)" != 'x0' ]; then + check_result 1 "Script can be run executed only by root" +fi + +# Checking admin user account +if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then + echo 'Please remove admin user account before proceeding.' + echo 'If you want to do it automatically run installer with -f option:' + echo -e "Example: bash $0 --force\n" + check_result 1 "User admin exists" +fi + +# Checking wget +if [ ! -e '/usr/bin/wget' ]; then + yum -y install wget + check_result $? "Can't install wget" +fi + +# Checking repository availability +wget -q "c.vestacp.com/GPG.txt" -O /dev/null +check_result $? "No access to Vesta repository" + +# Checking installed packages +tmpfile=$(mktemp -p /tmp) +rpm -qa > $tmpfile +for pkg in exim mysql-server httpd nginx vesta; do + if [ ! -z "$(grep $pkg $tmpfile)" ]; then + conflicts="$pkg $conflicts" + fi +done +rm -f $tmpfile +if [ ! -z "$conflicts" ] && [ -z "$force" ]; then + echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' + echo + echo 'Following packages are already installed:' + echo "$conflicts" + echo + echo 'It is highly recommended to remove them before proceeding.' + echo 'If you want to force installation run this script with -f option:' + echo "Example: bash $0 --force" + echo + echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' + echo + check_result 1 "Control Panel should be installed on clean server." +fi + + +#----------------------------------------------------------# +# Brief Info # +#----------------------------------------------------------# + +# Printing nice ASCII logo +clear +echo +echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _| _|_|_| _|_| _| _|_|_|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _|_|_|_| _|_|_| _| _| _|' +echo +echo ' Vesta Control Panel' +echo -e "\n\n" + +echo 'The following software will be installed on your system:' + +# Web stack +if [ "$nginx" = 'yes' ]; then + echo ' - Nginx Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo ' - Apache Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo ' - Apache Web Server (as backend)' +fi +if [ "$phpfpm" = 'yes' ]; then + echo ' - PHP-FPM Application Server' +fi + +# DNS stack +if [ "$named" = 'yes' ]; then + echo ' - Bind DNS Server' +fi + +# Mail stack +if [ "$exim" = 'yes' ]; then + echo -n ' - Exim Mail Server' + if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ] ; then + echo -n ' + ' + if [ "$clamd" = 'yes' ]; then + echo -n 'ClamAV ' + fi + if [ "$spamd" = 'yes' ]; then + echo -n 'SpamAssassin' + fi + fi + echo + if [ "$dovecot" = 'yes' ]; then + echo ' - Dovecot POP3/IMAP Server' + fi +fi + +# Database stack +if [ "$mysql" = 'yes' ]; then + if [ $release -ge 7 ]; then + echo ' - MariaDB Database Server' + else + echo ' - MySQL Database Server' + fi +fi +if [ "$postgresql" = 'yes' ]; then + echo ' - PostgreSQL Database Server' +fi +if [ "$mongodb" = 'yes' ]; then + echo ' - MongoDB Database Server' +fi + +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo ' - Vsftpd FTP Server' +fi +if [ "$proftpd" = 'yes' ]; then + echo ' - ProFTPD FTP Server' +fi + +# LE SSL for hostname +if [ "$ssl" = 'yes' ]; then + echo ' - LE SSL for hostname' +fi + +# Softaculous +if [ "$softaculous" = 'yes' ]; then + echo ' - Softaculous Plugin' +fi + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo -n ' - Iptables Firewall' +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo -n ' + Fail2Ban' +fi +echo -e "\n\n" + +# Asking for confirmation to proceed +if [ "$interactive" = 'yes' ]; then + read -p 'Would you like to continue [y/n]: ' answer + if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then + echo 'Goodbye' + exit 1 + fi + + # Asking for contact email + if [ -z "$email" ]; then + read -p 'Please enter admin email address: ' email + fi + + # Asking for Vesta port + if [ -z "$port" ]; then + read -p 'Please enter Vesta port number (press enter for 8083): ' port + fi + + # Asking to set FQDN hostname + if [ -z "$servername" ]; then + read -p "Please enter FQDN hostname [$(hostname)]: " servername + fi +fi + +# Generating admin password if it wasn't set +if [ -z "$vpass" ]; then + vpass=$(gen_pass) +fi + +# Set hostname if it wasn't set +if [ -z "$servername" ]; then + servername=$(hostname -f) +fi + +# Set FQDN if it wasn't set +mask1='(([[:alnum:]](-?[[:alnum:]])*)\.)' +mask2='*[[:alnum:]](-?[[:alnum:]])+\.[[:alnum:]]{2,}' +if ! [[ "$servername" =~ ^${mask1}${mask2}$ ]]; then + if [ ! -z "$servername" ]; then + servername="$servername.example.com" + else + servername="example.com" + fi + echo "127.0.0.1 $servername" >> /etc/hosts +fi + +# Set email if it wasn't set +if [ -z "$email" ]; then + email="admin@$servername" +fi + +# Set port if it wasn't set +if [ -z "$port" ]; then + port="8083" +fi + +# Defining backup directory +vst_backups="/root/vst_install_backups/$(date +%s)" +echo "Installation backup directory: $vst_backups" + +# Printing start message and sleeping for 5 seconds +echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" +sleep 5 + + +#----------------------------------------------------------# +# Checking swap # +#----------------------------------------------------------# + +# Checking swap on small instances +if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then + fallocate -l 1G /swapfile + chmod 600 /swapfile + mkswap /swapfile + swapon /swapfile + echo "/swapfile none swap sw 0 0" >> /etc/fstab +fi + + +#----------------------------------------------------------# +# Install repositories # +#----------------------------------------------------------# + +# Updating system +yum -y update +check_result $? 'yum update failed' + +# Enabling EPEL repository +sed "1,10s/enabled=0/enabled=1/" -i /etc/yum.repos.d/epel.repo +yum -y update +check_result $? "Can't install EPEL repository" + +# Installing Nginx repository +nrepo="/etc/yum.repos.d/nginx.repo" +echo "[nginx]" > $nrepo +echo "name=nginx repo" >> $nrepo +echo "baseurl=http://nginx.org/packages/centos/$release/\$basearch/" >> $nrepo +echo "gpgcheck=0" >> $nrepo +echo "enabled=1" >> $nrepo + +# Installing Vesta repository +vrepo='/etc/yum.repos.d/vesta.repo' +echo "[vesta]" > $vrepo +echo "name=Vesta - $REPO" >> $vrepo +echo "baseurl=http://$RHOST/$REPO/$release/\$basearch/" >> $vrepo +echo "enabled=1" >> $vrepo +echo "gpgcheck=1" >> $vrepo +echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA" >> $vrepo +wget c.vestacp.com/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA + + +#----------------------------------------------------------# +# Backup # +#----------------------------------------------------------# + +# Creating backup directory tree +mkdir -p $vst_backups +cd $vst_backups +mkdir nginx httpd php php-fpm vsftpd proftpd named exim dovecot clamd \ + spamassassin mysql postgresql mongodb vesta + +# Backup Nginx configuration +service nginx stop > /dev/null 2>&1 +cp -r /etc/nginx/* $vst_backups/nginx > /dev/null 2>&1 + +# Backup Apache configuration +service httpd stop > /dev/null 2>&1 +cp -r /etc/httpd/* $vst_backups/httpd > /dev/null 2>&1 + +# Backup PHP-FPM configuration +service php-fpm stop >/dev/null 2>&1 +cp /etc/php.ini $vst_backups/php > /dev/null 2>&1 +cp -r /etc/php.d $vst_backups/php > /dev/null 2>&1 +cp /etc/php-fpm.conf $vst_backups/php-fpm > /dev/null 2>&1 +mv -f /etc/php-fpm.d/* $vst_backups/php-fpm/ > /dev/null 2>&1 + +# Backup Bind configuration +yum remove bind-chroot > /dev/null 2>&1 +service named stop > /dev/null 2>&1 +cp /etc/named.conf $vst_backups/named >/dev/null 2>&1 + +# Backup Vsftpd configuration +service vsftpd stop > /dev/null 2>&1 +cp /etc/vsftpd/vsftpd.conf $vst_backups/vsftpd >/dev/null 2>&1 + +# Backup ProFTPD configuration +service proftpd stop > /dev/null 2>&1 +cp /etc/proftpd.conf $vst_backups/proftpd >/dev/null 2>&1 + +# Backup Exim configuration +service exim stop > /dev/null 2>&1 +cp -r /etc/exim/* $vst_backups/exim >/dev/null 2>&1 + +# Backup ClamAV configuration +service clamd.scan stop > /dev/null 2>&1 +cp /etc/clamd.conf $vst_backups/clamd >/dev/null 2>&1 +cp -r /etc/clamd.d $vst_backups/clamd >/dev/null 2>&1 + +# Backup SpamAssassin configuration +service spamassassin stop > /dev/null 2>&1 +cp -r /etc/mail/spamassassin/* $vst_backups/spamassassin >/dev/null 2>&1 + +# Backup Dovecot configuration +service dovecot stop > /dev/null 2>&1 +cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1 +cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1 + +# Backup MySQL/MariaDB configuration and data +service mysql stop > /dev/null 2>&1 +service mysqld stop > /dev/null 2>&1 +service mariadb stop > /dev/null 2>&1 +mv /var/lib/mysql $vst_backups/mysql/mysql_datadir >/dev/null 2>&1 +cp /etc/my.cnf $vst_backups/mysql > /dev/null 2>&1 +cp /etc/my.cnf.d $vst_backups/mysql > /dev/null 2>&1 +mv /root/.my.cnf $vst_backups/mysql > /dev/null 2>&1 + +# Backup MySQL/MariaDB configuration and data +service postgresql stop > /dev/null 2>&1 +mv /var/lib/pgsql/data $vst_backups/postgresql/ >/dev/null 2>&1 + +# Backup Vesta +service vesta stop > /dev/null 2>&1 +mv $VESTA/data/* $vst_backups/vesta > /dev/null 2>&1 +mv $VESTA/conf/* $vst_backups/vesta > /dev/null 2>&1 + + +#----------------------------------------------------------# +# Package Excludes # +#----------------------------------------------------------# + +# Excluding packages +if [ "$nginx" = 'no' ]; then + software=$(echo "$software" | sed -e "s/^nginx//") +fi +if [ "$apache" = 'no' ]; then + software=$(echo "$software" | sed -e "s/httpd//") + software=$(echo "$software" | sed -e "s/mod_ssl//") + software=$(echo "$software" | sed -e "s/mod_fcgid//") + software=$(echo "$software" | sed -e "s/mod_ruid2//") +fi +if [ "$phpfpm" = 'no' ]; then + software=$(echo "$software" | sed -e "s/php-fpm//") +fi +if [ "$vsftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/vsftpd//") +fi +if [ "$proftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/proftpd//") +fi +if [ "$named" = 'no' ]; then + software=$(echo "$software" | sed -e "s/bind //") +fi +if [ "$exim" = 'no' ]; then + software=$(echo "$software" | sed -e "s/exim//") + software=$(echo "$software" | sed -e "s/dovecot//") + software=$(echo "$software" | sed -e "s/clamd//") + software=$(echo "$software" | sed -e "s/clamav-server//") + software=$(echo "$software" | sed -e "s/clamav-update//") + software=$(echo "$software" | sed -e "s/spamassassin//") + software=$(echo "$software" | sed -e "s/dovecot//") + software=$(echo "$software" | sed -e "s/roundcubemail//") +fi +if [ "$clamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/clamd//") + software=$(echo "$software" | sed -e "s/clamav-server//") + software=$(echo "$software" | sed -e "s/clamav-update//") +fi +if [ "$spamd" = 'no' ]; then + software=$(echo "$software" | sed -e 's/spamassassin//') +fi +if [ "$dovecot" = 'no' ]; then + software=$(echo "$software" | sed -e "s/dovecot//") +fi +if [ "$mysql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/mysql //') + software=$(echo "$software" | sed -e 's/mysql-server//') + software=$(echo "$software" | sed -e 's/mariadb //') + software=$(echo "$software" | sed -e 's/mariadb-server//') + software=$(echo "$software" | sed -e 's/php-mysql//') + software=$(echo "$software" | sed -e 's/phpMyAdmin//') + software=$(echo "$software" | sed -e 's/roundcubemail//') +fi +if [ "$postgresql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/postgresql //') + software=$(echo "$software" | sed -e 's/postgresql-server//') + software=$(echo "$software" | sed -e 's/postgresql-contrib//') + software=$(echo "$software" | sed -e 's/php-pgsql//') + software=$(echo "$software" | sed -e 's/phpPgAdmin//') +fi +if [ "$softaculous" = 'no' ]; then + software=$(echo "$software" | sed -e 's/vesta-softaculous//') +fi +if [ "$iptables" = 'no' ] || [ "$fail2ban" = 'no' ]; then + software=$(echo "$software" | sed -e 's/fail2ban//') +fi + + +#----------------------------------------------------------# +# Install packages # +#----------------------------------------------------------# + +# Installing rpm packages +yum -y install $software +check_result $? "yum install failed" + +# Installing roundcube +if [ "$exim" != 'no' ]; then + yum -y install --exclude=php-pear-Auth-SASL-0:1.0.4-1.2.amzn1.noarch \ + --exclude=php5\* --exclude=httpd24\* roundcubemail + check_result $? "yum install failed" +fi + +#----------------------------------------------------------# +# Configure system # +#----------------------------------------------------------# + +# Restarting rsyslog +service rsyslog restart > /dev/null 2>&1 + +# Checking ipv6 on loopback interface +check_lo_ipv6=$(/sbin/ip addr | grep 'inet6') +check_rc_ipv6=$(grep 'scope global dev lo' /etc/rc.local) +if [ ! -z "$check_lo_ipv6)" ] && [ -z "$check_rc_ipv6" ]; then + ip addr add ::2/128 scope global dev lo + echo "# Vesta: Workraround for openssl validation func" >> /etc/rc.local + echo "ip addr add ::2/128 scope global dev lo" >> /etc/rc.local + chmod a+x /etc/rc.local +fi + +# Disabling SELinux +if [ -e '/etc/sysconfig/selinux' ]; then + sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux + sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config + setenforce 0 2>/dev/null +fi + +# Disabling iptables +service iptables stop + +# Configuring NTP synchronization +echo '#!/bin/sh' > /etc/cron.daily/ntpdate +echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate +chmod 775 /etc/cron.daily/ntpdate +ntpdate -s pool.ntp.org + +# Disabling webalizer routine +rm -f /etc/cron.daily/00webalizer + +# Adding backup user +adduser backup 2>/dev/null +ln -sf /home/backup /backup +chmod a+x /backup + +# Set directory color +echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile + +# Changing default systemd interval +if [ "$release" -eq '7' ]; then + # Hi Lennart + echo "DefaultStartLimitInterval=1s" >> /etc/systemd/system.conf + echo "DefaultStartLimitBurst=60" >> /etc/systemd/system.conf + systemctl daemon-reexec +fi + + +#----------------------------------------------------------# +# Configure VESTA # +#----------------------------------------------------------# + +# Installing sudo configuration +mkdir -p /etc/sudoers.d +cp -f $vestacp/sudo/admin /etc/sudoers.d/ +chmod 440 /etc/sudoers.d/admin + +# Configuring system env +echo "export VESTA='$VESTA'" > /etc/profile.d/vesta.sh +chmod 755 /etc/profile.d/vesta.sh +source /etc/profile.d/vesta.sh +echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile +echo 'export PATH' >> /root/.bash_profile +source /root/.bash_profile + +# Configuring logrotate for vesta logs +cp -f $vestacp/logrotate/vesta /etc/logrotate.d/ + +# Building directory tree and creating some blank files for vesta +mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \ + $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \ + $VESTA/data/sessions +touch $VESTA/data/queue/backup.pipe $VESTA/data/queue/disk.pipe \ + $VESTA/data/queue/webstats.pipe $VESTA/data/queue/restart.pipe \ + $VESTA/data/queue/traffic.pipe $VESTA/log/system.log \ + $VESTA/log/nginx-error.log $VESTA/log/auth.log +chmod 750 $VESTA/conf $VESTA/data/users $VESTA/data/ips $VESTA/log +chmod -R 750 $VESTA/data/queue +chmod 660 $VESTA/log/* +rm -f /var/log/vesta +ln -s $VESTA/log /var/log/vesta +chmod 770 $VESTA/data/sessions + +# Generating vesta configuration +rm -f $VESTA/conf/vesta.conf 2>/dev/null +touch $VESTA/conf/vesta.conf +chmod 660 $VESTA/conf/vesta.conf + +# Web stack +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='8080'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='8443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "PROXY_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "PROXY_PORT='80'" >> $VESTA/conf/vesta.conf + echo "PROXY_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'no' ] && [ "$nginx" = 'yes' ]; then + echo "WEB_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='openssl'" >> $VESTA/conf/vesta.conf + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf + fi + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi + +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo "FTP_SYSTEM='vsftpd'" >> $VESTA/conf/vesta.conf +fi +if [ "$proftpd" = 'yes' ]; then + echo "FTP_SYSTEM='proftpd'" >> $VESTA/conf/vesta.conf +fi + +# DNS stack +if [ "$named" = 'yes' ]; then + echo "DNS_SYSTEM='named'" >> $VESTA/conf/vesta.conf +fi + +# Mail stack +if [ "$exim" = 'yes' ]; then + echo "MAIL_SYSTEM='exim'" >> $VESTA/conf/vesta.conf + if [ "$clamd" = 'yes' ]; then + echo "ANTIVIRUS_SYSTEM='clamd.scan'" >> $VESTA/conf/vesta.conf + fi + if [ "$spamd" = 'yes' ]; then + echo "ANTISPAM_SYSTEM='spamassassin'" >> $VESTA/conf/vesta.conf + fi + if [ "$dovecot" = 'yes' ]; then + echo "IMAP_SYSTEM='dovecot'" >> $VESTA/conf/vesta.conf + fi +fi + +# Cron daemon +echo "CRON_SYSTEM='crond'" >> $VESTA/conf/vesta.conf + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo "FIREWALL_EXTENSION='fail2ban'" >> $VESTA/conf/vesta.conf +fi + +# Disk quota +if [ "$quota" = 'yes' ]; then + echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf +fi + +# Backups +echo "BACKUP_SYSTEM='local'" >> $VESTA/conf/vesta.conf + +# Language +echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf + +# Version +echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf + +# Installing hosting packages +cp -rf $vestacp/packages $VESTA/data/ + +# Installing templates +cp -rf $vestacp/templates $VESTA/data/ + +# Copying index.html to default documentroot +cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/html/ +sed -i 's/%domain%/It worked!/g' /var/www/html/index.html + +# Installing firewall rules +chkconfig firewalld off >/dev/null 2>&1 +cp -rf $vestacp/firewall $VESTA/data/ + +# Configuring server hostname +$VESTA/bin/v-change-sys-hostname $servername 2>/dev/null + +# Generating SSL certificate +$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ + 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem + +# Parsing certificate file +crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) +key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) +key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) + +# Adding SSL certificate +cd $VESTA/ssl +sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt +sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key +chown root:mail $VESTA/ssl/* +chmod 660 $VESTA/ssl/* +rm /tmp/vst.pem + + +#----------------------------------------------------------# +# Configure Nginx # +#----------------------------------------------------------# + +if [ "$nginx" = 'yes' ]; then + rm -f /etc/nginx/conf.d/*.conf + cp -f $vestacp/nginx/nginx.conf /etc/nginx/ + cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/ + cp -f $vestacp/nginx/phpmyadmin.inc /etc/nginx/conf.d/ + cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/ + cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/ + cp -f $vestacp/logrotate/nginx /etc/logrotate.d/ + echo > /etc/nginx/conf.d/vesta.conf + mkdir -p /var/log/nginx/domains + if [ "$release" -ge 7 ]; then + mkdir -p /etc/systemd/system/nginx.service.d + cd /etc/systemd/system/nginx.service.d + echo "[Service]" > limits.conf + echo "LimitNOFILE=500000" >> limits.conf + fi + chkconfig nginx on + service nginx start + check_result $? "nginx start failed" + + # Workaround for OpenVZ/Virtuozzo + if [ "$release" -ge '7' ] && [ -e "/proc/vz/veinfo" ]; then + echo "#Vesta: workraround for networkmanager" >> /etc/rc.local + echo "sleep 3 && service nginx restart" >> /etc/rc.local + fi +fi + + +#----------------------------------------------------------# +# Configure Apache # +#----------------------------------------------------------# + +if [ "$apache" = 'yes' ]; then + cp -f $vestacp/httpd/httpd.conf /etc/httpd/conf/ + cp -f $vestacp/httpd/status.conf /etc/httpd/conf.d/ + cp -f $vestacp/httpd/ssl.conf /etc/httpd/conf.d/ + cp -f $vestacp/httpd/ruid2.conf /etc/httpd/conf.d/ + cp -f $vestacp/logrotate/httpd /etc/logrotate.d/ + if [ $release -lt 7 ]; then + cd /etc/httpd/conf.d + echo "MEFaccept 127.0.0.1" >> mod_extract_forwarded.conf + echo > proxy_ajp.conf + fi + if [ -e "/etc/httpd/conf.modules.d/00-dav.conf" ]; then + cd /etc/httpd/conf.modules.d + sed -i "s/^/#/" 00-dav.conf 00-lua.conf 00-proxy.conf + fi + echo > /etc/httpd/conf.d/vesta.conf + cd /var/log/httpd + touch access_log error_log suexec.log + chmod 640 access_log error_log suexec.log + chmod -f 777 /var/lib/php/session + chmod a+x /var/log/httpd + mkdir -p /var/log/httpd/domains + chmod 751 /var/log/httpd/domains + if [ "$release" -ge 7 ]; then + mkdir -p /etc/systemd/system/httpd.service.d + cd /etc/systemd/system/httpd.service.d + echo "[Service]" > limits.conf + echo "LimitNOFILE=500000" >> limits.conf + fi + chkconfig httpd on + service httpd start + check_result $? "httpd start failed" + + # Workaround for OpenVZ/Virtuozzo + if [ "$release" -ge '7' ] && [ -e "/proc/vz/veinfo" ]; then + echo "#Vesta: workraround for networkmanager" >> /etc/rc.local + echo "sleep 2 && service httpd restart" >> /etc/rc.local + fi +fi + + +#----------------------------------------------------------# +# Configure PHP-FPM # +#----------------------------------------------------------# + +if [ "$phpfpm" = 'yes' ]; then + cp -f $vestacp/php-fpm/www.conf /etc/php-fpm.d/ + chkconfig php-fpm on + service php-fpm start + check_result $? "php-fpm start failed" +fi + + +#----------------------------------------------------------# +# Configure PHP # +#----------------------------------------------------------# + +ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}') +if [ -e '/etc/sysconfig/clock' ]; then + source /etc/sysconfig/clock +fi +if [ -z "$ZONE" ]; then + ZONE='UTC' +fi +for pconf in $(find /etc/php* -name php.ini); do + sed -i "s/;date.timezone =/date.timezone = $ZONE/g" $pconf + sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf +done + + +#----------------------------------------------------------# +# Configure Vsftpd # +#----------------------------------------------------------# + +if [ "$vsftpd" = 'yes' ]; then + cp -f $vestacp/vsftpd/vsftpd.conf /etc/vsftpd/ + chkconfig vsftpd on + service vsftpd start + check_result $? "vsftpd start failed" + + # To be deleted after release 0.9.8-18 + echo "/sbin/nologin" >> /etc/shells +fi + + +#----------------------------------------------------------# +# Configure ProFTPD # +#----------------------------------------------------------# + +if [ "$proftpd" = 'yes' ]; then + cp -f $vestacp/proftpd/proftpd.conf /etc/ + chkconfig proftpd on + service proftpd start + check_result $? "proftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure MySQL/MariaDB # +#----------------------------------------------------------# + +if [ "$mysql" = 'yes' ]; then + + mycnf="my-small.cnf" + if [ $memory -gt 1200000 ]; then + mycnf="my-medium.cnf" + fi + if [ $memory -gt 3900000 ]; then + mycnf="my-large.cnf" + fi + + mkdir -p /var/lib/mysql + chown mysql:mysql /var/lib/mysql + mkdir -p /etc/my.cnf.d + + if [ $release -lt 7 ]; then + service='mysqld' + else + service='mariadb' + fi + + cp -f $vestacp/$service/$mycnf /etc/my.cnf + chkconfig $service on + service $service start + if [ "$?" -ne 0 ]; then + if [ -e "/proc/user_beancounters" ]; then + # Fix for aio on OpenVZ + sed -i "s/#innodb_use_native/innodb_use_native/g" /etc/my.cnf + fi + service $service start + check_result $? "$service start failed" + fi + + # Securing MySQL installation + mpass=$(gen_pass) + mysqladmin -u root password $mpass + echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf + chmod 600 /root/.my.cnf + mysql -e "DELETE FROM mysql.user WHERE User=''" + mysql -e "DROP DATABASE test" >/dev/null 2>&1 + mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" + mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" + mysql -e "FLUSH PRIVILEGES" + + # Configuring phpMyAdmin + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/ + fi + cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php + sed -i "s#%blowfish_secret#$blowfish_secret#g" /etc/phpMyAdmin/config.inc.php +fi + + +#----------------------------------------------------------# +# Configure PostgreSQL # +#----------------------------------------------------------# + +if [ "$postgresql" = 'yes' ]; then + ppass=$(gen_pass) + if [ $release -eq 5 ]; then + service postgresql start + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'" + service postgresql stop + cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/ + service postgresql start + else + service postgresql initdb + cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/ + service postgresql start + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'" + fi + # Configuring phpPgAdmin + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/pga/phpPgAdmin.conf /etc/httpd/conf.d/ + fi + cp -f $vestacp/pga/config.inc.php /etc/phpPgAdmin/ +fi + + +#----------------------------------------------------------# +# Configure Bind # +#----------------------------------------------------------# + +if [ "$named" = 'yes' ]; then + cp -f $vestacp/named/named.conf /etc/ + chown root:named /etc/named.conf + chmod 640 /etc/named.conf + chkconfig named on + service named start + check_result $? "named start failed" +fi + + +#----------------------------------------------------------# +# Configure Exim # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ]; then + gpasswd -a exim mail + cp -f $vestacp/exim/exim.conf /etc/exim/ + cp -f $vestacp/exim/dnsbl.conf /etc/exim/ + cp -f $vestacp/exim/spam-blocks.conf /etc/exim/ + touch /etc/exim/white-blocks.conf + + if [ "$spamd" = 'yes' ]; then + sed -i "s/#SPAM/SPAM/g" /etc/exim/exim.conf + fi + if [ "$clamd" = 'yes' ]; then + sed -i "s/#CLAMD/CLAMD/g" /etc/exim/exim.conf + fi + + chmod 640 /etc/exim/exim.conf + rm -rf /etc/exim/domains + mkdir -p /etc/exim/domains + + rm -f /etc/alternatives/mta + ln -s /usr/sbin/sendmail.exim /etc/alternatives/mta + chkconfig sendmail off 2>/dev/null + service sendmail stop 2>/dev/null + chkconfig postfix off 2>/dev/null + service postfix stop 2>/dev/null + + chkconfig exim on + service exim start + check_result $? "exim start failed" +fi + + +#----------------------------------------------------------# +# Configure Dovecot # +#----------------------------------------------------------# + +if [ "$dovecot" = 'yes' ]; then + gpasswd -a dovecot mail + cp -rf $vestacp/dovecot /etc/ + cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/ + chown -R root:root /etc/dovecot* + chkconfig dovecot on + service dovecot start + check_result $? "dovecot start failed" +fi + + +#----------------------------------------------------------# +# Configure ClamAV # +#----------------------------------------------------------# + +if [ "$clamd" = 'yes' ]; then + useradd clam -s /sbin/nologin -d /var/lib/clamav 2>/dev/null + gpasswd -a clam exim + gpasswd -a clam mail + cp -r /etc/clamd.d $vst_backups/clamd >/dev/null 2>&1 + cp -f $vestacp/clamav/clamd.conf /etc/clamd.conf + ln -sf /etc/clamd.conf /etc/clamd.d/scan.conf + cp -f $vestacp/clamav/freshclam.conf /etc/ + mkdir -p /var/log/clamav /var/run/clamav /var/run/clamd.scan + chown clam:clam /var/log/clamav /var/run/clamav /var/run/clamd.scan + chown -R clam:clam /var/lib/clamav + if [ "$release" -ge '7' ]; then + cp -f $vestacp/clamav/clamd.service /usr/lib/systemd/system/ + systemctl --system daemon-reload + fi + /usr/bin/freshclam + if [ "$release" -ge '7' ]; then + sed -i "s/nofork/foreground/" /usr/lib/systemd/system/clamd.service + systemctl daemon-reload + fi + chkconfig clamd.scan on + service clamd.scan start + #check_result $? "clamd start failed" +fi + + +#----------------------------------------------------------# +# Configure SpamAssassin # +#----------------------------------------------------------# + +if [ "$spamd" = 'yes' ]; then + chkconfig spamassassin on + service spamassassin start + check_result $? "spamassassin start failed" + if [ "$release" -ge '7' ]; then + groupadd -g 1001 spamd + useradd -u 1001 -g spamd -s /sbin/nologin -d \ + /var/lib/spamassassin spamd + mkdir /var/lib/spamassassin + chown spamd:spamd /var/lib/spamassassin + fi +fi + + +#----------------------------------------------------------# +# Configure RoundCube # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/roundcube/roundcubemail.conf /etc/httpd/conf.d/ + fi + cp -f $vestacp/roundcube/main.inc.php /etc/roundcubemail/config.inc.php + cd /usr/share/roundcubemail/plugins/password + cp -f $vestacp/roundcube/vesta.php drivers/vesta.php + cp -f $vestacp/roundcube/config.inc.php config.inc.php + sed -i "s/localhost/$servername/g" config.inc.php + chmod a+r /etc/roundcubemail/* + chmod -f 777 /var/log/roundcubemail + r="$(gen_pass)" + mysql -e "CREATE DATABASE roundcube" + mysql -e "GRANT ALL ON roundcube.* TO + roundcube@localhost IDENTIFIED BY '$r'" + sed -i "s/%password%/$r/g" /etc/roundcubemail/config.inc.php + chmod 640 /etc/roundcubemail/config.inc.php + chown root:apache /etc/roundcubemail/config.inc.php + if [ -e "/usr/share/roundcubemail/SQL/mysql.initial.sql" ]; then + mysql roundcube < /usr/share/roundcubemail/SQL/mysql.initial.sql + else + mysql roundcube < /usr/share/doc/roundcubemail-*/SQL/mysql.initial.sql + fi +fi + + +#----------------------------------------------------------# +# Configure Fail2Ban # +#----------------------------------------------------------# + +if [ "$fail2ban" = 'yes' ]; then + cp -rf $vestacp/fail2ban /etc/ + if [ "$dovecot" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$exim" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$vsftpd" = 'yes' ]; then + #Create vsftpd Log File + if [ ! -f "/var/log/vsftpd.log" ]; then + touch /var/log/vsftpd.log + fi + fline=$(cat /etc/fail2ban/jail.local |grep -n vsftpd-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local + fi + chkconfig fail2ban on + mkdir -p /var/run/fail2ban + if [ -e "/usr/lib/systemd/system/fail2ban.service" ]; then + exec_pre='ExecStartPre=/bin/mkdir -p /var/run/fail2ban' + sed -i "s|\[Service\]|[Service]\n$exec_pre|g" \ + /usr/lib/systemd/system/fail2ban.service + systemctl daemon-reload + fi + service fail2ban start + check_result $? "fail2ban start failed" +fi + + +#----------------------------------------------------------# +# Configure Admin User # +#----------------------------------------------------------# + +# Deleting old admin user +if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then + chattr -i /home/admin/conf > /dev/null 2>&1 + userdel -f admin >/dev/null 2>&1 + chattr -i /home/admin/conf >/dev/null 2>&1 + mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1 + rm -f /tmp/sess_* >/dev/null 2>&1 +fi +if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then + groupdel admin > /dev/null 2>&1 +fi + +# Adding Vesta admin account +$VESTA/bin/v-add-user admin $vpass $email default System Administrator +check_result $? "can't create admin user" +$VESTA/bin/v-change-user-shell admin bash +$VESTA/bin/v-change-user-language admin $lang + +# Configuring system IPs +$VESTA/bin/v-update-sys-ip + +# Get main IP +ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/) + +# Configuring firewall +if [ "$iptables" = 'yes' ]; then + $VESTA/bin/v-update-firewall +fi + +# Get public IP +pub_ip=$(curl -s vestacp.com/what-is-my-ip/) +if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then + echo "$VESTA/bin/v-update-sys-ip" >> /etc/rc.local + $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip + ip=$pub_ip +fi + +# Configuring MySQL host +if [ "$mysql" = 'yes' ]; then + $VESTA/bin/v-add-database-host mysql localhost root $mpass + $VESTA/bin/v-add-database admin default default $(gen_pass) mysql +fi + +# Configuring PostgreSQL host +if [ "$postgresql" = 'yes' ]; then + $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass + $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql +fi + +# Adding default domain +$VESTA/bin/v-add-domain admin $servername + +# Adding cron jobs +command="sudo $VESTA/bin/v-update-sys-queue disk" +$VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command" +command="sudo $VESTA/bin/v-update-sys-queue traffic" +$VESTA/bin/v-add-cron-job 'admin' '10' '00' '*' '*' '*' "$command" +command="sudo $VESTA/bin/v-update-sys-queue webstats" +$VESTA/bin/v-add-cron-job 'admin' '30' '03' '*' '*' '*' "$command" +command="sudo $VESTA/bin/v-update-sys-queue backup" +$VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" +command="sudo $VESTA/bin/v-backup-users" +$VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '*' "$command" +command="sudo $VESTA/bin/v-update-user-stats" +$VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command" +command="sudo $VESTA/bin/v-update-sys-rrd" +$VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" +service crond restart + +# Building RRD images +$VESTA/bin/v-update-sys-rrd + +# Enabling file system quota +if [ "$quota" = 'yes' ]; then + $VESTA/bin/v-add-sys-quota +fi + +# Enabling Softaculous plugin +if [ "$softaculous" = 'yes' ]; then + $VESTA/bin/v-add-vesta-softaculous +fi + +# Starting Vesta service +chkconfig vesta on +service vesta start +check_result $? "vesta start failed" +chown admin:admin $VESTA/data/sessions + +# Adding notifications +$VESTA/upd/add_notifications.sh + +# Adding cronjob for autoupdates +$VESTA/bin/v-add-cron-vesta-autoupdate + +if [ "$port" != "8083" ]; then + echo "=== Set Vesta port: $port" + $VESTA/bin/v-change-vesta-port $port +fi + +echo "NOTIFY_ADMIN_FULL_BACKUP='$email'" >> $VESTA/conf/vesta.conf + +#----------------------------------------------------------# +# Vesta Access Info # +#----------------------------------------------------------# + +# Comparing hostname and ip + +if [ "$ssl" = 'no' ]; then +host_ip=$(host $servername |head -n 1 |awk '{print $NF}') +if [ "$host_ip" = "$ip" ]; then + ip="$servername" +fi +fi + +if [ "$ssl" = 'yes' ]; then +make_ssl=0 +host_ip=$(host $servername | head -n 1 | awk '{print $NF}') +if [ "$host_ip" != "$pub_ip" ]; then + echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)" + echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname." + echo "Try to setup an A record in your DNS, pointing your hostname $servername to IP address $ip and then press ENTER." + echo "(or register ns1.$servername and ns2.$servername as DNS Nameservers and put those Nameservers on $servername domain)" + echo "If we detect that hostname is still not pointing to your IP, installer will not add LetsEncrypt SSL certificate to your hosting panel (unsigned SSL will be used instead)." + read -p "To force to try anyway to add LetsEncrypt, press f and then ENTER." answer + host_ip=$(host $servername | head -n 1 | awk '{print $NF}') +fi +if [ "$answer" = "f" ]; then + make_ssl=1 +fi +if [ "$host_ip" = "$ip" ]; then + ip="$servername" + make_ssl=1 +fi + +if [ $make_ssl -eq 1 ]; then + # Check if www is also pointing to our IP + www_host="www.$servername" + www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}') + if [ "$www_host_ip" != "$pub_ip" ]; then + if [ "$named" = 'yes' ]; then + echo "=== Deleting www to server hostname" + $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no' + $VESTA/bin/v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no' + fi + www_host="" + fi +fi + +echo "===" +echo "Hostname $servername is pointing to $host_ip" + +if [ $make_ssl -eq 1 ]; then + echo "=== Generating HOSTNAME SSL" + $VESTA/bin/v-add-letsencrypt-domain 'admin' "$servername" "$www_host" 'yes' + $VESTA/bin/v-update-host-certificate 'admin' "$servername" +else + echo "We will not generate SSL because of this" +fi +echo "===" +echo "UPDATE_HOSTNAME_SSL='yes'" >> $VESTA/conf/vesta.conf +fi + +# Sending notification to admin email +echo -e "Congratulations, you have just successfully installed \ +Vesta Control Panel + + https://$ip:$port + username: admin + password: $vpass + +We hope that you enjoy your installation of Vesta. Please \ +feel free to contact us anytime if you have any questions. +Thank you. + +-- +Sincerely yours +vestacp.com team +" > $tmpfile + +send_mail="$VESTA/web/inc/mail-wrapper.php" +cat $tmpfile | $send_mail -s "Vesta Control Panel" $email + +# Congrats +echo '=======================================================' +echo +echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' +echo ' _| _| _| _| _| _| _| ' +echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' +echo ' _| _| _| _| _| _| _| ' +echo ' _| _|_|_|_| _|_|_| _| _| _| ' +echo +echo +cat $tmpfile +rm -f $tmpfile + +# EOF diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index b1a5ca113..0f87f2309 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Vesta Debian installer v.04 +# Vesta Debian installer v.05 #----------------------------------------------------------# # Variables&Functions # @@ -9,33 +9,91 @@ export PATH=$PATH:/sbin export DEBIAN_FRONTEND=noninteractive RHOST='apt.vestacp.com' CHOST='c.vestacp.com' -VERSION='0.9.8/debian' -software="nginx apache2 apache2-utils apache2.2-common bsdutils e2fsprogs - apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf - libapache2-mod-fcgid bind9 idn mysql-server mysql-common - mysql-client php5-common php5-cgi php5-mysql php5-curl - libapache2-mod-php5 vsftpd mc exim4 exim4-daemon-heavy clamav-daemon - flex dovecot-imapd dovecot-pop3d phpMyAdmin awstats webalizer - jwhois rssh git spamassassin roundcube roundcube-mysql - roundcube-plugins sudo bc ftp lsof ntpdate rrdtool quota e2fslibs - fail2ban dnsutils vesta vesta-nginx vesta-php" +VERSION='debian' +VESTA='/usr/local/vesta' +memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) +arch=$(uname -i) +os='debian' +release=$(cat /etc/debian_version|grep -o [0-9]|head -n1) +codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))" +vestacp="$VESTA/install/$VERSION/$release" +if [ "$release" -eq 9 ]; then + software="nginx apache2 apache2-utils apache2-suexec-custom + libapache2-mod-ruid2 libapache2-mod-fcgid libapache2-mod-php php + php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats + webalizer vsftpd proftpd-basic bind9 exim4 exim4-daemon-heavy + clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core + roundcube-mysql roundcube-plugins mysql-server mysql-common + mysql-client postgresql postgresql-contrib phppgadmin phpmyadmin mc + flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota + e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils + bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl + unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip" +elif [ "$release" -eq 8 ]; then + software="nginx apache2 apache2-utils apache2.2-common + apache2-suexec-custom libapache2-mod-ruid2 + libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi + php5-mysql php5-curl php5-fpm php5-pgsql awstats webalizer vsftpd + proftpd-basic bind9 exim4 exim4-daemon-heavy clamav-daemon + spamassassin dovecot-imapd dovecot-pop3d roundcube-core + roundcube-mysql roundcube-plugins mysql-server mysql-common + mysql-client postgresql postgresql-contrib phppgadmin phpMyAdmin mc + flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota + e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils + bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl + unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip" +else + software="nginx apache2 apache2-utils apache2.2-common + apache2-suexec-custom libapache2-mod-ruid2 + libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi + php5-mysql php5-curl php5-fpm php5-pgsql awstats webalizer vsftpd + proftpd-basic proftpd-mod-vroot bind9 exim4 exim4-daemon-heavy + clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core + roundcube-mysql roundcube-plugins mysql-server mysql-common + mysql-client postgresql postgresql-contrib phppgadmin phpMyAdmin mc + flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota + e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils + bsdmainutils cron vesta vesta-nginx vesta-php expect unrar-free + vim-common vesta-ioncube vesta-softaculous net-tools unzip" +fi + +# Defining help function help() { - echo "usage: $0 [OPTIONS] - -h, --help Print this help and exit - -f, --force Force installation - -i, --disable-iptables Disable iptables support - -b, --disable-fail2ban Disable fail2ban protection - -n, --noupdate Do not run yum update command - -s, --hostname Set server hostname - -e, --email Set email address - -p, --password Set admin password instead of generating it - -m, --mysql-password Set MySQL password instead of generating it - -q, --quota Enable File System Quota" + echo "Usage: $0 [OPTIONS] + -a, --apache Install Apache [yes|no] default: yes + -n, --nginx Install Nginx [yes|no] default: yes + -w, --phpfpm Install PHP-FPM [yes|no] default: no + -v, --vsftpd Install Vsftpd [yes|no] default: yes + -j, --proftpd Install ProFTPD [yes|no] default: no + -k, --named Install Bind [yes|no] default: yes + -m, --mysql Install MySQL [yes|no] default: yes + -g, --postgresql Install PostgreSQL [yes|no] default: no + -x, --exim Install Exim [yes|no] default: yes + -z, --dovecot Install Dovecot [yes|no] default: yes + -c, --clamav Install ClamAV [yes|no] default: yes + -t, --spamassassin Install SpamAssassin [yes|no] default: yes + -i, --iptables Install Iptables [yes|no] default: yes + -b, --fail2ban Install Fail2ban [yes|no] default: yes + -r, --remi Install Remi repo [yes|no] default: yes + -o, --softaculous Install Softaculous [yes|no] default: yes + -q, --quota Filesystem Quota [yes|no] default: no + -l, --lang Default language default: en + -y, --interactive Interactive install [yes|no] default: yes + -s, --hostname Set hostname + -u, --ssl Add LE SSL for hostname [yes|no] default: no + -e, --email Set admin email + -d, --port Set Vesta port + -p, --password Set admin password + -f, --force Force installation + -h, --help Print this help + + Example: bash $0 -e demo@vestacp.com -p p4ssw0rd --apache no --phpfpm yes" exit 1 } -# Password generator + +# Defining password-gen function gen_pass() { MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' LENGTH=10 @@ -46,111 +104,183 @@ gen_pass() { echo "$PASS" } +# Defning return code check function +check_result() { + if [ $1 -ne 0 ]; then + echo "Error: $2" + exit $1 + fi +} + +# Defining function to set default value +set_default_value() { + eval variable=\$$1 + if [ -z "$variable" ]; then + eval $1=$2 + fi + if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then + eval $1=$2 + fi +} + +# Define function to set default language value +set_default_lang() { + if [ -z "$lang" ]; then + eval lang=$1 + fi + lang_list=" + ar cz el fa hu ja no pt se ua + bs da en fi id ka pl ro tr vi + cn de es fr it nl pt-BR ru tw + bg ko sr th ur" + if !(echo $lang_list |grep -w $lang 1>&2>/dev/null); then + eval lang=$1 + fi +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# +# Creating temporary file +tmpfile=$(mktemp -p /tmp) + # Translating argument to --gnu-long-options for arg; do delim="" case "$arg" in - --help) args="${args}-h " ;; - --force) args="${args}-f " ;; - --disable-fail2ban) args="${args}-b " ;; - --disable-iptables) args="${args}-i " ;; - --noupdate) args="${args}-n " ;; - --hostname) args="${args}-s " ;; - --email) args="${args}-e " ;; - --password) args="${args}-p " ;; - --mysql-password) args="${args}-m " ;; + --apache) args="${args}-a " ;; + --nginx) args="${args}-n " ;; + --phpfpm) args="${args}-w " ;; + --vsftpd) args="${args}-v " ;; + --proftpd) args="${args}-j " ;; + --named) args="${args}-k " ;; + --mysql) args="${args}-m " ;; + --postgresql) args="${args}-g " ;; + --exim) args="${args}-x " ;; + --dovecot) args="${args}-z " ;; + --clamav) args="${args}-c " ;; + --spamassassin) args="${args}-t " ;; + --iptables) args="${args}-i " ;; + --fail2ban) args="${args}-b " ;; + --remi) args="${args}-r " ;; + --softaculous) args="${args}-o " ;; --quota) args="${args}-q " ;; - *) [[ "${arg:0:1}" == "-" ]] || delim="\"" - args="${args}${delim}${arg}${delim} ";; + --lang) args="${args}-l " ;; + --interactive) args="${args}-y " ;; + --hostname) args="${args}-s " ;; + --ssl) args="${args}-u " ;; + --email) args="${args}-e " ;; + --port) args="${args}-d " ;; + --password) args="${args}-p " ;; + --force) args="${args}-f " ;; + --help) args="${args}-h " ;; + *) [[ "${arg:0:1}" == "-" ]] || delim="\"" + args="${args}${delim}${arg}${delim} ";; esac done eval set -- "$args" -# Getopt -while getopts "hfibdnqe:m:p:s:" Option; do +# Parsing arguments +while getopts "a:n:w:v:j:k:m:g:x:z:c:t:i:b:r:o:q:l:y:s:u:e:d:p:fh" Option; do case $Option in - h) help ;; # Help - f) force='yes' ;; # Force install - i) disable_iptables='yes' ;; # Disable iptables - b) disable_fail2ban='yes' ;; # Disable fail2ban - n) noupdate='yes' ;; # Disable yum update - s) servername=$OPTARG ;; # Server hostname - e) email=$OPTARG ;; # Set email - p) vpass=$OPTARG ;; # Admin password - m) mpass=$OPTARG ;; # MySQL pasword - q) quota='yes' ;; # Enable quota - *) help ;; # Default + a) apache=$OPTARG ;; # Apache + n) nginx=$OPTARG ;; # Nginx + w) phpfpm=$OPTARG ;; # PHP-FPM + v) vsftpd=$OPTARG ;; # Vsftpd + j) proftpd=$OPTARG ;; # Proftpd + k) named=$OPTARG ;; # Named + m) mysql=$OPTARG ;; # MySQL + g) postgresql=$OPTARG ;; # PostgreSQL + x) exim=$OPTARG ;; # Exim + z) dovecot=$OPTARG ;; # Dovecot + c) clamd=$OPTARG ;; # ClamAV + t) spamd=$OPTARG ;; # SpamAssassin + i) iptables=$OPTARG ;; # Iptables + b) fail2ban=$OPTARG ;; # Fail2ban + r) remi=$OPTARG ;; # Remi repo + o) softaculous=$OPTARG ;; # Softaculous plugin + q) quota=$OPTARG ;; # FS Quota + l) lang=$OPTARG ;; # Language + y) interactive=$OPTARG ;; # Interactive install + s) servername=$OPTARG ;; # Hostname + u) ssl=$OPTARG ;; # Add Let's Encrypt SSL for hostname + e) email=$OPTARG ;; # Admin email + d) port=$OPTARG ;; # Vesta port + p) vpass=$OPTARG ;; # Admin password + f) force='yes' ;; # Force install + h) help ;; # Help + *) help ;; # Print help (default) esac done -# Am I root? -if [ "x$(id -u)" != 'x0' ]; then - echo 'Error: this script can only be executed by root' - exit 1 -fi - -# Check supported version -if [ -e '/etc/redhat-release' ] || [ -e '/etc/lsb-release' ]; then - echo 'Error: sorry, this installer works only on Debian 7' - exit 1 -fi - -# Check supported OS -if [ "$(arch)" != 'x86_64' ]; then - arch='i386' +# Defining default software stack +set_default_value 'nginx' 'yes' +set_default_value 'apache' 'yes' +set_default_value 'phpfpm' 'no' +set_default_value 'vsftpd' 'yes' +set_default_value 'proftpd' 'no' +set_default_value 'named' 'yes' +set_default_value 'mysql' 'yes' +set_default_value 'postgresql' 'no' +set_default_value 'mongodb' 'no' +set_default_value 'exim' 'yes' +set_default_value 'dovecot' 'yes' +if [ $memory -lt 1500000 ]; then + set_default_value 'clamd' 'no' + set_default_value 'spamd' 'no' else - arch="amd64" + set_default_value 'clamd' 'yes' + set_default_value 'spamd' 'yes' fi -os=$(head -n1 /etc/issue | cut -f 1 -d ' ') -if [[ "$(cut -f 1 -d . /etc/debian_version)" -eq '7' ]]; then - release="7" - codename="wheezy" +set_default_value 'iptables' 'yes' +set_default_value 'fail2ban' 'yes' +set_default_value 'softaculous' 'yes' +set_default_value 'quota' 'no' +set_default_value 'interactive' 'yes' +set_default_value 'ssl' 'no' +set_default_lang 'en' + +# Checking software conflicts +if [ "$phpfpm" = 'yes' ]; then + apache='no' + nginx='yes' fi -if [ $codename != 'wheezy' ]; then - echo 'Error: only Debian 7 is supported' - exit 1 +if [ "$proftpd" = 'yes' ]; then + vsftpd='no' +fi +if [ "$exim" = 'no' ]; then + clamd='no' + spamd='no' + dovecot='no' +fi +if [ "$iptables" = 'no' ]; then + fail2ban='no' fi -# Check admin user account -if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" != 'yes' ]; then - echo "Error: user admin exists" - echo +# Checking root permissions +if [ "x$(id -u)" != 'x0' ]; then + check_error 1 "Script can be run executed only by root" +fi + +# Checking admin user account +if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ -z "$force" ]; then echo 'Please remove admin user account before proceeding.' echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 + echo -e "Example: bash $0 --force\n" + check_result 1 "User admin exists" fi -# Check admin user account -if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" != 'yes' ]; then - echo "Error: user admin exists" - echo - echo 'Please remove admin user account before proceeding.' - echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi - -# Check wget +# Checking wget if [ ! -e '/usr/bin/wget' ]; then apt-get -y install wget - if [ $? -ne 0 ]; then - echo "Error: can't install wget" - exit 1 - fi + check_result $? "Can't install wget" fi -# Check repo availability -wget -q "$CHOST/$VERSION/vesta.conf" -O /dev/null -if [ $? -ne 0 ]; then - echo "Error: no access to repository" - exit 1 -fi +# Checking repository availability +wget -q "c.vestacp.com/deb_signing.key" -O /dev/null +check_result $? "No access to Vesta repository" # Check installed packages tmpfile=$(mktemp -p /tmp) @@ -173,211 +303,356 @@ if [ ! -z "$conflicts" ] && [ -z "$force" ]; then echo echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' echo - exit 1 + check_result 1 "Control Panel should be installed on clean server." fi -# Check server type -memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) -if [ "$memory" -lt '350000' ] && [ -z "$force" ]; then - echo "Error: not enough memory to install Vesta Control Panel." - echo -e "\nMinimum RAM required: 350Mb" - echo 'If you want to force installation run this script with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi -srv_type='micro' -if [ "$memory" -gt '1000000' ]; then - srv_type='small' +#----------------------------------------------------------# +# Brief Info # +#----------------------------------------------------------# + +# Printing nice ascii aslogo +clear +echo +echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _| _|_|_| _|_| _| _|_|_|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _|_|_|_| _|_|_| _| _| _|' +echo +echo ' Vesta Control Panel' +echo -e "\n\n" + +echo 'Following software will be installed on your system:' + +# Web stack +if [ "$nginx" = 'yes' ]; then + echo ' - Nginx Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo ' - Apache Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo ' - Apache Web Server (as backend)' +fi +if [ "$phpfpm" = 'yes' ]; then + echo ' - PHP-FPM Application Server' fi -if [ "$memory" -gt '3000000' ]; then - srv_type='medium' +# DNS stack +if [ "$named" = 'yes' ]; then + echo ' - Bind DNS Server' fi -if [ "$memory" -gt '7000000' ]; then - srv_type='large' -fi - -# Are you sure ? -if [ -z $email ]; then - clear - echo - echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _|_|_|_| _|_|_| _| _| _| ' - echo - echo ' Vesta Control Panel' - echo - echo - echo 'Following software will be installed on your system:' - echo ' - Nginx frontend web server' - echo ' - Apache application web server' - echo ' - Bind DNS server' - echo ' - Exim mail server' - echo ' - Dovecot IMAP and POP3 server' - if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - echo ' - Clam mail antivirus' - echo ' - SpamAssassin antispam' +# Mail Stack +if [ "$exim" = 'yes' ]; then + echo -n ' - Exim mail server' + if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ] ; then + echo -n ' + ' + if [ "$clamd" = 'yes' ]; then + echo -n 'Antivirus ' + fi + if [ "$spamd" = 'yes' ]; then + echo -n 'Antispam' + fi fi - echo ' - MySQL database server' - echo ' - Vsftpd FTP server' - echo - echo + echo + if [ "$dovecot" = 'yes' ]; then + echo ' - Dovecot POP3/IMAP Server' + fi +fi - read -p 'Do you want to proceed? [y/n]): ' answer +# DB stack +if [ "$mysql" = 'yes' ]; then + echo ' - MySQL Database Server' +fi +if [ "$postgresql" = 'yes' ]; then + echo ' - PostgreSQL Database Server' +fi +if [ "$mongodb" = 'yes' ]; then + echo ' - MongoDB Database Server' +fi + +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo ' - Vsftpd FTP Server' +fi +if [ "$proftpd" = 'yes' ]; then + echo ' - ProFTPD FTP Server' +fi + +# LE SSL for hostname +if [ "$ssl" = 'yes' ]; then + echo ' - LE SSL for hostname' +fi + +# Softaculous +if [ "$softaculous" = 'yes' ]; then + echo ' - Softaculous Plugin' +fi + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo -n ' - Iptables Firewall' +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo -n ' + Fail2Ban' +fi +echo -e "\n\n" + +# Asking for confirmation to proceed +if [ "$interactive" = 'yes' ]; then + read -p 'Would you like to continue [y/n]: ' answer if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then echo 'Goodbye' exit 1 fi - # Check email - read -p 'Please enter valid email address: ' email + # Asking for contact email + if [ -z "$email" ]; then + read -p 'Please enter admin email address: ' email + fi - # Define server hostname + # Asking for Vesta port + if [ -z "$port" ]; then + read -p 'Please enter Vesta port number (press enter for 8083): ' port + fi + + # Asking to set FQDN hostname if [ -z "$servername" ]; then - read -p "Please enter hostname [$(hostname)]: " servername + read -p "Please enter FQDN hostname [$(hostname)]: " servername fi fi -# Validate email -local_part=$(echo $email | cut -s -f1 -d\@) -remote_host=$(echo $email | cut -s -f2 -d\@) -mx_failed=1 -if [ ! -z "$remote_host" ] && [ ! -z "$local_part" ]; then - /usr/bin/host -t mx "$remote_host" > /dev/null 2>&1 - mx_failed="$?" +# Generating admin password if it wasn't set +if [ -z "$vpass" ]; then + vpass=$(gen_pass) fi -if [ "$mx_failed" -eq 1 ]; then - echo "Error: email $email is not valid" - exit 1 +# Set hostname if it wasn't set +if [ -z "$servername" ]; then + servername=$(hostname -f) +fi + +# Set FQDN if it wasn't set +mask1='(([[:alnum:]](-?[[:alnum:]])*)\.)' +mask2='*[[:alnum:]](-?[[:alnum:]])+\.[[:alnum:]]{2,}' +if ! [[ "$servername" =~ ^${mask1}${mask2}$ ]]; then + if [ ! -z "$servername" ]; then + servername="$servername.example.com" + else + servername="example.com" + fi + echo "127.0.0.1 $servername" >> /etc/hosts +fi + +# Set email if it wasn't set +if [ -z "$email" ]; then + email="admin@$servername" +fi + +# Set port if it wasn't set +if [ -z "$port" ]; then + port="8083" +fi + +# Defining backup directory +vst_backups="/root/vst_install_backups/$(date +%s)" +echo "Installation backup directory: $vst_backups" + +# Printing start message and sleeping for 5 seconds +echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" +sleep 5 + + +#----------------------------------------------------------# +# Checking swap # +#----------------------------------------------------------# + +# Checking swap on small instances +if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then + fallocate -l 1G /swapfile + chmod 600 /swapfile + mkswap /swapfile + swapon /swapfile + echo "/swapfile none swap sw 0 0" >> /etc/fstab fi #----------------------------------------------------------# # Install repository # #----------------------------------------------------------# -# Let's start -echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" -sleep 5 -# Update system -if [ -z "$noupdate" ]; then - apt-get -y upgrade - if [ $? -ne 0 ]; then - echo 'Error: apt-get upgrade failed' - exit 1 - fi -fi +# Updating system +apt-get -y upgrade +check_result $? 'apt-get upgrade failed' -# Install nginx repo +# Installing nginx repo apt=/etc/apt/sources.list.d echo "deb http://nginx.org/packages/debian/ $codename nginx" > $apt/nginx.list wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key apt-key add /tmp/nginx_signing.key -# Install vesta repo +# Installing vesta repo echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list wget $CHOST/deb_signing.key -O deb_signing.key apt-key add deb_signing.key - -#----------------------------------------------------------# -# Backups # -#----------------------------------------------------------# - -# Prepare backup tree -vst_backups="/root/vst_install_backups/$(date +%s)" -mkdir -p $vst_backups/nginx -mkdir -p $vst_backups/apache2 -mkdir -p $vst_backups/mysql -mkdir -p $vst_backups/exim4 -mkdir -p $vst_backups/dovecot -mkdir -p $vst_backups/clamav -mkdir -p $vst_backups/spamassassin -mkdir -p $vst_backups/vsftpd -mkdir -p $vst_backups/bind -mkdir -p $vst_backups/vesta -mkdir -p $vst_backups/home - -# Backup sudoers -if [ -e '/etc/sudoers' ]; then - cp /etc/sudoers $vst_backups/ +# Installing jessie backports +if [ "$release" -eq 8 ]; then + if [ ! -e /etc/apt/apt.conf ]; then + echo 'Acquire::Check-Valid-Until "false";' >> /etc/apt/apt.conf + fi + if [ ! -e /etc/apt/sources.list.d/backports.list ]; then + echo "deb http://archive.debian.org/debian jessie-backports main" >\ + /etc/apt/sources.list.d/backports.list + fi fi -# Backup nginx + +#----------------------------------------------------------# +# Backup # +#----------------------------------------------------------# + +# Creating backup directory tree +mkdir -p $vst_backups +cd $vst_backups +mkdir nginx apache2 php php5 php5-fpm vsftpd proftpd bind exim4 dovecot clamd +mkdir spamassassin mysql postgresql mongodb vesta + +# Backing up Nginx configuration service nginx stop > /dev/null 2>&1 -if [ -e '/etc/nginx/nginx.conf' ]; then - cp -r /etc/nginx/* $vst_backups/nginx/ -fi +cp -r /etc/nginx/* $vst_backups/nginx >/dev/null 2>&1 -# Backup apache2 +# Backing up Apache configuration service apache2 stop > /dev/null 2>&1 -if [ -e '/etc/apache2/apache2.conf' ]; then - cp -r /etc/apache2/* $vst_backups/apache2/ -fi +cp -r /etc/apache2/* $vst_backups/apache2 > /dev/null 2>&1 +rm -f /etc/apache2/conf.d/* > /dev/null 2>&1 -# Backup bind9 +# Backing up PHP configuration +cp /etc/php.ini $vst_backups/php > /dev/null 2>&1 +cp -r /etc/php.d $vst_backups/php > /dev/null 2>&1 + +# Backing up PHP configuration +service php5-fpm stop >/dev/null 2>&1 +cp /etc/php5/* $vst_backups/php5 > /dev/null 2>&1 +rm -f /etc/php5/fpm/pool.d/* >/dev/null 2>&1 + +# Backing up Bind configuration service bind9 stop > /dev/null 2>&1 -if [ -e '/etc/bind/named.conf' ]; then - cp -r /etc/bind/* $vst_backups/bind/ -fi +cp -r /etc/bind/* $vst_backups/bind > /dev/null 2>&1 -# Backup vsftpd +# Backing up Vsftpd configuration service vsftpd stop > /dev/null 2>&1 -if [ -e '/etc/vsftpd.conf' ]; then - cp /etc/vsftpd.conf $vst_backups/vsftpd/ -fi +cp /etc/vsftpd.conf $vst_backups/vsftpd > /dev/null 2>&1 -# Backup exim4 +# Backing up ProFTPD configuration +service proftpd stop > /dev/null 2>&1 +cp /etc/proftpd.conf $vst_backups/proftpd >/dev/null 2>&1 + +# Backing up Exim configuration service exim4 stop > /dev/null 2>&1 -if [ -e '/etc/exim4/exim4.conf.template' ]; then - cp -r /etc/exim4/* $vst_backups/exim4/ -fi +cp -r /etc/exim4/* $vst_backups/exim4 > /dev/null 2>&1 -# Backup clamav +# Backing up ClamAV configuration service clamav-daemon stop > /dev/null 2>&1 -if [ -e '/etc/clamav/clamd.conf' ]; then - cp -r /etc/clamav/* $vst_backups/clamav/ -fi +cp -r /etc/clamav/* $vst_backups/clamav > /dev/null 2>&1 -# Backup SpamAssassin +# Backing up SpamAssassin configuration service spamassassin stop > /dev/null 2>&1 -if [ -e '/etc/spamassassin/local.cf' ]; then - cp -r /etc/spamassassin/* $vst_backups/spamassassin/ -fi +cp -r /etc/spamassassin/* $vst_backups/spamassassin > /dev/null 2>&1 -# Backup dovecot +# Backing up Dovecot configuration service dovecot stop > /dev/null 2>&1 -if [ -e '/etc/dovecot.conf' ]; then - cp /etc/dovecot.conf $vst_backups/dovecot/ -fi -if [ -e '/etc/dovecot' ]; then - cp -r /etc/dovecot/* $vst_backups/dovecot/ -fi +cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1 +cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1 -# Backup MySQL stuff +# Backing up MySQL/MariaDB configuration and data service mysql stop > /dev/null 2>&1 -if [ -e '/var/lib/mysql' ]; then - mv /var/lib/mysql $vst_backups/mysql/mysql_datadir -fi -if [ -e '/etc/mysql/my.cnf' ]; then - cp -r /etc/mysql/* $vst_backups/mysql/ -fi -if [ -e '/root/.my.cnf' ]; then - mv /root/.my.cnf $vst_backups/mysql/ -fi +killall -9 mysqld > /dev/null 2>&1 +mv /var/lib/mysql $vst_backups/mysql/mysql_datadir > /dev/null 2>&1 +cp -r /etc/mysql/* $vst_backups/mysql > /dev/null 2>&1 +mv -f /root/.my.cnf $vst_backups/mysql > /dev/null 2>&1 # Backup vesta service vesta stop > /dev/null 2>&1 -if [ -e '/usr/local/vesta' ]; then - cp -r /usr/local/vesta/* $vst_backups/vesta/ - apt-get -y remove vesta* - apt-get -y purge vesta* - rm -rf /usr/local/vesta +cp -r $VESTA/* $vst_backups/vesta > /dev/null 2>&1 +apt-get -y remove vesta vesta-nginx vesta-php > /dev/null 2>&1 +apt-get -y purge vesta vesta-nginx vesta-php > /dev/null 2>&1 +rm -rf $VESTA > /dev/null 2>&1 + + +#----------------------------------------------------------# +# Package Excludes # +#----------------------------------------------------------# + +# Excluding packages +if [ "$nginx" = 'no' ]; then + software=$(echo "$software" | sed -e "s/ nginx/ /") +fi +if [ "$apache" = 'no' ]; then + software=$(echo "$software" | sed -e "s/apache2 //") + software=$(echo "$software" | sed -e "s/apache2-utils//") + software=$(echo "$software" | sed -e "s/apache2-suexec-custom//") + software=$(echo "$software" | sed -e "s/apache2.2-common//") + software=$(echo "$software" | sed -e "s/libapache2-mod-ruid2//") + software=$(echo "$software" | sed -e "s/libapache2-mod-fcgid//") + software=$(echo "$software" | sed -e "s/libapache2-mod-php5//") + software=$(echo "$software" | sed -e "s/libapache2-mod-php//") +fi +if [ "$phpfpm" = 'no' ]; then + software=$(echo "$software" | sed -e "s/php5-fpm//") + software=$(echo "$software" | sed -e "s/php-fpm//") +fi +if [ "$vsftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/vsftpd//") +fi +if [ "$proftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/proftpd-basic//") + software=$(echo "$software" | sed -e "s/proftpd-mod-vroot//") +fi +if [ "$named" = 'no' ]; then + software=$(echo "$software" | sed -e "s/bind9//") +fi +if [ "$exim" = 'no' ]; then + software=$(echo "$software" | sed -e "s/exim4 //") + software=$(echo "$software" | sed -e "s/exim4-daemon-heavy//") + software=$(echo "$software" | sed -e "s/dovecot-imapd//") + software=$(echo "$software" | sed -e "s/dovecot-pop3d//") + software=$(echo "$software" | sed -e "s/clamav-daemon//") + software=$(echo "$software" | sed -e "s/spamassassin//") +fi +if [ "$clamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/clamav-daemon//") +fi +if [ "$spamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/spamassassin//") + software=$(echo "$software" | sed -e "s/libmail-dkim-perl//") +fi +if [ "$dovecot" = 'no' ]; then + software=$(echo "$software" | sed -e "s/dovecot-imapd//") + software=$(echo "$software" | sed -e "s/dovecot-pop3d//") +fi +if [ "$mysql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/mysql-server//') + software=$(echo "$software" | sed -e 's/mysql-client//') + software=$(echo "$software" | sed -e 's/mysql-common//') + software=$(echo "$software" | sed -e 's/php5-mysql//') + software=$(echo "$software" | sed -e 's/php-mysql//') + software=$(echo "$software" | sed -e 's/phpMyAdmin//') +fi +if [ "$postgresql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/postgresql-contrib//') + software=$(echo "$software" | sed -e 's/postgresql//') + software=$(echo "$software" | sed -e 's/php5-pgsql//') + software=$(echo "$software" | sed -e 's/php-pgsql//') + software=$(echo "$software" | sed -e 's/phppgadmin//') +fi +if [ "$softaculous" = 'no' ]; then + software=$(echo "$software" | sed -e 's/vesta-softaculous//') +fi +if [ "$iptables" = 'no' ] || [ "$fail2ban" = 'no' ]; then + software=$(echo "$software" | sed -e 's/fail2ban//') fi @@ -385,37 +660,16 @@ fi # Install packages # #----------------------------------------------------------# -# Exclude heavy packages -if [ "$srv_type" = 'micro' ]; then - software=$(echo "$software" | sed -e 's/libapache2-mod-fcgid//') - software=$(echo "$software" | sed -e 's/clamav-daemon//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -if [ "$srv_type" = 'small' ]; then - software=$(echo "$software" | sed -e 's/clamav-daemon//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -# Exclude fail2ban -if [ "$disable_fail2ban" = 'yes' ]; then - software=$(echo "$software" | sed -e 's/fail2ban//') -fi - # Update system packages apt-get update -# Disable daemon autostart -# For more details /usr/share/doc/sysv-rc/README.policy-rc.d.gz +# Disable daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d chmod a+x /usr/sbin/policy-rc.d -# Install Vesta packages +# Install apt packages apt-get -y install $software -if [ $? -ne 0 ]; then - echo 'Error: apt-get install failed' - exit 1 -fi +check_result $? "apt-get install failed" # Restore policy rm -f /usr/sbin/policy-rc.d @@ -425,123 +679,19 @@ rm -f /usr/sbin/policy-rc.d # Configure system # #----------------------------------------------------------# -# Set writable permission on tmp directory -chmod 777 /tmp - -# Vesta configuration -echo "export VESTA='/usr/local/vesta'" > /etc/profile.d/vesta.sh -chmod 755 /etc/profile.d/vesta.sh -source /etc/profile.d/vesta.sh -echo 'PATH=$PATH:/usr/local/vesta/bin' >> /root/.bash_profile -echo 'export PATH' >> /root/.bash_profile -source /root/.bash_profile -wget $CHOST/$VERSION/vesta.log -O /etc/logrotate.d/vesta - -# Directory tree -mkdir -p $VESTA/conf -mkdir -p $VESTA/log -mkdir -p $VESTA/ssl -mkdir -p $VESTA/data -mkdir -p $VESTA/data/ips -mkdir -p $VESTA/data/queue -mkdir -p $VESTA/data/users -mkdir -p $VESTA/data/firewall -touch $VESTA/data/queue/backup.pipe -touch $VESTA/data/queue/disk.pipe -touch $VESTA/data/queue/webstats.pipe -touch $VESTA/data/queue/restart.pipe -touch $VESTA/data/queue/traffic.pipe -chmod 750 $VESTA/conf -chmod 750 $VESTA/data/users -chmod 750 $VESTA/data/ips -chmod -R 750 $VESTA/data/queue -ln -s /usr/local/vesta/log /var/log/vesta -touch /var/log/vesta/system.log -touch /var/log/vesta/nginx-error.log -touch /var/log/vesta/auth.log -chmod 660 /var/log/vesta/* -adduser backup > /dev/null 2>&1 -mkdir -p /home/backup -chown backup:backup /home/backup -ln -s /home/backup /backup -chmod a+x /backup - -# vesta.conf -wget $CHOST/$VERSION/vesta.conf -O $VESTA/conf/vesta.conf -if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then - sed -i "s/clamav-daemon//g" $VESTA/conf/vesta.conf - sed -i "s/spamassassin//g" $VESTA/conf/vesta.conf -fi - -# Set server hostname -if [ -z "$servername" ]; then - servername=$(hostname) -fi -/usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null - -# Templates -cd /usr/local/vesta/data -wget $CHOST/$VERSION/packages.tar.gz -O packages.tar.gz -tar -xzf packages.tar.gz -rm -f packages.tar.gz -cd /usr/local/vesta/data -wget $CHOST/$VERSION/templates.tar.gz -O templates.tar.gz -tar -xzf templates.tar.gz -rm -f templates.tar.gz -chmod -R 755 /usr/local/vesta/data/templates -cp templates/web/skel/public_html/index.html /var/www/ -sed -i 's/%domain%/It worked!/g' /var/www/index.html -if [ "$srv_type" = 'micro' ]; then - rm -f /usr/local/vesta/data/templates/web/apache2/phpfcgid.* -fi - -# Firewall configuartion -wget $CHOST/$VERSION/firewall.tar.gz -O firewall.tar.gz -tar -xzf firewall.tar.gz -if [ "$disable_iptables" = 'yes' ]; then - sed -i "s/iptables//" $VESTA/conf/vesta.conf -else - $BIN/v-update-firewall -fi - -# Generating SSL certificate -$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ - 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem - -# Parsing merged certificate file -crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) -key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) -key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) - -# Adding SSL certificate -cd /usr/local/vesta/ssl -sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt -sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key -chown root:mail /usr/local/vesta/ssl/* -chmod 660 /usr/local/vesta/ssl/* -rm /tmp/vst.pem - # Enable SSH password auth sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config service ssh restart -# AppArmor -#aa-complain /usr/sbin/named - # Disable awstats cron rm -f /etc/cron.d/awstats # Set directory color echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile -# Register /sbin/nologin +# Register /sbin/nologin and /usr/sbin/nologin echo "/sbin/nologin" >> /etc/shells - -# Sudo configuration -wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers -wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin -chmod 440 /etc/sudoers -chmod 440 /etc/sudoers.d/admin +echo "/usr/sbin/nologin" >> /etc/shells # NTP Synchronization echo '#!/bin/sh' > /etc/cron.daily/ntpdate @@ -558,311 +708,755 @@ sed -i 's/#allowsftp/allowsftp/' /etc/rssh.conf sed -i 's/#allowrsync/allowrsync/' /etc/rssh.conf chmod 755 /usr/bin/rssh -# Nginx configuration -rm -f /etc/nginx/conf.d/*.conf -wget $CHOST/$VERSION/nginx.conf -O /etc/nginx/nginx.conf -wget $CHOST/$VERSION/nginx-status.conf -O /etc/nginx/conf.d/status.conf -touch /etc/nginx/conf.d/vesta.conf -update-rc.d nginx defaults -service nginx stop > /dev/null 2>&1 -service nginx start -if [ "$?" -ne 0 ]; then - echo "Error: nginx start failed" - exit 1 + +#----------------------------------------------------------# +# Configure VESTA # +#----------------------------------------------------------# + +# Installing sudo configuration +mkdir -p /etc/sudoers.d +cp -f $vestacp/sudo/admin /etc/sudoers.d/ +chmod 440 /etc/sudoers.d/admin + +# Configuring system env +echo "export VESTA='$VESTA'" > /etc/profile.d/vesta.sh +chmod 755 /etc/profile.d/vesta.sh +source /etc/profile.d/vesta.sh +echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile +echo 'export PATH' >> /root/.bash_profile +source /root/.bash_profile + +# Configuring logrotate for Vesta logs +cp -f $vestacp/logrotate/vesta /etc/logrotate.d/ + +# Building directory tree and creating some blank files for vesta +mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \ + $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \ + $VESTA/data/sessions +touch $VESTA/data/queue/backup.pipe $VESTA/data/queue/disk.pipe \ + $VESTA/data/queue/webstats.pipe $VESTA/data/queue/restart.pipe \ + $VESTA/data/queue/traffic.pipe $VESTA/log/system.log \ + $VESTA/log/nginx-error.log $VESTA/log/auth.log +chmod 750 $VESTA/conf $VESTA/data/users $VESTA/data/ips $VESTA/log +chmod -R 750 $VESTA/data/queue +chmod 660 $VESTA/log/* +rm -f /var/log/vesta +ln -s $VESTA/log /var/log/vesta +chmod 770 $VESTA/data/sessions + +# Generating vesta configuration +rm -f $VESTA/conf/vesta.conf 2>/dev/null +touch $VESTA/conf/vesta.conf +chmod 660 $VESTA/conf/vesta.conf + +# WEB stack +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='8080'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='8443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "PROXY_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "PROXY_PORT='80'" >> $VESTA/conf/vesta.conf + echo "PROXY_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'no' ] && [ "$nginx" = 'yes' ]; then + echo "WEB_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='openssl'" >> $VESTA/conf/vesta.conf + if [ "$release" -eq 9 ]; then + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf + fi + else + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php5-fpm'" >> $VESTA/conf/vesta.conf + fi + fi + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf fi -# Apache configuration -wget $CHOST/$VERSION/apache2.conf -O /etc/apache2/apache2.conf -wget $CHOST/$VERSION/apache2-status.conf \ - -O /etc/apache2/mods-enabled/status.conf -wget $CHOST/$VERSION/apache2.log -O /etc/logrotate.d/apache2 -rm -f /etc/apache2/conf.d/vesta.conf -echo > /etc/apache2/conf.d/vesta.conf -echo "# Powered by vesta" > /etc/apache2/sites-available/default -echo "# Powered by vesta" > /etc/apache2/sites-available/default-ssl -echo "# Powered by vesta" > /etc/apache2/ports.conf -touch /var/log/apache2/access.log -touch /var/log/apache2/error.log -mkdir -p /var/log/apache2/domains -chmod a+x /var/log/apache2 -chmod 640 /var/log/apache2/access.log -chmod 640 /var/log/apache2/error.log -chmod 751 /var/log/apache2/domains -a2enmod rewrite -a2enmod suexec -a2enmod ssl -a2enmod actions -a2enmod ruid2 -echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data -update-rc.d apache2 defaults -service apache2 stop > /dev/null 2>&1 -service apache2 start -if [ "$?" -ne 0 ]; then - echo "Error: apache2 start failed" - exit 1 +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo "FTP_SYSTEM='vsftpd'" >> $VESTA/conf/vesta.conf +fi +if [ "$proftpd" = 'yes' ]; then + echo "FTP_SYSTEM='proftpd'" >> $VESTA/conf/vesta.conf fi -# Vsftpd configuration -wget $CHOST/$VERSION/vsftpd.conf -O /etc/vsftpd.conf -update-rc.d vsftpd defaults -service vsftpd stop > /dev/null 2>&1 -service vsftpd start -if [ "$?" -ne 0 ]; then - echo "Error: vsftpd start failed" - exit 1 +# DNS stack +if [ "$named" = 'yes' ]; then + echo "DNS_SYSTEM='bind9'" >> $VESTA/conf/vesta.conf fi -# Generating MySQL password if it wasn't set -if [ -z "$mpass" ]; then +# Mail stack +if [ "$exim" = 'yes' ]; then + echo "MAIL_SYSTEM='exim4'" >> $VESTA/conf/vesta.conf + if [ "$clamd" = 'yes' ]; then + echo "ANTIVIRUS_SYSTEM='clamav-daemon'" >> $VESTA/conf/vesta.conf + fi + if [ "$spamd" = 'yes' ]; then + echo "ANTISPAM_SYSTEM='spamassassin'" >> $VESTA/conf/vesta.conf + fi + if [ "$dovecot" = 'yes' ]; then + echo "IMAP_SYSTEM='dovecot'" >> $VESTA/conf/vesta.conf + fi +fi + +# CRON daemon +echo "CRON_SYSTEM='cron'" >> $VESTA/conf/vesta.conf + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo "FIREWALL_EXTENSION='fail2ban'" >> $VESTA/conf/vesta.conf +fi + +# Disk quota +if [ "$quota" = 'yes' ]; then + echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf +fi + +# Backups +echo "BACKUP_SYSTEM='local'" >> $VESTA/conf/vesta.conf + +# Language +echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf + +# Version +echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf + +# Installing hosting packages +cp -rf $vestacp/packages $VESTA/data/ + +# Installing templates +cp -rf $vestacp/templates $VESTA/data/ + +# Copying index.html to default documentroot +cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/ +sed -i 's/%domain%/It worked!/g' /var/www/index.html + +# Installing firewall rules +cp -rf $vestacp/firewall $VESTA/data/ + +# Configuring server hostname +$VESTA/bin/v-change-sys-hostname $servername 2>/dev/null + +# Generating SSL certificate +$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ + 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem + +# Parsing certificate file +crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) +key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) +key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) + +# Adding SSL certificate +cd $VESTA/ssl +sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt +sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key +chown root:mail $VESTA/ssl/* +chmod 660 $VESTA/ssl/* +rm /tmp/vst.pem + + +#----------------------------------------------------------# +# Configure Nginx # +#----------------------------------------------------------# + +if [ "$nginx" = 'yes' ]; then + rm -f /etc/nginx/conf.d/*.conf + cp -f $vestacp/nginx/nginx.conf /etc/nginx/ + cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/ + cp -f $vestacp/nginx/phpmyadmin.inc /etc/nginx/conf.d/ + cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/ + cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/ + cp -f $vestacp/logrotate/nginx /etc/logrotate.d/ + echo > /etc/nginx/conf.d/vesta.conf + mkdir -p /var/log/nginx/domains + update-rc.d nginx defaults + service nginx start + check_result $? "nginx start failed" +fi + + +#----------------------------------------------------------# +# Configure Apache # +#----------------------------------------------------------# + +if [ "$apache" = 'yes' ]; then + cp -f $vestacp/apache2/apache2.conf /etc/apache2/ + cp -f $vestacp/apache2/status.conf /etc/apache2/mods-enabled/ + cp -f $vestacp/logrotate/apache2 /etc/logrotate.d/ + a2enmod rewrite + a2enmod suexec + a2enmod ssl + a2enmod actions + a2enmod ruid2 + a2enmod headers + mkdir -p /etc/apache2/conf.d + echo > /etc/apache2/conf.d/vesta.conf + echo "# Server control panel by VESTA" > /etc/apache2/sites-available/default + echo "# Server control panel by VESTA" > /etc/apache2/sites-available/default-ssl + echo "# Server control panel by VESTA" > /etc/apache2/ports.conf + echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data + touch /var/log/apache2/access.log /var/log/apache2/error.log + mkdir -p /var/log/apache2/domains + chmod a+x /var/log/apache2 + chmod 640 /var/log/apache2/access.log /var/log/apache2/error.log + chmod 751 /var/log/apache2/domains + update-rc.d apache2 defaults + service apache2 start + check_result $? "apache2 start failed" +else + update-rc.d apache2 disable >/dev/null 2>&1 + service apache2 stop >/dev/null 2>&1 +fi + + +#----------------------------------------------------------# +# Configure PHP-FPM # +#----------------------------------------------------------# + +if [ "$phpfpm" = 'yes' ]; then + if [ "$release" -eq 9 ]; then + cp -f $vestacp/php-fpm/www.conf /etc/php/7.0/fpm/pool.d/www.conf + update-rc.d php7.0-fpm defaults + service php7.0-fpm start + check_result $? "php-fpm start failed" + else + cp -f $vestacp/php5-fpm/www.conf /etc/php5/fpm/pool.d/www.conf + update-rc.d php5-fpm defaults + service php5-fpm start + check_result $? "php-fpm start failed" + fi +fi + + +#----------------------------------------------------------# +# Configure PHP # +#----------------------------------------------------------# + +ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}') +if [ -z "$ZONE" ]; then + ZONE='UTC' +fi +for pconf in $(find /etc/php* -name php.ini); do + sed -i "s/;date.timezone =/date.timezone = $ZONE/g" $pconf + sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf +done + + +#----------------------------------------------------------# +# Configure VSFTPD # +#----------------------------------------------------------# + +if [ "$vsftpd" = 'yes' ]; then + cp -f $vestacp/vsftpd/vsftpd.conf /etc/ + update-rc.d vsftpd defaults + service vsftpd start + check_result $? "vsftpd start failed" + + # To be deleted after release 0.9.8-18 + echo "/sbin/nologin" >> /etc/shells +fi + + +#----------------------------------------------------------# +# Configure ProFTPD # +#----------------------------------------------------------# + +if [ "$proftpd" = 'yes' ]; then + echo "127.0.0.1 $servername" >> /etc/hosts + cp -f $vestacp/proftpd/proftpd.conf /etc/proftpd/ + update-rc.d proftpd defaults + service proftpd start + check_result $? "proftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure MySQL/MariaDB # +#----------------------------------------------------------# + +if [ "$mysql" = 'yes' ]; then + mycnf="my-small.cnf" + if [ $memory -gt 1200000 ]; then + mycnf="my-medium.cnf" + fi + if [ $memory -gt 3900000 ]; then + mycnf="my-large.cnf" + fi + + # MySQL configuration + cp -f $vestacp/mysql/$mycnf /etc/mysql/my.cnf + mysql_install_db + update-rc.d mysql defaults + service mysql start + check_result $? "mysql start failed" + + # Securing MySQL installation mpass=$(gen_pass) + mysqladmin -u root password $mpass + echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf + chmod 600 /root/.my.cnf + mysql -e "DELETE FROM mysql.user WHERE User=''" + mysql -e "DROP DATABASE test" >/dev/null 2>&1 + mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" + mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" + mysql -e "FLUSH PRIVILEGES" + + # Configuring phpMyAdmin + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/ + ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf + fi + cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/ + chmod 777 /var/lib/phpmyadmin/tmp fi -# MySQL configuration -wget $CHOST/$VERSION/my.cnf -O /etc/mysql/my.cnf -mysql_install_db -update-rc.d mysql defaults -service mysql stop > /dev/null 2>&1 -service mysql start -if [ "$?" -ne 0 ]; then - echo "Error: mysql start failed" - exit 1 -fi -mysqladmin -u root password $mpass -echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf -chmod 600 /root/.my.cnf -mysql -e "DELETE FROM mysql.user WHERE User=''" -mysql -e "DROP DATABASE test" > /dev/null 2>&1 -mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" -mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" -mysql -e "FLUSH PRIVILEGES" +#----------------------------------------------------------# +# Configure PostgreSQL # +#----------------------------------------------------------# -# Bind configuration -wget $CHOST/$VERSION/named.conf -O /etc/bind/named.conf -sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options -chown root:bind /etc/bind/named.conf -chmod 640 /etc/bind/named.conf -update-rc.d bind9 defaults -service bind9 stop > /dev/null 2>&1 -service bind9 start -if [ "$?" -ne 0 ]; then - echo "Error: bind9 start failed" - exit 1 +if [ "$postgresql" = 'yes' ]; then + ppass=$(gen_pass) + cp -f $vestacp/postgresql/pg_hba.conf /etc/postgresql/*/main/ + service postgresql restart + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'" + + # Configuring phpPgAdmin + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/pga/phppgadmin.conf /etc/apache2/conf.d/ + fi + cp -f $vestacp/pga/config.inc.php /etc/phppgadmin/ fi -# Exim -wget $CHOST/$VERSION/exim4.conf.template -O /etc/exim4/exim4.conf.template -if [ "$srv_type" != 'micro' ] && [ "$srv_type" != 'small' ]; then - sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template - sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template -fi -wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim4/dnsbl.conf -wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim4/spam-blocks.conf -touch /etc/exim4/white-blocks.conf -rm -rf /etc/exim4/domains -mkdir -p /etc/exim4/domains -chmod 640 /etc/exim4/exim4.conf.template -gpasswd -a Debian-exim mail -if [ -e /etc/init.d/sendmail ]; then - update-rc.d -f sendmail remove - service sendmail stop -fi -if [ -e /etc/init.d/postfix ]; then - update-rc.d -f postfix remove - service postfix stop -fi -rm -f /etc/alternatives/mta -ln -s /usr/sbin/exim4 /etc/alternatives/mta -update-rc.d exim4 defaults -service exim4 stop > /dev/null 2>&1 -service exim4 start -if [ "$?" -ne 0 ]; then - echo "Error: exim start failed" - exit + +#----------------------------------------------------------# +# Configure Bind # +#----------------------------------------------------------# + +if [ "$named" = 'yes' ]; then + cp -f $vestacp/bind/named.conf /etc/bind/ + sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options + chown root:bind /etc/bind/named.conf + chmod 640 /etc/bind/named.conf + aa-complain /usr/sbin/named 2>/dev/null + echo "/home/** rwm," >> /etc/apparmor.d/local/usr.sbin.named 2>/dev/null + service apparmor status >/dev/null 2>&1 + if [ $? -ne 0 ]; then + service apparmor restart + fi + update-rc.d bind9 defaults + service bind9 start + check_result $? "bind9 start failed" fi -# Dovecot configuration -wget $CHOST/$VERSION/dovecot.conf -O /etc/dovecot/dovecot.conf -cd /etc/dovecot/ -wget $CHOST/$VERSION/dovecot-conf.d.tar.gz -rm -rf conf.d *.ext README -tar -xzf dovecot-conf.d.tar.gz -rm -f dovecot-conf.d.tar.gz -chown -R root:root /etc/dovecot -gpasswd -a dovecot mail -update-rc.d dovecot defaults -service dovecot stop > /dev/null 2>&1 -service dovecot start -if [ "$?" -ne 0 ]; then - echo "Error: dovecot start failed" - exit 1 +#----------------------------------------------------------# +# Configure Exim # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ]; then + gpasswd -a Debian-exim mail + cp -f $vestacp/exim/exim4.conf.template /etc/exim4/ + cp -f $vestacp/exim/dnsbl.conf /etc/exim4/ + cp -f $vestacp/exim/spam-blocks.conf /etc/exim4/ + touch /etc/exim4/white-blocks.conf + + if [ "$spamd" = 'yes' ]; then + sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template + fi + if [ "$clamd" = 'yes' ]; then + sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template + fi + + chmod 640 /etc/exim4/exim4.conf.template + rm -rf /etc/exim4/domains + mkdir -p /etc/exim4/domains + + rm -f /etc/alternatives/mta + ln -s /usr/sbin/exim4 /etc/alternatives/mta + update-rc.d -f sendmail remove > /dev/null 2>&1 + service sendmail stop > /dev/null 2>&1 + update-rc.d -f postfix remove > /dev/null 2>&1 + service postfix stop > /dev/null 2>&1 + + update-rc.d exim4 defaults + service exim4 start + check_result $? "exim4 start failed" fi -# ClamAV configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - wget $CHOST/$VERSION/clamd.conf -O /etc/clamav/clamd.conf + +#----------------------------------------------------------# +# Configure Dovecot # +#----------------------------------------------------------# + +if [ "$dovecot" = 'yes' ]; then + gpasswd -a dovecot mail + cp -rf $vestacp/dovecot /etc/ + cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/ + chown -R root:root /etc/dovecot* + if [ "$release" -eq 9 ]; then + sed -i "s#namespace inbox {#namespace inbox {\n inbox = yes#" /etc/dovecot/conf.d/15-mailboxes.conf + fi + update-rc.d dovecot defaults + service dovecot start + check_result $? "dovecot start failed" +fi + + +#----------------------------------------------------------# +# Configure ClamAV # +#----------------------------------------------------------# + +if [ "$clamd" = 'yes' ]; then gpasswd -a clamav mail gpasswd -a clamav Debian-exim + cp -f $vestacp/clamav/clamd.conf /etc/clamav/ /usr/bin/freshclam update-rc.d clamav-daemon defaults - service clamav-daemon stop > /dev/null 2>&1 - service clamav-daemon start - if [ "$?" -ne 0 ]; then - echo "Error: clamav start failed" - exit 1 + if [ ! -d "/var/run/clamav" ]; then + mkdir /var/run/clamav fi + chown -R clamav:clamav /var/run/clamav + if [ -e "/lib/systemd/system/clamav-daemon.service" ]; then + exec_pre1='ExecStartPre=-/bin/mkdir -p /var/run/clamav' + exec_pre2='ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamav' + sed -i "s|\[Service\]/|[Service]\n$exec_pre1\n$exec_pre2|g" \ + /lib/systemd/system/clamav-daemon.service + systemctl daemon-reload + fi + service clamav-daemon start + check_result $? "clamav-daeom start failed" fi -# SpamAssassin configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then + +#----------------------------------------------------------# +# Configure SpamAssassin # +#----------------------------------------------------------# + +if [ "$spamd" = 'yes' ]; then update-rc.d spamassassin defaults sed -i "s/ENABLED=0/ENABLED=1/" /etc/default/spamassassin - service spamassassin stop > /dev/null 2>&1 service spamassassin start - if [ "$?" -ne 0 ]; then - echo "Error: spamassassin start failed" - exit 1 + check_result $? "spamassassin start failed" + unit_files="$(systemctl list-unit-files |grep spamassassin)" + if [[ "$unit_files" =~ "disabled" ]]; then + systemctl enable spamassassin fi fi -# Fail2ban configuration -if [ -z "$disable_fail2ban" ]; then - cd /etc - wget $CHOST/$VERSION/fail2ban.tar.gz -O fail2ban.tar.gz - tar -xzf fail2ban.tar.gz - rm -f fail2ban.tar.gz - chkconfig fail2ban on - service fail2ban start -else - sed -i "s/fail2ban//" $VESTA/conf/vestac.conf + +#----------------------------------------------------------# +# Configure RoundCube # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/roundcube/apache.conf /etc/roundcube/ + ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf + fi + cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/ + cp -f $vestacp/roundcube/db.inc.php /etc/roundcube/ + chmod 640 /etc/roundcube/debian-db-roundcube.php + chmod 640 /etc/roundcube/config.inc.php + chown root:www-data /etc/roundcube/debian-db-roundcube.php + chown root:www-data /etc/roundcube/config.inc.php + cp -f $vestacp/roundcube/vesta.php \ + /usr/share/roundcube/plugins/password/drivers/ + cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/ + r="$(gen_pass)" + mysql -e "CREATE DATABASE roundcube" + mysql -e "GRANT ALL ON roundcube.* + TO roundcube@localhost IDENTIFIED BY '$r'" + sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php + sed -i "s/localhost/$servername/g" \ + /etc/roundcube/plugins/password/config.inc.php + mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql + chmod a+r /etc/roundcube/main.inc.php + if [ "$release" -eq 8 ] || [ "$release" -eq 9 ]; then + mv -f /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php + mv -f /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php + chmod 640 /etc/roundcube/debian-db-roundcube.php + chmod 640 /etc/roundcube/config.inc.php + chown root:www-data /etc/roundcube/debian-db-roundcube.php + chown root:www-data /etc/roundcube/config.inc.php + fi + if [ "$release" -eq 8 ]; then + # RoundCube tinyMCE fix + tinymceFixArchiveURL=$vestacp/roundcube/roundcube-tinymce.tar.gz + tinymceParentFolder=/usr/share/roundcube/program/js + tinymceFolder=$tinymceParentFolder/tinymce + tinymceBadJS=$tinymceFolder/tiny_mce.js + tinymceFixArchive=$tinymceParentFolder/roundcube-tinymce.tar.gz + if [[ -L "$tinymceFolder" && -d "$tinymceFolder" ]]; then + if [ -f "$tinymceBadJS" ]; then + wget $tinymceFixArchiveURL -O $tinymceFixArchive + if [[ -f "$tinymceFixArchive" && -s "$tinymceFixArchive" ]] + then + rm $tinymceFolder + tar -xzf $tinymceFixArchive -C $tinymceParentFolder + rm $tinymceFixArchive + chown -R root:root $tinymceFolder + else + echo -n "File roundcube-tinymce.tar.gz is not downloaded," + echo "RoundCube tinyMCE fix is not applied" + rm $tinymceFixArchive + fi + fi + fi + + fi fi -# php configuration -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php5/apache2/php.ini -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php5/cli/php.ini -# phpMyAdmin configuration -wget $CHOST/$VERSION/apache2-pma.conf -O /etc/phpmyadmin/apache.conf -wget $CHOST/$VERSION/pma.conf -O /etc/phpmyadmin/config.inc.php -ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf -mv -f /etc/phpmyadmin/config-db.php /etc/phpmyadmin/config-db.php_ -chmod 777 /var/lib/phpmyadmin/tmp -# Roundcube configuration -wget $CHOST/$VERSION/apache2-webmail.conf -O /etc/roundcube/apache.conf -wget $CHOST/$VERSION/roundcube-main.conf -O /etc/roundcube/main.inc.php -wget $CHOST/$VERSION/roundcube-db.conf -O /etc/roundcube/db.inc.php -wget $CHOST/$VERSION/roundcube-driver.php -O \ - /usr/share/roundcube/plugins/password/drivers/vesta.php -wget $CHOST/$VERSION/roundcube-pw.conf -O \ - /etc/roundcube/plugins/password/config.inc.php -r="$(gen_pass)" -mysql -e "DROP DATABASE roundcube" > /dev/null 2>&1 -mysql -e "CREATE DATABASE roundcube" -mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" -sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php -mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql -mkdir -p /var/log/roundcube/error -chmod -R 777 /var/log/roundcube +#----------------------------------------------------------# +# Configure Fail2Ban # +#----------------------------------------------------------# -# Deleting old admin user account if exists +if [ "$fail2ban" = 'yes' ]; then + cp -rf $vestacp/fail2ban /etc/ + if [ "$dovecot" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$exim" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$vsftpd" = 'yes' ]; then + #Create vsftpd Log File + if [ ! -f "/var/log/vsftpd.log" ]; then + touch /var/log/vsftpd.log + fi + fline=$(cat /etc/fail2ban/jail.local |grep -n vsftpd-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local + fi + update-rc.d fail2ban defaults + service fail2ban start + check_result $? "fail2ban start failed" +fi + + +#----------------------------------------------------------# +# Configure Admin User # +#----------------------------------------------------------# + +# Deleting old admin user if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then chattr -i /home/admin/conf > /dev/null 2>&1 - userdel -f admin - chattr -i /home/admin/conf - mv -f /home/admin $vst_backups/home/ - rm -f /tmp/sess_* + userdel -f admin >/dev/null 2>&1 + chattr -i /home/admin/conf >/dev/null 2>&1 + mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1 + rm -f /tmp/sess_* >/dev/null 2>&1 fi if [ ! -z "$(grep ^admin: /etc/group)" ]; then groupdel admin > /dev/null 2>&1 fi -# Generating admin password if it wasn't set -if [ -z "$vpass" ]; then - vpass=$(gen_pass) -fi - -# Adding admin account +# Adding vesta account $VESTA/bin/v-add-user admin $vpass $email default System Administrator -if [ $? -ne 0 ]; then - echo "Error: can't create admin user" - exit 1 -fi +check_result $? "can't create admin user" $VESTA/bin/v-change-user-shell admin bash -$VESTA/bin/v-change-user-language admin en +$VESTA/bin/v-change-user-language admin $lang -# Configure mysql host -$VESTA/bin/v-add-database-host mysql localhost root $mpass -$VESTA/bin/v-add-database admin default default $(gen_pass) mysql +# RoundCube permissions fix +if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then + if [ ! -d "/var/log/roundcube" ]; then + mkdir /var/log/roundcube + fi + chown admin:admin /var/log/roundcube +fi # Configuring system ips $VESTA/bin/v-update-sys-ip # Get main ip -main_ip=$(ifconfig |grep 'inet addr:' |grep -v 127.0.0.1 |head -n1 | \ - cut -f2 -d: | cut -f1 -d ' ') +ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/) +local_ip=$ip -# Get remote ip -vst_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) -if [ ! -z "$vst_ip" ] && [ "$vst_ip" != "$main_ip" ]; then - # Set NAT association - $VESTA/bin/v-change-sys-ip-nat $main_ip $vst_ip -fi -if [ -z "$vst_ip" ]; then - vst_ip=$main_ip +# Firewall configuration +if [ "$iptables" = 'yes' ]; then + $VESTA/bin/v-update-firewall fi -# Add default web domain -$VESTA/bin/v-add-web-domain admin default.domain $vst_ip +# Get public ip +pub_ip=$(curl -s vestacp.com/what-is-my-ip/) -# Add default dns domain -$VESTA/bin/v-add-dns-domain admin default.domain $vst_ip +if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then + $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip + ip=$pub_ip +fi -# Add default mail domain -$VESTA/bin/v-add-mail-domain admin default.domain +# Configuring libapache2-mod-remoteip +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + cd /etc/apache2/mods-available + echo "" > remoteip.conf + echo " RemoteIPHeader X-Real-IP" >> remoteip.conf + if [ "$local_ip" != "127.0.0.1" ] && [ "$pub_ip" != "127.0.0.1" ]; then + echo " RemoteIPInternalProxy 127.0.0.1" >> remoteip.conf + fi + if [ ! -z "$local_ip" ] && [ "$local_ip" != "$pub_ip" ]; then + echo " RemoteIPInternalProxy $local_ip" >> remoteip.conf + fi + if [ ! -z "$pub_ip" ]; then + echo " RemoteIPInternalProxy $pub_ip" >> remoteip.conf + fi + echo "" >> remoteip.conf + sed -i "s/LogFormat \"%h/LogFormat \"%a/g" /etc/apache2/apache2.conf + a2enmod remoteip + service apache2 restart +fi -# Configuring cron jobs -command='sudo /usr/local/vesta/bin/v-update-sys-queue disk' +# Configuring mysql host +if [ "$mysql" = 'yes' ]; then + $VESTA/bin/v-add-database-host mysql localhost root $mpass + $VESTA/bin/v-add-database admin default default $(gen_pass) mysql +fi + +# Configuring pgsql host +if [ "$postgresql" = 'yes' ]; then + $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass + $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql +fi + +# Adding default domain +$VESTA/bin/v-add-domain admin $servername +check_result $? "can't create $servername domain" + +# Adding cron jobs +command="sudo $VESTA/bin/v-update-sys-queue disk" $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-queue traffic' +command="sudo $VESTA/bin/v-update-sys-queue traffic" $VESTA/bin/v-add-cron-job 'admin' '10' '00' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-queue webstats' +command="sudo $VESTA/bin/v-update-sys-queue webstats" $VESTA/bin/v-add-cron-job 'admin' '30' '03' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-queue backup' +command="sudo $VESTA/bin/v-update-sys-queue backup" $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-backup-users' +command="sudo $VESTA/bin/v-backup-users" $VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-user-stats' +command="sudo $VESTA/bin/v-update-user-stats" $VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-rrd' +command="sudo $VESTA/bin/v-update-sys-rrd" $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" +service cron restart # Building inititall rrd images $VESTA/bin/v-update-sys-rrd -# Enable file system quota +# Enabling file system quota if [ "$quota" = 'yes' ]; then $VESTA/bin/v-add-sys-quota fi -# Start system service -update-rc.d vesta defaults -service vesta stop > /dev/null 2>&1 -service vesta start -if [ "$?" -ne 0 ]; then - echo "Error: vesta start failed" - exit 1 +# Enabling softaculous plugin +if [ "$softaculous" = 'yes' ]; then + $VESTA/bin/v-add-vesta-softaculous fi -# Send notification to vestacp.com -wget vestacp.com/notify/?$codename -O /dev/null +# Starting vesta service +update-rc.d vesta defaults +service vesta start +check_result $? "vesta start failed" +chown admin:admin $VESTA/data/sessions -# Send notification to admin email +# Adding notifications +$VESTA/upd/add_notifications.sh + +# Adding cronjob for autoupdates +$VESTA/bin/v-add-cron-vesta-autoupdate + +if [ "$port" != "8083" ]; then + echo "=== Set Vesta port: $port" + $VESTA/bin/v-change-vesta-port $port +fi + +echo "NOTIFY_ADMIN_FULL_BACKUP='$email'" >> $VESTA/conf/vesta.conf + +#----------------------------------------------------------# +# Vesta Access Info # +#----------------------------------------------------------# + +# Comparing hostname and ip + +if [ "$ssl" = 'no' ]; then +host_ip=$(host $servername |head -n 1 |awk '{print $NF}') +if [ "$host_ip" = "$ip" ]; then + ip="$servername" +fi +fi + +if [ "$ssl" = 'yes' ]; then +make_ssl=0 +host_ip=$(host $servername | head -n 1 | awk '{print $NF}') +if [ "$host_ip" != "$pub_ip" ]; then + echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)" + echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname." + echo "Try to setup an A record in your DNS, pointing your hostname $servername to IP address $ip and then press ENTER." + echo "(or register ns1.$servername and ns2.$servername as DNS Nameservers and put those Nameservers on $servername domain)" + echo "If we detect that hostname is still not pointing to your IP, installer will not add LetsEncrypt SSL certificate to your hosting panel (unsigned SSL will be used instead)." + read -p "To force to try anyway to add LetsEncrypt, press f and then ENTER." answer + host_ip=$(host $servername | head -n 1 | awk '{print $NF}') +fi +if [ "$answer" = "f" ]; then + make_ssl=1 +fi +if [ "$host_ip" = "$ip" ]; then + ip="$servername" + make_ssl=1 +fi + +if [ $make_ssl -eq 1 ]; then + # Check if www is also pointing to our IP + www_host="www.$servername" + www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}') + if [ "$www_host_ip" != "$pub_ip" ]; then + if [ "$named" = 'yes' ]; then + echo "=== Deleting www to server hostname" + $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no' + $VESTA/bin/v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no' + fi + www_host="" + fi +fi + +echo "===" +echo "Hostname $servername is pointing to $host_ip" + +if [ $make_ssl -eq 1 ]; then + echo "=== Generating HOSTNAME SSL" + $VESTA/bin/v-add-letsencrypt-domain 'admin' "$servername" "$www_host" 'yes' + $VESTA/bin/v-update-host-certificate 'admin' "$servername" +else + echo "We will not generate SSL because of this" +fi +echo "===" +echo "UPDATE_HOSTNAME_SSL='yes'" >> $VESTA/conf/vesta.conf +fi + +# Sending notification to admin email echo -e "Congratulations, you have just successfully installed \ -the Vesta Control Panel +Vesta Control Panel -You can login in Vesta with following credentials: + https://$ip:$port username: admin password: $vpass - https://$vst_ip:8083 We hope that you enjoy your installation of Vesta. Please \ feel free to contact us anytime if you have any questions. @@ -875,12 +1469,10 @@ vestacp.com team send_mail="$VESTA/web/inc/mail-wrapper.php" cat $tmpfile | $send_mail -s "Vesta Control Panel" $email -rm -f $tmpfile # Congrats echo '=======================================================' echo -echo echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' echo ' _| _| _| _| _| _| _| ' echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' @@ -888,20 +1480,7 @@ echo ' _| _| _| _| _| _| _| ' echo ' _| _|_|_|_| _|_|_| _| _| _| ' echo echo -echo '-------------------------------' -echo " https://$vst_ip:8083" -echo ' username: admin' -echo " password: $vpass" -echo '-------------------------------' -echo -echo -echo 'Congratulations,' -echo 'you have successfully installed Vesta Control Panel.' -echo -echo +cat $tmpfile +rm -f $tmpfile -# Tricky way to get new PATH variable -cd -bash - -#EOF +# EOF diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh old mode 100644 new mode 100755 index c2b6e08ec..140317182 --- a/install/vst-install-rhel.sh +++ b/install/vst-install-rhel.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Vesta RHEL/CentOS installer v.04 +# Vesta RHEL/CentOS installer v.05 #----------------------------------------------------------# # Variables&Functions # @@ -9,35 +9,71 @@ export PATH=$PATH:/sbin RHOST='r.vestacp.com' CHOST='c.vestacp.com' REPO='cmmnt' -VERSION='0.9.8/rhel' -YUM_REPO='/etc/yum.repos.d/vesta.repo' -software="nginx httpd mod_ssl mod_ruid2 mod_extract_forwarded mod_fcgid - php php-bcmath php-cli php-common php-gd php-imap php-mbstring php-mcrypt - php-mysql php-pdo php-soap php-tidy php-xml php-xmlrpc quota e2fsprogs - phpMyAdmin awstats webalizer vsftpd mysql mysql-server exim dovecot clamd - spamassassin curl roundcubemail bind bind-utils bind-libs mc screen ftp - libpng libjpeg libmcrypt mhash zip unzip openssl flex rssh libxml2 - ImageMagick sqlite pcre sudo bc jwhois mailx lsof tar telnet rrdtool - fail2ban GeoIP freetype ntp openssh-clients vesta vesta-nginx vesta-php" +VERSION='rhel' +VESTA='/usr/local/vesta' +memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) +arch=$(uname -i) +os=$(cut -f 1 -d ' ' /etc/redhat-release) +release=$(grep -o "[0-9]" /etc/redhat-release |head -n1) +codename="${os}_$release" +vestacp="$VESTA/install/$VERSION/$release" -# Help +# Defining software pack for all distros +software="nginx awstats bc bind bind-libs bind-utils clamav-server clamav-update + curl dovecot e2fsprogs exim expect fail2ban flex freetype ftp GeoIP httpd + ImageMagick iptables-services jwhois lsof mailx mariadb mariadb-server mc + mod_fcgid mod_ruid2 mod_ssl net-tools ntp openssh-clients pcre php + php-bcmath php-cli php-common php-fpm php-gd php-imap php-mbstring + php-mcrypt phpMyAdmin php-mysql php-pdo phpPgAdmin php-pgsql php-soap + php-tidy php-xml php-xmlrpc postgresql postgresql-contrib + postgresql-server proftpd roundcubemail rrdtool rsyslog screen + spamassassin sqlite sudo tar telnet unzip vesta vesta-ioncube vesta-nginx + vesta-php vesta-softaculous vim-common vsftpd webalizer which zip" + +# Fix for old releases +if [ "$release" -lt 7 ]; then + software=$(echo "$software" |sed -e "s/mariadb/mysql/g") + software=$(echo "$software" |sed -e "s/clamav-server/clamd/") + software=$(echo "$software" |sed -e "s/clamav-update//") + software=$(echo "$software" |sed -e "s/iptables-services//") + software="$software mod_extract_forwarded" +fi + +# Defining help function help() { - echo "usage: $0 [OPTIONS] - -h, --help Print this help and exit - -f, --force Force installation - -i, --disable-iptables Disable iptables support - -b, --disable-fail2ban Disable fail2ban protection - -d, --disable-remi Disable remi repository - -n, --noupdate Do not run yum update command - -s, --hostname Set server hostname - -e, --email Set email address - -p, --password Set admin password instead of generating it - -m, --mysql-password Set MySQL password instead of generating it - -q, --quota Enable File System Quota" + echo "Usage: $0 [OPTIONS] + -a, --apache Install Apache [yes|no] default: yes + -n, --nginx Install Nginx [yes|no] default: yes + -w, --phpfpm Install PHP-FPM [yes|no] default: no + -v, --vsftpd Install Vsftpd [yes|no] default: yes + -j, --proftpd Install ProFTPD [yes|no] default: no + -k, --named Install Bind [yes|no] default: yes + -m, --mysql Install MySQL [yes|no] default: yes + -g, --postgresql Install PostgreSQL [yes|no] default: no + -x, --exim Install Exim [yes|no] default: yes + -z, --dovecot Install Dovecot [yes|no] default: yes + -c, --clamav Install ClamAV [yes|no] default: yes + -t, --spamassassin Install SpamAssassin [yes|no] default: yes + -i, --iptables Install Iptables [yes|no] default: yes + -b, --fail2ban Install Fail2ban [yes|no] default: yes + -r, --remi Install Remi repo [yes|no] default: yes + -o, --softaculous Install Softaculous [yes|no] default: yes + -q, --quota Filesystem Quota [yes|no] default: no + -l, --lang Default language default: en + -y, --interactive Interactive install [yes|no] default: yes + -s, --hostname Set hostname + -u, --ssl Add LE SSL for hostname [yes|no] default: no + -e, --email Set admin email + -d, --port Set Vesta port + -p, --password Set admin password + -f, --force Force installation + -h, --help Print this help + + Example: bash $0 -e demo@vestacp.com -p p4ssw0rd --apache no --phpfpm yes" exit 1 } -# Password generator +# Defining password-gen function gen_pass() { MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' LENGTH=10 @@ -48,6 +84,40 @@ gen_pass() { echo "$PASS" } +# Defining return code check function +check_result() { + if [ $1 -ne 0 ]; then + echo "Error: $2" + exit $1 + fi +} + +# Defining function to set default value +set_default_value() { + eval variable=\$$1 + if [ -z "$variable" ]; then + eval $1=$2 + fi + if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then + eval $1=$2 + fi +} + +# Defining function to set default language value +set_default_lang() { + if [ -z "$lang" ]; then + eval lang=$1 + fi + lang_list=" + ar cz el fa hu ja no pt se ua + bs da en fi id ka pl ro tr vi + cn de es fr it nl pt-BR ru tw + bg ko sr th ur" + if !(echo $lang_list |grep -w $lang 1>&2>/dev/null); then + eval lang=$1 + fi +} + #----------------------------------------------------------# # Verifications # @@ -57,103 +127,144 @@ gen_pass() { for arg; do delim="" case "$arg" in - --help) args="${args}-h " ;; - --force) args="${args}-f " ;; - --disable-fail2ban) args="${args}-b " ;; - --disable-remi) args="${args}-d " ;; - --disable-iptables) args="${args}-i " ;; - --noupdate) args="${args}-n " ;; - --hostname) args="${args}-s " ;; - --email) args="${args}-e " ;; - --password) args="${args}-p " ;; - --mysql-password) args="${args}-m " ;; + --apache) args="${args}-a " ;; + --nginx) args="${args}-n " ;; + --phpfpm) args="${args}-w " ;; + --vsftpd) args="${args}-v " ;; + --proftpd) args="${args}-j " ;; + --named) args="${args}-k " ;; + --mysql) args="${args}-m " ;; + --postgresql) args="${args}-g " ;; + --exim) args="${args}-x " ;; + --dovecot) args="${args}-z " ;; + --clamav) args="${args}-c " ;; + --spamassassin) args="${args}-t " ;; + --iptables) args="${args}-i " ;; + --fail2ban) args="${args}-b " ;; + --remi) args="${args}-r " ;; + --softaculous) args="${args}-o " ;; --quota) args="${args}-q " ;; - *) [[ "${arg:0:1}" == "-" ]] || delim="\"" - args="${args}${delim}${arg}${delim} ";; + --lang) args="${args}-l " ;; + --interactive) args="${args}-y " ;; + --hostname) args="${args}-s " ;; + --ssl) args="${args}-u " ;; + --email) args="${args}-e " ;; + --port) args="${args}-d " ;; + --password) args="${args}-p " ;; + --force) args="${args}-f " ;; + --help) args="${args}-h " ;; + *) [[ "${arg:0:1}" == "-" ]] || delim="\"" + args="${args}${delim}${arg}${delim} ";; esac done eval set -- "$args" -# Getopt -while getopts "hfibdnqe:m:p:s:" Option; do +# Parsing arguments +while getopts "a:n:w:v:j:k:m:g:x:z:c:t:i:b:r:o:q:l:y:s:u:e:d:p:fh" Option; do case $Option in - h) help ;; # Help - f) force='yes' ;; # Force install - i) disable_iptables='yes' ;; # Disable iptables - b) disable_fail2ban='yes' ;; # Disable fail2ban - d) disable_remi='yes' ;; # Disable remi repo - n) noupdate='yes' ;; # Disable yum update - s) servername=$OPTARG ;; # Server hostname - e) email=$OPTARG ;; # Set email - p) vpass=$OPTARG ;; # Admin password - m) mpass=$OPTARG ;; # MySQL pasword - q) quota='yes' ;; # Enable quota - *) help ;; # Default + a) apache=$OPTARG ;; # Apache + n) nginx=$OPTARG ;; # Nginx + w) phpfpm=$OPTARG ;; # PHP-FPM + v) vsftpd=$OPTARG ;; # Vsftpd + j) proftpd=$OPTARG ;; # Proftpd + k) named=$OPTARG ;; # Named + m) mysql=$OPTARG ;; # MySQL + g) postgresql=$OPTARG ;; # PostgreSQL + d) mongodb=$OPTARG ;; # MongoDB (unsupported) + x) exim=$OPTARG ;; # Exim + z) dovecot=$OPTARG ;; # Dovecot + c) clamd=$OPTARG ;; # ClamAV + t) spamd=$OPTARG ;; # SpamAssassin + i) iptables=$OPTARG ;; # Iptables + b) fail2ban=$OPTARG ;; # Fail2ban + r) remi=$OPTARG ;; # Remi repo + o) softaculous=$OPTARG ;; # Softaculous plugin + q) quota=$OPTARG ;; # FS Quota + l) lang=$OPTARG ;; # Language + y) interactive=$OPTARG ;; # Interactive install + s) servername=$OPTARG ;; # Hostname + u) ssl=$OPTARG ;; # Add Let's Encrypt SSL for hostname + e) email=$OPTARG ;; # Admin email + d) port=$OPTARG ;; # Vesta port + p) vpass=$OPTARG ;; # Admin password + f) force='yes' ;; # Force install + h) help ;; # Help + *) help ;; # Print help (default) esac done -# Am I root? +# Defining default software stack +set_default_value 'nginx' 'yes' +set_default_value 'apache' 'yes' +set_default_value 'phpfpm' 'no' +set_default_value 'vsftpd' 'yes' +set_default_value 'proftpd' 'no' +set_default_value 'named' 'yes' +set_default_value 'mysql' 'yes' +set_default_value 'postgresql' 'no' +set_default_value 'mongodb' 'no' +set_default_value 'exim' 'yes' +set_default_value 'dovecot' 'yes' +if [ $memory -lt 1500000 ]; then + set_default_value 'clamd' 'no' + set_default_value 'spamd' 'no' +else + set_default_value 'clamd' 'yes' + set_default_value 'spamd' 'yes' +fi +set_default_value 'iptables' 'yes' +set_default_value 'fail2ban' 'yes' +set_default_value 'remi' 'yes' +set_default_value 'softaculous' 'yes' +set_default_value 'quota' 'no' +set_default_value 'interactive' 'yes' +set_default_value 'ssl' 'no' +set_default_lang 'en' + +# Checking software conflicts +if [ "$phpfpm" = 'yes' ]; then + apache='no' + nginx='yes' +fi +if [ "$proftpd" = 'yes' ]; then + vsftpd='no' +fi +if [ "$exim" = 'no' ]; then + clamd='no' + spamd='no' + dovecot='no' +fi +if [ "$iptables" = 'no' ]; then + fail2ban='no' +fi + +# Checking root permissions if [ "x$(id -u)" != 'x0' ]; then - echo 'Error: this script can only be executed by root' - exit 1 + check_result 1 "Script can be run executed only by root" fi -# Check supported version -if [ ! -e '/etc/redhat-release' ]; then - echo 'Error: sorry, we currently support RHEL and CentOS only' - exit 1 -fi - -# Check supported OS -arch=$(uname -i) -os=$(cut -f 1 -d ' ' /etc/redhat-release) -release=$(grep -o "[0-9]" /etc/redhat-release |head -n1) -codename="${os}_$release" -if [ $os != 'CentOS' ] && [ $os != 'Red' ]; then - echo 'Error: sorry, we currently support RHEL and CentOS only' - exit -fi - -# Check admin user account -if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" != 'yes' ]; then - echo "Error: user admin exists" - echo +# Checking admin user account +if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then echo 'Please remove admin user account before proceeding.' echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 + echo -e "Example: bash $0 --force\n" + check_result 1 "User admin exists" fi -# Check admin user account -if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" != 'yes' ]; then - echo "Error: user admin exists" - echo - echo 'Please remove admin user account before proceeding.' - echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi - -# Check wget +# Checking wget if [ ! -e '/usr/bin/wget' ]; then yum -y install wget - if [ $? -ne 0 ]; then - echo "Error: can't install wget" - exit 1 - fi + check_result $? "Can't install wget" fi -# Check repo availability -wget -q "$CHOST/$VERSION/vesta.conf" -O /dev/null -if [ $? -ne 0 ]; then - echo "Error: no access to $REPO repository" - exit 1 -fi +# Checking repository availability +wget -q "c.vestacp.com/GPG.txt" -O /dev/null +check_result $? "No access to Vesta repository" -# Check installed packages +# Checking installed packages tmpfile=$(mktemp -p /tmp) rpm -qa > $tmpfile -for pkg in exim bind-9 mysql-server httpd nginx vesta; do +for pkg in exim mysql-server httpd nginx vesta; do if [ ! -z "$(grep $pkg $tmpfile)" ]; then conflicts="$pkg $conflicts" fi @@ -171,92 +282,399 @@ if [ ! -z "$conflicts" ] && [ -z "$force" ]; then echo echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' echo - exit 1 + check_result 1 "Control Panel should be installed on clean server." fi -# Check server type -memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) -if [ "$memory" -lt '350000' ] && [ -z "$force" ]; then - echo "Error: not enough memory to install Vesta Control Panel." - echo -e "\nMinimum RAM required: 350Mb" - echo 'If you want to force installation run this script with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi -srv_type='micro' -if [ "$memory" -gt '1000000' ]; then - srv_type='small' +#----------------------------------------------------------# +# Brief Info # +#----------------------------------------------------------# + +# Printing nice ASCII logo +clear +echo +echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _| _|_|_| _|_| _| _|_|_|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _|_|_|_| _|_|_| _| _| _|' +echo +echo ' Vesta Control Panel' +echo -e "\n\n" + +echo 'The following software will be installed on your system:' + +# Web stack +if [ "$nginx" = 'yes' ]; then + echo ' - Nginx Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo ' - Apache Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo ' - Apache Web Server (as backend)' +fi +if [ "$phpfpm" = 'yes' ]; then + echo ' - PHP-FPM Application Server' fi -if [ "$memory" -gt '3000000' ]; then - srv_type='medium' +# DNS stack +if [ "$named" = 'yes' ]; then + echo ' - Bind DNS Server' fi -if [ "$memory" -gt '7000000' ]; then - srv_type='large' -fi - -# Are you sure ? -if [ -z $email ]; then - clear - echo - echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _|_|_|_| _|_|_| _| _| _| ' - echo - echo ' Vesta Control Panel' - echo - echo - echo 'Following software will be installed on your system:' - echo ' - Nginx frontend web server' - echo ' - Apache application web server' - echo ' - Bind DNS server' - echo ' - Exim mail server' - echo ' - Dovecot IMAP and POP3 server' - if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - echo ' - Clam mail antivirus' - echo ' - SpamAssassin antispam' +# Mail stack +if [ "$exim" = 'yes' ]; then + echo -n ' - Exim Mail Server' + if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ] ; then + echo -n ' + ' + if [ "$clamd" = 'yes' ]; then + echo -n 'ClamAV ' + fi + if [ "$spamd" = 'yes' ]; then + echo -n 'SpamAssassin' + fi fi - echo ' - MySQL database server' - echo ' - Vsftpd FTP server' - echo - echo ' * SELinux and Iptables will be disabled' - echo + echo + if [ "$dovecot" = 'yes' ]; then + echo ' - Dovecot POP3/IMAP Server' + fi +fi - read -p 'Do you want to proceed? [y/n]): ' answer +# Database stack +if [ "$mysql" = 'yes' ]; then + if [ $release -ge '7' ]; then + echo ' - MariaDB Database Server' + else + echo ' - MySQL Database Server' + fi +fi +if [ "$postgresql" = 'yes' ]; then + echo ' - PostgreSQL Database Server' +fi +if [ "$mongodb" = 'yes' ]; then + echo ' - MongoDB Database Server' +fi + +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo ' - Vsftpd FTP Server' +fi +if [ "$proftpd" = 'yes' ]; then + echo ' - ProFTPD FTP Server' +fi + +# LE SSL for hostname +if [ "$ssl" = 'yes' ]; then + echo ' - LE SSL for hostname' +fi + +# Softaculous +if [ "$softaculous" = 'yes' ]; then + echo ' - Softaculous Plugin' +fi + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo -n ' - Iptables Firewall' +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo -n ' + Fail2Ban' +fi +echo -e "\n\n" + +# Asking for confirmation to proceed +if [ "$interactive" = 'yes' ]; then + read -p 'Would you like to continue [y/n]: ' answer if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then echo 'Goodbye' exit 1 fi - # Define email - read -p 'Please enter valid email address: ' email + # Asking for contact email + if [ -z "$email" ]; then + read -p 'Please enter admin email address: ' email + fi - # Define server hostname + # Asking for Vesta port + if [ -z "$port" ]; then + read -p 'Please enter Vesta port number (press enter for 8083): ' port + fi + + # Asking to set FQDN hostname if [ -z "$servername" ]; then - read -p "Please enter hostname [$(hostname)]: " servername + read -p "Please enter FQDN hostname [$(hostname -f)]: " servername fi fi -# Validate email -local_part=$(echo $email | cut -s -f1 -d\@) -remote_host=$(echo $email | cut -s -f2 -d\@) -mx_failed=1 -if [ ! -z "$remote_host" ] && [ ! -z "$local_part" ]; then - /usr/bin/host -t mx "$remote_host" > /dev/null 2>&1 - mx_failed="$?" +# Generating admin password if it wasn't set +if [ -z "$vpass" ]; then + vpass=$(gen_pass) fi -if [ "$mx_failed" -eq 1 ]; then - echo "Error: email $email is not valid" - exit 1 +# Set hostname if it wasn't set +if [ -z "$servername" ]; then + servername=$(hostname -f) fi -# Check for ipv6 on loopback interface -check_lo_ipv6=$(/sbin/ifconfig lo| grep 'inet6 addr') +# Set FQDN if it wasn't set +mask1='(([[:alnum:]](-?[[:alnum:]])*)\.)' +mask2='*[[:alnum:]](-?[[:alnum:]])+\.[[:alnum:]]{2,}' +if ! [[ "$servername" =~ ^${mask1}${mask2}$ ]]; then + if [ ! -z "$servername" ]; then + servername="$servername.example.com" + else + servername="example.com" + fi + echo "127.0.0.1 $servername" >> /etc/hosts +fi + +# Set email if it wasn't set +if [ -z "$email" ]; then + email="admin@$servername" +fi + +# Set port if it wasn't set +if [ -z "$port" ]; then + port="8083" +fi + +# Defining backup directory +vst_backups="/root/vst_install_backups/$(date +%s)" +echo "Installation backup directory: $vst_backups" + +# Printing start message and sleeping for 5 seconds +echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" +sleep 5 + + +#----------------------------------------------------------# +# Checking swap # +#----------------------------------------------------------# + +# Checking swap on small instances +if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then + fallocate -l 1G /swapfile + chmod 600 /swapfile + mkswap /swapfile + swapon /swapfile + echo "/swapfile none swap sw 0 0" >> /etc/fstab +fi + + +#----------------------------------------------------------# +# Install repository # +#----------------------------------------------------------# + +# Updating system +yum -y update +check_result $? 'yum update failed' + +# Installing EPEL repository +yum install epel-release -y +check_result $? "Can't install EPEL repository" + +# Installing Remi repository +if [ "$remi" = 'yes' ] && [ ! -e "/etc/yum.repos.d/remi.repo" ]; then + rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-$release.rpm + check_result $? "Can't install REMI repository" + sed -i "s/enabled=0/enabled=1/g" /etc/yum.repos.d/remi.repo + sed -i "s/enabled=0/enabled=1/g" /etc/yum.repos.d/remi-php81.repo +fi + +# Installing Nginx repository +nrepo="/etc/yum.repos.d/nginx.repo" +echo "[nginx]" > $nrepo +echo "name=nginx repo" >> $nrepo +echo "baseurl=http://nginx.org/packages/centos/$release/\$basearch/" >> $nrepo +echo "gpgcheck=0" >> $nrepo +echo "enabled=1" >> $nrepo + +# Installing Vesta repository +vrepo='/etc/yum.repos.d/vesta.repo' +echo "[vesta]" > $vrepo +echo "name=Vesta - $REPO" >> $vrepo +echo "baseurl=http://$RHOST/$REPO/$release/\$basearch/" >> $vrepo +echo "enabled=1" >> $vrepo +echo "gpgcheck=1" >> $vrepo +echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA" >> $vrepo +wget c.vestacp.com/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA + + +#----------------------------------------------------------# +# Backup # +#----------------------------------------------------------# + +# Creating backup directory tree +mkdir -p $vst_backups +cd $vst_backups +mkdir nginx httpd php php-fpm vsftpd proftpd named exim dovecot clamd \ + spamassassin mysql postgresql mongodb vesta + +# Backup Nginx configuration +service nginx stop > /dev/null 2>&1 +cp -r /etc/nginx/* $vst_backups/nginx > /dev/null 2>&1 + +# Backup Apache configuration +service httpd stop > /dev/null 2>&1 +cp -r /etc/httpd/* $vst_backups/httpd > /dev/null 2>&1 + +# Backup PHP-FPM configuration +service php-fpm stop >/dev/null 2>&1 +cp /etc/php.ini $vst_backups/php > /dev/null 2>&1 +cp -r /etc/php.d $vst_backups/php > /dev/null 2>&1 +cp /etc/php-fpm.conf $vst_backups/php-fpm > /dev/null 2>&1 +mv -f /etc/php-fpm.d/* $vst_backups/php-fpm/ > /dev/null 2>&1 + +# Backup Bind configuration +yum remove bind-chroot > /dev/null 2>&1 +service named stop > /dev/null 2>&1 +cp /etc/named.conf $vst_backups/named >/dev/null 2>&1 + +# Backup Vsftpd configuration +service vsftpd stop > /dev/null 2>&1 +cp /etc/vsftpd/vsftpd.conf $vst_backups/vsftpd >/dev/null 2>&1 + +# Backup ProFTPD configuration +service proftpd stop > /dev/null 2>&1 +cp /etc/proftpd.conf $vst_backups/proftpd >/dev/null 2>&1 + +# Backup Exim configuration +service exim stop > /dev/null 2>&1 +cp -r /etc/exim/* $vst_backups/exim >/dev/null 2>&1 + +# Backup ClamAV configuration +service clamd stop > /dev/null 2>&1 +cp /etc/clamd.conf $vst_backups/clamd >/dev/null 2>&1 +cp -r /etc/clamd.d $vst_backups/clamd >/dev/null 2>&1 + +# Backup SpamAssassin configuration +service spamassassin stop > /dev/null 2>&1 +cp -r /etc/mail/spamassassin/* $vst_backups/spamassassin >/dev/null 2>&1 + +# Backup Dovecot configuration +service dovecot stop > /dev/null 2>&1 +cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1 +cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1 + +# Backup MySQL/MariaDB configuration and data +service mysql stop > /dev/null 2>&1 +service mysqld stop > /dev/null 2>&1 +service mariadb stop > /dev/null 2>&1 +mv /var/lib/mysql $vst_backups/mysql/mysql_datadir >/dev/null 2>&1 +cp /etc/my.cnf $vst_backups/mysql > /dev/null 2>&1 +cp /etc/my.cnf.d $vst_backups/mysql > /dev/null 2>&1 +mv /root/.my.cnf $vst_backups/mysql > /dev/null 2>&1 + +# Backup MySQL/MariaDB configuration and data +service postgresql stop > /dev/null 2>&1 +mv /var/lib/pgsql/data $vst_backups/postgresql/ >/dev/null 2>&1 + +# Backup Vesta +service vesta stop > /dev/null 2>&1 +mv $VESTA/data/* $vst_backups/vesta > /dev/null 2>&1 +mv $VESTA/conf/* $vst_backups/vesta > /dev/null 2>&1 + + +#----------------------------------------------------------# +# Package Excludes # +#----------------------------------------------------------# + +# Excluding packages +if [ "$nginx" = 'no' ]; then + software=$(echo "$software" | sed -e "s/ nginx/ /") +fi +if [ "$apache" = 'no' ]; then + software=$(echo "$software" | sed -e "s/httpd//") + software=$(echo "$software" | sed -e "s/mod_ssl//") + software=$(echo "$software" | sed -e "s/mod_fcgid//") + software=$(echo "$software" | sed -e "s/mod_ruid2//") +fi +if [ "$phpfpm" = 'no' ]; then + software=$(echo "$software" | sed -e "s/php-fpm//") +fi +if [ "$vsftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/vsftpd//") +fi +if [ "$proftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/proftpd//") +fi +if [ "$named" = 'no' ]; then + software=$(echo "$software" | sed -e "s/bind //") +fi +if [ "$exim" = 'no' ]; then + software=$(echo "$software" | sed -e "s/exim//") + software=$(echo "$software" | sed -e "s/dovecot//") + software=$(echo "$software" | sed -e "s/clamd//") + software=$(echo "$software" | sed -e "s/clamav-server//") + software=$(echo "$software" | sed -e "s/clamav-update//") + software=$(echo "$software" | sed -e "s/spamassassin//") + software=$(echo "$software" | sed -e "s/dovecot//") + software=$(echo "$software" | sed -e "s/roundcubemail//") +fi +if [ "$clamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/clamd//") + software=$(echo "$software" | sed -e "s/clamav-server//") + software=$(echo "$software" | sed -e "s/clamav-update//") +fi +if [ "$spamd" = 'no' ]; then + software=$(echo "$software" | sed -e 's/spamassassin//') +fi +if [ "$dovecot" = 'no' ]; then + software=$(echo "$software" | sed -e "s/dovecot//") +fi +if [ "$mysql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/mysql //') + software=$(echo "$software" | sed -e 's/mysql-server//') + software=$(echo "$software" | sed -e 's/mariadb //') + software=$(echo "$software" | sed -e 's/mariadb-server//') + software=$(echo "$software" | sed -e 's/php-mysql//') + software=$(echo "$software" | sed -e 's/phpMyAdmin//') + software=$(echo "$software" | sed -e 's/roundcubemail//') +fi +if [ "$postgresql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/postgresql //') + software=$(echo "$software" | sed -e 's/postgresql-server//') + software=$(echo "$software" | sed -e 's/postgresql-contrib//') + software=$(echo "$software" | sed -e 's/php-pgsql//') + software=$(echo "$software" | sed -e 's/phpPgAdmin//') +fi +if [ "$softaculous" = 'no' ]; then + software=$(echo "$software" | sed -e 's/vesta-softaculous//') +fi +if [ "$iptables" = 'no' ] || [ "$fail2ban" = 'no' ]; then + software=$(echo "$software" | sed -e 's/fail2ban//') +fi + + +#----------------------------------------------------------# +# Install packages # +#----------------------------------------------------------# + +# Installing rpm packages +yum install -y $software +if [ $? -ne 0 ]; then + if [ "$remi" = 'yes' ]; then + yum -y --disablerepo=* \ + --enablerepo="*base,*updates,nginx,epel,vesta,remi*" \ + install $software + else + yum -y --disablerepo=* --enablerepo="*base,*updates,nginx,epel,vesta" \ + install $software + fi +fi +check_result $? "yum install failed" + + +#----------------------------------------------------------# +# Configure system # +#----------------------------------------------------------# + +# Restarting rsyslog +service rsyslog restart > /dev/null 2>&1 + +# Checking ipv6 on loopback interface +check_lo_ipv6=$(/sbin/ip addr | grep 'inet6') check_rc_ipv6=$(grep 'scope global dev lo' /etc/rc.local) if [ ! -z "$check_lo_ipv6)" ] && [ -z "$check_rc_ipv6" ]; then ip addr add ::2/128 scope global dev lo @@ -265,655 +683,778 @@ if [ ! -z "$check_lo_ipv6)" ] && [ -z "$check_rc_ipv6" ]; then chmod a+x /etc/rc.local fi - -#----------------------------------------------------------# -# Install repository # -#----------------------------------------------------------# -# Let's start -echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" -sleep 5 - -# Update system -if [ -z "$noupdate" ]; then - yum -y update - if [ $? -ne 0 ]; then - echo 'Error: yum update failed' - exit 1 - fi -fi - -# Install EPEL repo -if [ ! -e '/etc/yum.repos.d/epel.repo' ]; then - if [ "$release" -eq '5' ]; then - epel="5/$arch/epel-release-5-4.noarch.rpm" - fi - - if [ "$release" -eq '6' ]; then - epel="6/$arch/epel-release-6-8.noarch.rpm" - fi - - rpm -ivh http://dl.fedoraproject.org/pub/epel/$epel - if [ $? -ne 0 ]; then - echo "Error: can't install EPEL repository" - exit 1 - fi -fi - -# Install remi repo -if [ ! -e '/etc/yum.repos.d/remi.repo' ]; then - if [ "$release" -eq '5' ]; then - remi="remi-release-5.rpm" - fi - - if [ "$release" -eq '6' ]; then - remi="remi-release-6.rpm" - fi - - rpm -ivh http://rpms.famillecollet.com/enterprise/$remi - if [ $? -ne 0 ]; then - echo "Error: can't install remi repository" - exit 1 - fi -fi - -# Install nginx repo -if [ ! -e '/etc/yum.repos.d/nginx.repo' ]; then - echo "[nginx]" > /etc/yum.repos.d/nginx.repo - echo "name=nginx repo" >> /etc/yum.repos.d/nginx.repo - echo "baseurl=http://nginx.org/packages/centos/$release/\$basearch/" \ - >> /etc/yum.repos.d/nginx.repo - echo "gpgcheck=0" >> /etc/yum.repos.d/nginx.repo - echo "enabled=1" >> /etc/yum.repos.d/nginx.repo -fi - -# Install vesta repo -echo "[vesta]" > $YUM_REPO -echo "name=Vesta - $REPO" >> $YUM_REPO -echo "baseurl=http://$RHOST/$REPO/$release/\$basearch/" >> $YUM_REPO -echo "enabled=1" >> $YUM_REPO -echo "gpgcheck=1" >> $YUM_REPO -echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA" >> $YUM_REPO -wget $CHOST/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA - - -#----------------------------------------------------------# -# Backups # -#----------------------------------------------------------# - -# Prepare backup tree -vst_backups="/root/vst_install_backups/$(date +%s)" -mkdir -p $vst_backups/nginx -mkdir -p $vst_backups/httpd -mkdir -p $vst_backups/mysql -mkdir -p $vst_backups/exim -mkdir -p $vst_backups/dovecot -mkdir -p $vst_backups/clamd -mkdir -p $vst_backups/spamassassin -mkdir -p $vst_backups/vsftpd -mkdir -p $vst_backups/named -mkdir -p $vst_backups/vesta/admin -mkdir -p $vst_backups/home - -# Backup sudoers -if [ -e '/etc/sudoers' ]; then - cp /etc/sudoers $vst_backups/ -fi - -# Backup nginx -service nginx stop > /dev/null 2>&1 -if [ -e '/etc/nginx/nginx.conf' ]; then - cp -r /etc/nginx/* $vst_backups/nginx/ -fi - -# Backup httpd -service httpd stop > /dev/null 2>&1 -if [ -e '/etc/httpd/conf/httpd.conf' ]; then - cp -r /etc/httpd/* $vst_backups/httpd/ -fi - -# Backup bind -service named stop > /dev/null 2>&1 -if [ -e '/etc/named.conf' ]; then - cp /etc/named.conf $vst_backups/named/ -fi - -# Backup vsftpd -service vsftpd stop > /dev/null 2>&1 -if [ -e '/etc/vsftpd/vsftpd.conf' ]; then - cp /etc/vsftpd/vsftpd.conf $vst_backups/vsftpd/ -fi - -# Backup exim -service exim stop > /dev/null 2>&1 -if [ -e '/etc/exim/exim.conf' ]; then - cp -r /etc/exim/* $vst_backups/exim/ -fi - -# Backup clamav -service clamd stop > /dev/null 2>&1 -if [ -e '/etc/clamd.conf' ]; then - cp /etc/clamd.conf $vst_backups/clamd/ -fi - -# Backup SpamAssassin -service spamassassin stop > /dev/null 2>&1 -if [ -e '/etc/mail/spamassassin' ]; then - cp -r /etc/mail/spamassassin/* $vst_backups/spamassassin/ -fi - -# Backup dovecot -service dovecot stop > /dev/null 2>&1 -if [ -e '/etc/dovecot.conf' ]; then - cp /etc/dovecot.conf $vst_backups/dovecot/ -fi -if [ -e '/etc/dovecot' ]; then - cp -r /etc/dovecot/* $vst_backups/dovecot/ -fi - -# Backup MySQL stuff -service mysqld stop > /dev/null 2>&1 -if [ -e '/var/lib/mysql' ]; then - mv /var/lib/mysql $vst_backups/mysql/mysql_datadir -fi -if [ -e '/etc/my.cnf' ]; then - cp /etc/my.cnf $vst_backups/mysql/ -fi -if [ -e '/root/.my.cnf' ]; then - mv /root/.my.cnf $vst_backups/mysql/ -fi - -# Backup vesta -service vesta stop > /dev/null 2>&1 -if [ -e '/usr/local/vesta/data' ]; then - mv /usr/local/vesta/data $vst_backups/vesta/ -fi - -if [ -e '/usr/local/vesta/conf' ]; then - mv /usr/local/vesta/conf $vst_backups/vesta/ -fi - -if [ -e '/home/admin/conf/' ]; then - mv /home/admin/conf/ $vst_backups/vesta/admin -fi - - -#----------------------------------------------------------# -# Install packages # -#----------------------------------------------------------# - -# Exclude heavy packages -if [ "$srv_type" = 'micro' ]; then - software=$(echo "$software" | sed -e 's/mod_fcgid//') - software=$(echo "$software" | sed -e 's/clamd//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -if [ "$srv_type" = 'small' ]; then - software=$(echo "$software" | sed -e 's/clamd//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -# Exclude fail2ban -if [ "$disable_fail2ban" = 'yes' ]; then - software=$(echo "$software" | sed -e 's/fail2ban//') -fi - -# Install Vesta packages -if [ -z "$disable_remi" ]; then - yum -y --disablerepo=* --enablerepo="base,updates,nginx,epel,vesta,remi" \ - install $software -else - yum -y --disablerepo=* --enablerepo="base,updates,nginx,epel,vesta" \ - install $software -fi -if [ $? -ne 0 ]; then - echo 'Error: yum install failed' - exit 1 -fi - - -#----------------------------------------------------------# -# Configure system # -#----------------------------------------------------------# - -# Set writable permission on tmp directory -chmod 777 /tmp - # Disabling SELinux if [ -e '/etc/sysconfig/selinux' ]; then sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux - setenforce 0 -fi -if [ -e '/etc/selinux/config' ]; then sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config - setenforce 0 + setenforce 0 2>/dev/null fi -# Vesta configuration -echo "export VESTA='/usr/local/vesta'" > /etc/profile.d/vesta.sh -chmod 755 /etc/profile.d/vesta.sh -source /etc/profile.d/vesta.sh -echo 'PATH=$PATH:/usr/local/vesta/bin' >> /root/.bash_profile -echo 'export PATH' >> /root/.bash_profile -source /root/.bash_profile -wget $CHOST/$VERSION/vesta.log -O /etc/logrotate.d/vesta +# Disabling iptables +service iptables stop +service firewalld stop >/dev/null 2>&1 -# Directory tree -mkdir -p $VESTA/conf -mkdir -p $VESTA/log -mkdir -p $VESTA/ssl -mkdir -p $VESTA/data -mkdir -p $VESTA/data/ips -mkdir -p $VESTA/data/queue -mkdir -p $VESTA/data/users -mkdir -p $VESTA/data/firewall -touch $VESTA/data/queue/backup.pipe -touch $VESTA/data/queue/disk.pipe -touch $VESTA/data/queue/webstats.pipe -touch $VESTA/data/queue/restart.pipe -touch $VESTA/data/queue/traffic.pipe -chmod 750 $VESTA/conf -chmod 750 $VESTA/data/users -chmod 750 $VESTA/data/ips -chmod -R 750 $VESTA/data/queue -ln -s /usr/local/vesta/log /var/log/vesta -touch /var/log/vesta/system.log -touch /var/log/vesta/nginx-error.log -touch /var/log/vesta/auth.log -chmod 660 /var/log/vesta/* -adduser backup -ln -s /home/backup /backup -chmod a+x /backup -# vesta.conf -wget $CHOST/$VERSION/vesta.conf -O $VESTA/conf/vesta.conf -if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then - sed -i "s/clamav//g" $VESTA/conf/vesta.conf - sed -i "s/spamassassin//g" $VESTA/conf/vesta.conf -fi - -# Set server hostname -if [ -z "$servername" ]; then - servername=$(hostname) -fi -/usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null - -# Templates -cd /usr/local/vesta/data -wget $CHOST/$VERSION/packages.tar.gz -O packages.tar.gz -tar -xzf packages.tar.gz -rm -f packages.tar.gz -cd /usr/local/vesta/data -wget $CHOST/$VERSION/templates.tar.gz -O templates.tar.gz -tar -xzf templates.tar.gz -rm -f templates.tar.gz -chmod -R 755 /usr/local/vesta/data/templates -cp templates/web/skel/public_html/index.html /var/www/html/ -sed -i 's/%domain%/It worked!/g' /var/www/html/index.html -if [ "$srv_type" = 'micro' ]; then - rm -f /usr/local/vesta/data/templates/web/httpd/phpfcgid.* -fi - -# Firewall configuration -wget $CHOST/$VERSION/firewall.tar.gz -O firewall.tar.gz -tar -xzf firewall.tar.gz -if [ "$disable_iptables" = 'yes' ]; then - sed -i "s/iptables//" $VESTA/conf/vesta.conf - chkconfig iptables off - service iptables stop -else - $BIN/v-update-firewall -fi - -# Generating SSL certificate -$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ - 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem - -# Parsing merged certificate file -crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) -key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) -key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) - -# Adding SSL certificate -cd /usr/local/vesta/ssl -sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt -sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key -chown root:mail /usr/local/vesta/ssl/* -chmod 660 /usr/local/vesta/ssl/* -rm /tmp/vst.pem - -# Disabling webalizer routine -rm -f /etc/cron.daily/00webalizer - -# Set directory color -echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile - -# Sudo configuration -wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers -wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin -chmod 440 /etc/sudoers -chmod 440 /etc/sudoers.d/admin - -# NTP Synchronization +# Configuring NTP synchronization echo '#!/bin/sh' > /etc/cron.daily/ntpdate echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate chmod 775 /etc/cron.daily/ntpdate ntpdate -s pool.ntp.org -# Setup rssh -if [ -z "$(grep /usr/bin/rssh /etc/shells)" ]; then - echo /usr/bin/rssh >> /etc/shells -fi -sed -i 's/#allowscp/allowscp/' /etc/rssh.conf -sed -i 's/#allowsftp/allowsftp/' /etc/rssh.conf -sed -i 's/#allowrsync/allowrsync/' /etc/rssh.conf -chmod 755 /usr/bin/rssh +# Disabling webalizer routine +rm -f /etc/cron.daily/00webalizer -# Nginx configuration -rm -f /etc/nginx/conf.d/*.conf -wget $CHOST/$VERSION/nginx.conf -O /etc/nginx/nginx.conf -wget $CHOST/$VERSION/nginx-status.conf -O /etc/nginx/conf.d/status.conf -touch /etc/nginx/conf.d/vesta.conf -chkconfig nginx on -service nginx start -if [ "$?" -ne 0 ]; then - echo "Error: nginx start failed" - exit 1 +# Adding backup user +adduser backup 2>/dev/null +ln -sf /home/backup /backup +chmod a+x /backup + +# Set directory color +echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile + +# Register /sbin/nologin and /usr/sbin/nologin +echo "/sbin/nologin" >> /etc/shells +echo "/usr/sbin/nologin" >> /etc/shells + +# Changing default systemd interval +if [ "$release" -eq '7' ]; then + # Hi Lennart + echo "DefaultStartLimitInterval=1s" >> /etc/systemd/system.conf + echo "DefaultStartLimitBurst=60" >> /etc/systemd/system.conf + systemctl daemon-reexec fi -# Apache configuration -wget $CHOST/$VERSION/httpd.conf -O /etc/httpd/conf/httpd.conf -wget $CHOST/$VERSION/httpd-status.conf -O /etc/httpd/conf.d/status.conf -wget $CHOST/$VERSION/httpd-ssl.conf -O /etc/httpd/conf.d/ssl.conf -wget $CHOST/$VERSION/httpd.log -O /etc/logrotate.d/httpd -echo "MEFaccept 127.0.0.1" >> /etc/httpd/conf.d/mod_extract_forwarded.conf -rm -f /etc/httpd/conf.d/proxy_ajp.conf -echo > /etc/httpd/conf.d/proxy_ajp.conf -rm -f /etc/httpd/conf.d/vesta.conf -echo > /etc/httpd/conf.d/vesta.conf -touch /var/log/httpd/access_log -touch /var/log/httpd/error_log -touch /var/log/httpd/suexec.log -mkdir -p /var/log/httpd/domains -chmod a+x /var/log/httpd -chmod 640 /var/log/httpd/access_log -chmod 640 /var/log/httpd/error_log -chmod 640 /var/log/httpd/suexec.log -chmod 751 /var/log/httpd/domains -chkconfig httpd on -service httpd start -if [ "$?" -ne 0 ]; then - echo "Error: httpd start failed" - exit 1 + +#----------------------------------------------------------# +# Configure VESTA # +#----------------------------------------------------------# + +# Installing sudo configuration +mkdir -p /etc/sudoers.d +cp -f $vestacp/sudo/admin /etc/sudoers.d/ +chmod 440 /etc/sudoers.d/admin + +# Configuring system env +echo "export VESTA='$VESTA'" > /etc/profile.d/vesta.sh +chmod 755 /etc/profile.d/vesta.sh +source /etc/profile.d/vesta.sh +echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile +echo 'export PATH' >> /root/.bash_profile +source /root/.bash_profile + +# Configuring logrotate for vesta logs +cp -f $vestacp/logrotate/vesta /etc/logrotate.d/ + +# Building directory tree and creating some blank files for Vesta +mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \ + $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \ + $VESTA/data/sessions +touch $VESTA/data/queue/backup.pipe $VESTA/data/queue/disk.pipe \ + $VESTA/data/queue/webstats.pipe $VESTA/data/queue/restart.pipe \ + $VESTA/data/queue/traffic.pipe $VESTA/log/system.log \ + $VESTA/log/nginx-error.log $VESTA/log/auth.log +chmod 750 $VESTA/conf $VESTA/data/users $VESTA/data/ips $VESTA/log +chmod -R 750 $VESTA/data/queue +chmod 660 $VESTA/log/* +rm -f /var/log/vesta +ln -s $VESTA/log /var/log/vesta +chmod 770 $VESTA/data/sessions + +# Generating Vesta configuration +rm -f $VESTA/conf/vesta.conf 2>/dev/null +touch $VESTA/conf/vesta.conf +chmod 660 $VESTA/conf/vesta.conf + +# Web stack +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='8080'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='8443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "PROXY_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "PROXY_PORT='80'" >> $VESTA/conf/vesta.conf + echo "PROXY_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'no' ] && [ "$nginx" = 'yes' ]; then + echo "WEB_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='openssl'" >> $VESTA/conf/vesta.conf + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf + fi + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf fi -# Vsftpd configuration -wget $CHOST/$VERSION/vsftpd.conf -O /etc/vsftpd/vsftpd.conf -chkconfig vsftpd on -service vsftpd start -if [ "$?" -ne 0 ]; then - echo "Error: vsftpd start failed" - exit 1 +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo "FTP_SYSTEM='vsftpd'" >> $VESTA/conf/vesta.conf +fi +if [ "$proftpd" = 'yes' ]; then + echo "FTP_SYSTEM='proftpd'" >> $VESTA/conf/vesta.conf fi -# MySQL configuration -if [ "$srv_type" = 'micro' ]; then - wget $CHOST/$VERSION/mysql-512.cnf -O /etc/my.cnf -else - wget $CHOST/$VERSION/mysql.cnf -O /etc/my.cnf +# DNS stack +if [ "$named" = 'yes' ]; then + echo "DNS_SYSTEM='named'" >> $VESTA/conf/vesta.conf fi -chkconfig mysqld on -service mysqld start -if [ "$?" -ne 0 ]; then - # Fix for aio on OpenVZ - if [ -e "/proc/user_beancounters" ]; then - sed -i "s/#innodb_use_native_aio/innodb_use_native_aio/g" /etc/my.cnf + +# Mail stack +if [ "$exim" = 'yes' ]; then + echo "MAIL_SYSTEM='exim'" >> $VESTA/conf/vesta.conf + if [ "$clamd" = 'yes' ]; then + echo "ANTIVIRUS_SYSTEM='clamav'" >> $VESTA/conf/vesta.conf + fi + if [ "$spamd" = 'yes' ]; then + echo "ANTISPAM_SYSTEM='spamassassin'" >> $VESTA/conf/vesta.conf + fi + if [ "$dovecot" = 'yes' ]; then + echo "IMAP_SYSTEM='dovecot'" >> $VESTA/conf/vesta.conf + fi +fi + +# Cron daemon +echo "CRON_SYSTEM='crond'" >> $VESTA/conf/vesta.conf + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo "FIREWALL_EXTENSION='fail2ban'" >> $VESTA/conf/vesta.conf +fi + +# Disk quota +if [ "$quota" = 'yes' ]; then + echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf +fi + +# Backups +echo "BACKUP_SYSTEM='local'" >> $VESTA/conf/vesta.conf + +# Language +echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf + +# Version +echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf + +# Installing hosting packages +cp -rf $vestacp/packages $VESTA/data/ + +# Installing templates +cp -rf $vestacp/templates $VESTA/data/ + +# Copying index.html to default documentroot +cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/html/ +sed -i 's/%domain%/It worked!/g' /var/www/html/index.html + +# Installing firewall rules +cp -rf $vestacp/firewall $VESTA/data/ + +# Configuring server hostname +$VESTA/bin/v-change-sys-hostname $servername 2>/dev/null + +# Generating SSL certificate +$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ + 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem + +# Parsing certificate file +crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) +key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) +key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) + +# Adding SSL certificate +cd $VESTA/ssl +sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt +sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key +chown root:mail $VESTA/ssl/* +chmod 660 $VESTA/ssl/* +rm /tmp/vst.pem + +#----------------------------------------------------------# +# Configure Nginx # +#----------------------------------------------------------# + +if [ "$nginx" = 'yes' ]; then + rm -f /etc/nginx/conf.d/*.conf + cp -f $vestacp/nginx/nginx.conf /etc/nginx/ + cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/ + cp -f $vestacp/nginx/phpmyadmin.inc /etc/nginx/conf.d/ + cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/ + cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/ + cp -f $vestacp/logrotate/nginx /etc/logrotate.d/ + echo > /etc/nginx/conf.d/vesta.conf + mkdir -p /var/log/nginx/domains + if [ "$release" -ge '7' ]; then + mkdir -p /etc/systemd/system/nginx.service.d + cd /etc/systemd/system/nginx.service.d + echo "[Service]" > limits.conf + echo "LimitNOFILE=500000" >> limits.conf + fi + chkconfig nginx on + service nginx start + check_result $? "nginx start failed" + + # Workaround for OpenVZ/Virtuozzo + if [ "$release" -ge '7' ] && [ -e "/proc/vz/veinfo" ]; then + echo "#Vesta: workraround for networkmanager" >> /etc/rc.local + echo "sleep 3 && service nginx restart" >> /etc/rc.local + fi +fi + + +#----------------------------------------------------------# +# Configure Apache # +#----------------------------------------------------------# + +if [ "$apache" = 'yes' ]; then + cp -f $vestacp/httpd/httpd.conf /etc/httpd/conf/ + cp -f $vestacp/httpd/status.conf /etc/httpd/conf.d/ + cp -f $vestacp/httpd/ssl.conf /etc/httpd/conf.d/ + cp -f $vestacp/httpd/ruid2.conf /etc/httpd/conf.d/ + cp -f $vestacp/logrotate/httpd /etc/logrotate.d/ + if [ $release -lt 7 ]; then + cd /etc/httpd/conf.d + echo "MEFaccept 127.0.0.1" >> mod_extract_forwarded.conf + echo > proxy_ajp.conf + fi + if [ -e "/etc/httpd/conf.modules.d/00-dav.conf" ]; then + cd /etc/httpd/conf.modules.d + sed -i "s/^/#/" 00-dav.conf 00-lua.conf 00-proxy.conf + fi + echo > /etc/httpd/conf.d/vesta.conf + cd /var/log/httpd + touch access_log error_log suexec.log + chmod 640 access_log error_log suexec.log + chmod -f 777 /var/lib/php/session + chmod a+x /var/log/httpd + mkdir -p /var/log/httpd/domains + chmod 751 /var/log/httpd/domains + if [ "$release" -ge '7' ]; then + mkdir -p /etc/systemd/system/httpd.service.d + cd /etc/systemd/system/httpd.service.d + echo "[Service]" > limits.conf + echo "LimitNOFILE=500000" >> limits.conf + fi + chkconfig httpd on + service httpd start + check_result $? "httpd start failed" + + # Workaround for OpenVZ/Virtuozzo + if [ "$release" -ge '7' ] && [ -e "/proc/vz/veinfo" ]; then + echo "#Vesta: workraround for networkmanager" >> /etc/rc.local + echo "sleep 2 && service httpd restart" >> /etc/rc.local + fi +fi + + +#----------------------------------------------------------# +# Configure PHP-FPM # +#----------------------------------------------------------# + +if [ "$phpfpm" = 'yes' ]; then + cp -f $vestacp/php-fpm/www.conf /etc/php-fpm.d/ + chkconfig php-fpm on + service php-fpm start + check_result $? "php-fpm start failed" +fi + + +#----------------------------------------------------------# +# Configure PHP # +#----------------------------------------------------------# + +ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}') +if [ -e '/etc/sysconfig/clock' ]; then + source /etc/sysconfig/clock +fi +if [ -z "$ZONE" ]; then + ZONE='UTC' +fi +for pconf in $(find /etc/php* -name php.ini); do + sed -i "s|;date.timezone =|date.timezone = $ZONE|g" $pconf + sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf +done + + +#----------------------------------------------------------# +# Configure Vsftpd # +#----------------------------------------------------------# + +if [ "$vsftpd" = 'yes' ]; then + cp -f $vestacp/vsftpd/vsftpd.conf /etc/vsftpd/ + chkconfig vsftpd on + service vsftpd start + check_result $? "vsftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure ProFTPD # +#----------------------------------------------------------# + +if [ "$proftpd" = 'yes' ]; then + cp -f $vestacp/proftpd/proftpd.conf /etc/ + chkconfig proftpd on + service proftpd start + check_result $? "proftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure MySQL/MariaDB # +#----------------------------------------------------------# + +if [ "$mysql" = 'yes' ]; then + + mycnf="my-small.cnf" + if [ $memory -gt 1200000 ]; then + mycnf="my-medium.cnf" + fi + if [ $memory -gt 3900000 ]; then + mycnf="my-large.cnf" fi - service mysqld start + mkdir -p /var/lib/mysql + chown mysql:mysql /var/lib/mysql + mkdir -p /etc/my.cnf.d + + if [ $release -lt 7 ]; then + service='mysqld' + else + service='mariadb' + fi + + cp -f $vestacp/$service/$mycnf /etc/my.cnf + chkconfig $service on + service $service start if [ "$?" -ne 0 ]; then - echo "Error: mysqld start failed" - exit 1 + if [ -e "/proc/user_beancounters" ]; then + # Fix for aio on OpenVZ + sed -i "s/#innodb_use_native/innodb_use_native/g" /etc/my.cnf + fi + service $service start + check_result $? "$service start failed" fi -fi -# Generating MySQL password if it wasn't set -if [ -z "$mpass" ]; then + # Securing MySQL installation mpass=$(gen_pass) + mysqladmin -u root password $mpass + echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf + chmod 600 /root/.my.cnf + mysql -e "DELETE FROM mysql.user WHERE User=''" + mysql -e "DROP DATABASE test" >/dev/null 2>&1 + mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" + mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" + mysql -e "FLUSH PRIVILEGES" + + # Configuring phpMyAdmin + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/ + fi + mysql < /usr/share/phpMyAdmin/sql/create_tables.sql + p=$(gen_pass) + mysql -e "GRANT ALL ON phpmyadmin.* + TO phpmyadmin@localhost IDENTIFIED BY '$p'" + cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php + sed -i "s/%blowfish_secret%/$(gen_pass 32)/g" /etc/phpMyAdmin/config.inc.php + sed -i "s/%phpmyadmin_pass%/$p/g" /etc/phpMyAdmin/config.inc.php + chmod 777 /var/lib/phpMyAdmin/temp + chmod 777 /var/lib/phpMyAdmin/save fi -mysqladmin -u root password $mpass -echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf -chmod 600 /root/.my.cnf -mysql -e "DELETE FROM mysql.user WHERE User=''" -mysql -e "DROP DATABASE test" -mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" -mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" -mysql -e "FLUSH PRIVILEGES" -# Bind configuration -wget $CHOST/$VERSION/named.conf -O /etc/named.conf -chown root:named /etc/named.conf -chmod 640 /etc/named.conf -chkconfig named on -service named start -if [ "$?" -ne 0 ]; then - echo "Error: named start failed" - exit 1 +#----------------------------------------------------------# +# Configure PostgreSQL # +#----------------------------------------------------------# + +if [ "$postgresql" = 'yes' ]; then + ppass=$(gen_pass) + if [ $release -eq 5 ]; then + service postgresql start + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'" + service postgresql stop + cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/ + service postgresql start + else + service postgresql initdb + cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/ + service postgresql start + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'" + fi + # Configuring phpPgAdmin + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/pga/phpPgAdmin.conf /etc/httpd/conf.d/ + fi + cp -f $vestacp/pga/config.inc.php /etc/phpPgAdmin/ fi -# Exim -wget $CHOST/$VERSION/exim.conf -O /etc/exim/exim.conf -if [ "$srv_type" != 'micro' ] && [ "$srv_type" != 'small' ]; then - sed -i "s/#SPAM/SPAM/g" /etc/exim/exim.conf - sed -i "s/#CLAMD/CLAMD/g" /etc/exim/exim.conf -fi -wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim/dnsbl.conf -wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim/spam-blocks.conf -touch /etc/exim/white-blocks.conf -rm -rf /etc/exim/domains -mkdir -p /etc/exim/domains -chmod 640 /etc/exim/exim.conf -gpasswd -a exim mail -if [ -e /etc/init.d/sendmail ]; then - chkconfig sendmail off - service sendmail stop -fi -if [ -e /etc/init.d/postfix ]; then - chkconfig postfix off - service postfix stop -fi -rm -f /etc/alternatives/mta -ln -s /usr/sbin/sendmail.exim /etc/alternatives/mta -chkconfig exim on -service exim start -if [ "$?" -ne 0 ]; then - echo "Error: exim start failed" - exit 1 + +#----------------------------------------------------------# +# Configure Bind # +#----------------------------------------------------------# + +if [ "$named" = 'yes' ]; then + cp -f $vestacp/named/named.conf /etc/ + chown root:named /etc/named.conf + chmod 640 /etc/named.conf + chkconfig named on + service named start + check_result $? "named start failed" fi -# Dovecot configuration -if [ "$release" -eq '5' ]; then - wget $CHOST/$VERSION/dovecot.conf -O /etc/dovecot.conf -else - wget $CHOST/$VERSION/dovecot.tar.gz -O /etc/dovecot.tar.gz - cd /etc/ - rm -rf dovecot - tar -xzf dovecot.tar.gz - rm -f dovecot.tar.gz - chown -R root:root /etc/dovecot -fi -gpasswd -a dovecot mail -chkconfig dovecot on -service dovecot start -if [ "$?" -ne 0 ]; then - echo "Error: dovecot start failed" - exit 1 + +#----------------------------------------------------------# +# Configure Exim # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ]; then + gpasswd -a exim mail + cp -f $vestacp/exim/exim.conf /etc/exim/ + cp -f $vestacp/exim/dnsbl.conf /etc/exim/ + cp -f $vestacp/exim/spam-blocks.conf /etc/exim/ + touch /etc/exim/white-blocks.conf + + if [ "$spamd" = 'yes' ]; then + sed -i "s/#SPAM/SPAM/g" /etc/exim/exim.conf + fi + if [ "$clamd" = 'yes' ]; then + sed -i "s/#CLAMD/CLAMD/g" /etc/exim/exim.conf + fi + + chmod 640 /etc/exim/exim.conf + rm -rf /etc/exim/domains + mkdir -p /etc/exim/domains + + rm -f /etc/alternatives/mta + ln -s /usr/sbin/sendmail.exim /etc/alternatives/mta + chkconfig sendmail off 2>/dev/null + service sendmail stop 2>/dev/null + chkconfig postfix off 2>/dev/null + service postfix stop 2>/dev/null + + chkconfig exim on + service exim start + check_result $? "exim start failed" fi -# ClamAV configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - wget $CHOST/$VERSION/clamd.conf -O /etc/clamd.conf - wget $CHOST/$VERSION/freshclam.conf -O /etc/freshclam.conf + +#----------------------------------------------------------# +# Configure Dovecot # +#----------------------------------------------------------# + +if [ "$dovecot" = 'yes' ]; then + gpasswd -a dovecot mail + cp -rf $vestacp/dovecot /etc/ + cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/ + chown -R root:root /etc/dovecot* + if [ "$release" -eq 7 ]; then + sed -i "s#namespace inbox {#namespace inbox {\n inbox = yes#" /etc/dovecot/conf.d/15-mailboxes.conf + fi + chkconfig dovecot on + service dovecot start + check_result $? "dovecot start failed" +fi + + +#----------------------------------------------------------# +# Configure ClamAV # +#----------------------------------------------------------# + +if [ "$clamd" = 'yes' ]; then + useradd clam -s /sbin/nologin -d /var/lib/clamav 2>/dev/null gpasswd -a clam exim gpasswd -a clam mail + cp -f $vestacp/clamav/clamd.conf /etc/ + cp -f $vestacp/clamav/freshclam.conf /etc/ + mkdir -p /var/log/clamav /var/run/clamav + chown clam:clam /var/log/clamav /var/run/clamav + chown -R clam:clam /var/lib/clamav + if [ "$release" -ge '7' ]; then + cp -f $vestacp/clamav/clamd.service /usr/lib/systemd/system/ + systemctl --system daemon-reload + fi /usr/bin/freshclam + if [ "$release" -ge '7' ]; then + sed -i "s/nofork/foreground/" /usr/lib/systemd/system/clamd.service + systemctl daemon-reload + fi chkconfig clamd on service clamd start - if [ "$?" -ne 0 ]; then - echo "Error: clamd start failed" - exit 1 - fi + #check_result $? "clamd start failed" fi -# SpamAssassin configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then + +#----------------------------------------------------------# +# Configure SpamAssassin # +#----------------------------------------------------------# + +if [ "$spamd" = 'yes' ]; then chkconfig spamassassin on service spamassassin start - if [ "$?" -ne 0 ]; then - echo "Error: spamassassin start failed" - exit 1 + check_result $? "spamassassin start failed" + if [ "$release" -ge '7' ]; then + groupadd -g 1001 spamd + useradd -u 1001 -g spamd -s /sbin/nologin -d \ + /var/lib/spamassassin spamd + mkdir /var/lib/spamassassin + chown spamd:spamd /var/lib/spamassassin fi fi -# Fail2ban configuration -if [ -z "$disable_fail2ban" ]; then - cd /etc - wget $CHOST/$VERSION/fail2ban.tar.gz -O fail2ban.tar.gz - tar -xzf fail2ban.tar.gz - rm -f fail2ban.tar.gz + +#----------------------------------------------------------# +# Configure RoundCube # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/roundcube/roundcubemail.conf /etc/httpd/conf.d/ + fi + cp -f $vestacp/roundcube/main.inc.php /etc/roundcubemail/config.inc.php + cd /usr/share/roundcubemail/plugins/password + cp -f $vestacp/roundcube/vesta.php drivers/vesta.php + cp -f $vestacp/roundcube/config.inc.php config.inc.php + sed -i "s/localhost/$servername/g" config.inc.php + chmod a+r /etc/roundcubemail/* + chmod -f 777 /var/log/roundcubemail + r="$(gen_pass)" + mysql -e "CREATE DATABASE roundcube" + mysql -e "GRANT ALL ON roundcube.* TO + roundcube@localhost IDENTIFIED BY '$r'" + sed -i "s/%password%/$r/g" /etc/roundcubemail/config.inc.php + chmod 640 /etc/roundcubemail/config.inc.php + chown root:apache /etc/roundcubemail/config.inc.php + if [ -e "/usr/share/roundcubemail/SQL/mysql.initial.sql" ]; then + mysql roundcube < /usr/share/roundcubemail/SQL/mysql.initial.sql + else + mysql roundcube < /usr/share/doc/roundcubemail-*/SQL/mysql.initial.sql + fi +fi + + +#----------------------------------------------------------# +# Configure Fail2Ban # +#----------------------------------------------------------# + +if [ "$fail2ban" = 'yes' ]; then + cp -rf $vestacp/fail2ban /etc/ + if [ "$dovecot" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$exim" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$vsftpd" = 'yes' ]; then + #Create vsftpd Log File + if [ ! -f "/var/log/vsftpd.log" ]; then + touch /var/log/vsftpd.log + fi + fline=$(cat /etc/fail2ban/jail.local |grep -n vsftpd-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local + fi chkconfig fail2ban on + mkdir -p /var/run/fail2ban + if [ -e "/usr/lib/systemd/system/fail2ban.service" ]; then + exec_pre='ExecStartPre=/bin/mkdir -p /var/run/fail2ban' + sed -i "s|\[Service\]|[Service]\n$exec_pre|g" \ + /usr/lib/systemd/system/fail2ban.service + systemctl daemon-reload + fi service fail2ban start -else - sed -i "s/fail2ban//" $VESTA/conf/vestac.conf + check_result $? "fail2ban start failed" fi -# php configuration -sed -i 's/short_open_tag = Off/short_open_tag = On/g' /etc/php.ini -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php.ini -# phpMyAdmin configuration -wget $CHOST/$VERSION/httpd-pma.conf -O /etc/httpd/conf.d/phpMyAdmin.conf -wget $CHOST/$VERSION/pma.conf -O /etc/phpMyAdmin/config.inc.php -sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php +#----------------------------------------------------------# +# Configure Admin User # +#----------------------------------------------------------# -# Roundcube configuration -wget $CHOST/$VERSION/httpd-webmail.conf -O /etc/httpd/conf.d/roundcubemail.conf -wget $CHOST/$VERSION/roundcube-main.conf -O /etc/roundcubemail/main.inc.php -wget $CHOST/$VERSION/roundcube-db.conf -O /etc/roundcubemail/db.inc.php -wget $CHOST/$VERSION/roundcube-driver.php -O \ - /usr/share/roundcubemail/plugins/password/drivers/vesta.php -wget $CHOST/$VERSION/roundcube-pw.conf -O \ - /usr/share/roundcubemail/plugins/password/config.inc.php -r="$(gen_pass)" -mysql -e "CREATE DATABASE roundcube" -mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" -sed -i "s/%password%/$r/g" /etc/roundcubemail/db.inc.php -if [ -e "/usr/share/roundcubemail/SQL/mysql.initial.sql" ]; then - mysql roundcube < /usr/share/roundcubemail/SQL/mysql.initial.sql -else - mysql roundcube < /usr/share/doc/roundcubemail-*/SQL/mysql.initial.sql -fi - -# Adding admin user +# Deleting old admin user if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then chattr -i /home/admin/conf > /dev/null 2>&1 - userdel -f admin - chattr -i /home/admin/conf - mv -f /home/admin $vst_backups/home/ - rm -f /tmp/sess_* + userdel -f admin >/dev/null 2>&1 + chattr -i /home/admin/conf >/dev/null 2>&1 + mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1 + rm -f /tmp/sess_* >/dev/null 2>&1 fi if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then groupdel admin > /dev/null 2>&1 fi -# Generating admin password if it wasn't set -if [ -z "$vpass" ]; then - vpass=$(gen_pass) -fi - -# Adding vesta account +# Adding Vesta admin account $VESTA/bin/v-add-user admin $vpass $email default System Administrator -if [ $? -ne 0 ]; then - echo "Error: can't create admin user" - exit 1 -fi +check_result $? "can't create admin user" $VESTA/bin/v-change-user-shell admin bash -$VESTA/bin/v-change-user-language admin en +$VESTA/bin/v-change-user-language admin $lang -# Configuring mysql host -$VESTA/bin/v-add-database-host mysql localhost root $mpass -$VESTA/bin/v-add-database admin default default $(gen_pass) mysql - -# Configuring system ips +# Configuring system IPs $VESTA/bin/v-update-sys-ip -# Get main ip -main_ip=$(ifconfig |grep 'inet addr:' |grep -v 127.0.0.1 |head -n1 | \ - cut -f2 -d: | cut -f1 -d ' ') +# Get main IP +ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/) -# Get remote ip -vst_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) -if [ ! -z "$vst_ip" ] && [ "$vst_ip" != "$main_ip" ]; then - # Set NAT association - $VESTA/bin/v-change-sys-ip-nat $main_ip $vst_ip -fi -if [ -z "$vst_ip" ]; then - vst_ip=$main_ip +# Configuring firewall +if [ "$iptables" = 'yes' ]; then + chkconfig firewalld off >/dev/null 2>&1 + $VESTA/bin/v-update-firewall fi -# Add default web domain -$VESTA/bin/v-add-web-domain admin default.domain $vst_ip +# Get public IP +pub_ip=$(curl -s vestacp.com/what-is-my-ip/) +if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then + echo "$VESTA/bin/v-update-sys-ip" >> /etc/rc.local + $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip + ip=$pub_ip +fi -# Add default dns domain -$VESTA/bin/v-add-dns-domain admin default.domain $vst_ip +# Configuring MySQL/MariaDB host +if [ "$mysql" = 'yes' ]; then + $VESTA/bin/v-add-database-host mysql localhost root $mpass + $VESTA/bin/v-add-database admin default default $(gen_pass) mysql +fi -# Add default mail domain -$VESTA/bin/v-add-mail-domain admin default.domain +# Configuring PostgreSQL host +if [ "$postgresql" = 'yes' ]; then + $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass + $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql +fi -# Configuring crond -command='sudo /usr/local/vesta/bin/v-update-sys-queue disk' +# Adding default domain +$VESTA/bin/v-add-domain admin $servername + +# Adding cron jobs +command="sudo $VESTA/bin/v-update-sys-queue disk" $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-queue traffic' +command="sudo $VESTA/bin/v-update-sys-queue traffic" $VESTA/bin/v-add-cron-job 'admin' '10' '00' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-queue webstats' +command="sudo $VESTA/bin/v-update-sys-queue webstats" $VESTA/bin/v-add-cron-job 'admin' '30' '03' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-queue backup' +command="sudo $VESTA/bin/v-update-sys-queue backup" $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-backup-users' +command="sudo $VESTA/bin/v-backup-users" $VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-user-stats' +command="sudo $VESTA/bin/v-update-user-stats" $VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-rrd' +command="sudo $VESTA/bin/v-update-sys-rrd" $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" +service crond restart -# Build inititall rrd images +# Building RRD images $VESTA/bin/v-update-sys-rrd -# Enable file system quota +# Enabling file system quota if [ "$quota" = 'yes' ]; then $VESTA/bin/v-add-sys-quota fi -# Start system service -chkconfig vesta on -service vesta start -if [ "$?" -ne 0 ]; then - echo "Error: vesta start failed" - exit 1 +# Enabling Softaculous plugin +if [ "$softaculous" = 'yes' ]; then + $VESTA/bin/v-add-vesta-softaculous fi -# Send notification to vestacp.com -wget vestacp.com/notify/?$codename -O /dev/null +# Starting Vesta service +chkconfig vesta on +service vesta start +check_result $? "vesta start failed" +chown admin:admin $VESTA/data/sessions -# Send notification to admin email +# Adding notifications +$VESTA/upd/add_notifications.sh + +# Adding cronjob for autoupdates +$VESTA/bin/v-add-cron-vesta-autoupdate + +if [ "$port" != "8083" ]; then + echo "=== Set Vesta port: $port" + $VESTA/bin/v-change-vesta-port $port +fi + +echo "NOTIFY_ADMIN_FULL_BACKUP='$email'" >> $VESTA/conf/vesta.conf + +#----------------------------------------------------------# +# Vesta Access Info # +#----------------------------------------------------------# + +# Comparing hostname and ip + +if [ "$ssl" = 'no' ]; then +host_ip=$(host $servername |head -n 1 |awk '{print $NF}') +if [ "$host_ip" = "$ip" ]; then + ip="$servername" +fi +fi + +if [ "$ssl" = 'yes' ]; then +make_ssl=0 +host_ip=$(host $servername | head -n 1 | awk '{print $NF}') +if [ "$host_ip" != "$pub_ip" ]; then + echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)" + echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname." + echo "Try to setup an A record in your DNS, pointing your hostname $servername to IP address $ip and then press ENTER." + echo "(or register ns1.$servername and ns2.$servername as DNS Nameservers and put those Nameservers on $servername domain)" + echo "If we detect that hostname is still not pointing to your IP, installer will not add LetsEncrypt SSL certificate to your hosting panel (unsigned SSL will be used instead)." + read -p "To force to try anyway to add LetsEncrypt, press f and then ENTER." answer + host_ip=$(host $servername | head -n 1 | awk '{print $NF}') +fi +if [ "$answer" = "f" ]; then + make_ssl=1 +fi +if [ "$host_ip" = "$ip" ]; then + ip="$servername" + make_ssl=1 +fi + +if [ $make_ssl -eq 1 ]; then + # Check if www is also pointing to our IP + www_host="www.$servername" + www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}') + if [ "$www_host_ip" != "$pub_ip" ]; then + if [ "$named" = 'yes' ]; then + echo "=== Deleting www to server hostname" + $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no' + $VESTA/bin/v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no' + fi + www_host="" + fi +fi + +echo "===" +echo "Hostname $servername is pointing to $host_ip" + +if [ $make_ssl -eq 1 ]; then + echo "=== Generating HOSTNAME SSL" + $VESTA/bin/v-add-letsencrypt-domain 'admin' "$servername" "$www_host" 'yes' + $VESTA/bin/v-update-host-certificate 'admin' "$servername" +else + echo "We will not generate SSL because of this" +fi +echo "===" +echo "UPDATE_HOSTNAME_SSL='yes'" >> $VESTA/conf/vesta.conf +fi + +# Sending notification to admin email echo -e "Congratulations, you have just successfully installed \ -the Vesta Control Panel +Vesta Control Panel -You can login in Vesta with following credentials: + https://$ip:$port username: admin password: $vpass - https://$vst_ip:8083 We hope that you enjoy your installation of Vesta. Please \ feel free to contact us anytime if you have any questions. @@ -926,12 +1467,10 @@ vestacp.com team send_mail="$VESTA/web/inc/mail-wrapper.php" cat $tmpfile | $send_mail -s "Vesta Control Panel" $email -rm -f $tmpfile # Congrats echo '=======================================================' echo -echo echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' echo ' _| _| _| _| _| _| _| ' echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' @@ -939,20 +1478,7 @@ echo ' _| _| _| _| _| _| _| ' echo ' _| _|_|_|_| _|_|_| _| _| _| ' echo echo -echo '-------------------------------' -echo " https://$vst_ip:8083" -echo ' username: admin' -echo " password: $vpass" -echo '-------------------------------' -echo -echo -echo 'Congratulations,' -echo 'you have successfully installed Vesta Control Panel.' -echo -echo - -# Tricky way to get new PATH variable -cd -bash +cat $tmpfile +rm -f $tmpfile # EOF diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh old mode 100644 new mode 100755 index 4c3379420..872c9b505 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Vesta Ubuntu installer v.04 +# Vesta Ubuntu installer v.05 #----------------------------------------------------------# # Variables&Functions # @@ -9,32 +9,71 @@ export PATH=$PATH:/sbin export DEBIAN_FRONTEND=noninteractive RHOST='apt.vestacp.com' CHOST='c.vestacp.com' -VERSION='0.9.8/ubuntu' -software="nginx apache2 apache2-utils apache2-suexec-custom bsdutils e2fsprogs - libapache2-mod-ruid2 libapache2-mod-rpaf libapache2-mod-fcgid bind9 idn - mysql-server mysql-common mysql-client php5-common php5-cgi php5-mysql - php5-curl libapache2-mod-php5 vsftpd mc exim4 exim4-daemon-heavy - clamav-daemon flex dovecot-imapd dovecot-pop3d phpMyAdmin awstats e2fslibs - webalizer jwhois rssh git spamassassin roundcube roundcube-mysql quota - roundcube-plugins apparmor-utils sudo bc ftp lsof ntpdate rrdtool - fail2ban dnsutils vesta vesta-nginx vesta-php" +VERSION='ubuntu' +VESTA='/usr/local/vesta' +memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) +arch=$(uname -i) +os='ubuntu' +release="$(lsb_release -s -r)" +codename="$(lsb_release -s -c)" +vestacp="$VESTA/install/$VERSION/$release" +# Defining software pack for all distros +software="nginx apache2 apache2.2-common apache2-suexec-custom apache2-utils + apparmor-utils awstats bc bind9 bsdmainutils bsdutils clamav-daemon + cron curl dnsutils dovecot-imapd dovecot-pop3d e2fslibs e2fsprogs exim4 + exim4-daemon-heavy expect fail2ban flex ftp git idn imagemagick + libapache2-mod-fcgid libapache2-mod-php libapache2-mod-rpaf + libapache2-mod-ruid2 lsof mc mysql-client mysql-common mysql-server + ntpdate php-cgi php-common php-curl php-fpm phpmyadmin php-mysql + phppgadmin php-pgsql postgresql postgresql-contrib proftpd-basic quota + roundcube-core roundcube-mysql roundcube-plugins rrdtool rssh spamassassin + sudo vesta vesta-ioncube vesta-nginx vesta-php vesta-softaculous + vim-common vsftpd webalizer whois zip net-tools" + +# Fix for old releases +if [[ ${release:0:2} -lt 16 ]]; then + software=$(echo "$software" |sed -e "s/php /php5 /g") + software=$(echo "$software" |sed -e "s/vesta-php5 /vesta-php /g") + software=$(echo "$software" |sed -e "s/php-/php5-/g") +fi + +# Defining help function help() { - echo "usage: $0 [OPTIONS] - -h, --help Print this help and exit - -f, --force Force installation - -i, --disable-iptables Disable iptables support - -b, --disable-fail2ban Disable fail2ban protection - -n, --noupdate Do not run yum update command - -s, --hostname Set server hostname - -e, --email Set email address - -p, --password Set admin password instead of generating it - -m, --mysql-password Set MySQL password instead of generating it - -q, --quota Enable File System Quota" + echo "Usage: $0 [OPTIONS] + -a, --apache Install Apache [yes|no] default: yes + -n, --nginx Install Nginx [yes|no] default: yes + -w, --phpfpm Install PHP-FPM [yes|no] default: no + -v, --vsftpd Install Vsftpd [yes|no] default: yes + -j, --proftpd Install ProFTPD [yes|no] default: no + -k, --named Install Bind [yes|no] default: yes + -m, --mysql Install MySQL [yes|no] default: yes + -g, --postgresql Install PostgreSQL [yes|no] default: no + -x, --exim Install Exim [yes|no] default: yes + -z, --dovecot Install Dovecot [yes|no] default: yes + -c, --clamav Install ClamAV [yes|no] default: yes + -t, --spamassassin Install SpamAssassin [yes|no] default: yes + -i, --iptables Install Iptables [yes|no] default: yes + -b, --fail2ban Install Fail2ban [yes|no] default: yes + -r, --remi Install Remi repo [yes|no] default: yes + -o, --softaculous Install Softaculous [yes|no] default: yes + -q, --quota Filesystem Quota [yes|no] default: no + -l, --lang Default language default: en + -y, --interactive Interactive install [yes|no] default: yes + -s, --hostname Set hostname + -u, --ssl Add LE SSL for hostname [yes|no] default: no + -e, --email Set admin email + -d, --port Set Vesta port + -p, --password Set admin password + -f, --force Force installation + -h, --help Print this help + + Example: bash $0 -e demo@vestacp.com -p p4ssw0rd --apache no --phpfpm yes" exit 1 } -# Password generator + +# Defining password-gen function gen_pass() { MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' LENGTH=10 @@ -45,113 +84,199 @@ gen_pass() { echo "$PASS" } +# Defining return code check function +check_result() { + if [ $1 -ne 0 ]; then + echo "Error: $2" + exit $1 + fi +} + +# Defining function to set default value +set_default_value() { + eval variable=\$$1 + if [ -z "$variable" ]; then + eval $1=$2 + fi + if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then + eval $1=$2 + fi +} + +# Defining function to set default language value +set_default_lang() { + if [ -z "$lang" ]; then + eval lang=$1 + fi + lang_list=" + ar cz el fa hu ja no pt se ua + bs da en fi id ka pl ro tr vi + cn de es fr it nl pt-BR ru tw + bg ko sr th ur" + if !(echo $lang_list |grep -w $lang 1>&2>/dev/null); then + eval lang=$1 + fi +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# +# Creating temporary file +tmpfile=$(mktemp -p /tmp) + # Translating argument to --gnu-long-options for arg; do delim="" case "$arg" in - --help) args="${args}-h " ;; - --force) args="${args}-f " ;; - --disable-fail2ban) args="${args}-b " ;; - --disable-iptables) args="${args}-i " ;; - --noupdate) args="${args}-n " ;; - --hostname) args="${args}-s " ;; - --email) args="${args}-e " ;; - --password) args="${args}-p " ;; - --mysql-password) args="${args}-m " ;; + --apache) args="${args}-a " ;; + --nginx) args="${args}-n " ;; + --phpfpm) args="${args}-w " ;; + --vsftpd) args="${args}-v " ;; + --proftpd) args="${args}-j " ;; + --named) args="${args}-k " ;; + --mysql) args="${args}-m " ;; + --postgresql) args="${args}-g " ;; + --exim) args="${args}-x " ;; + --dovecot) args="${args}-z " ;; + --clamav) args="${args}-c " ;; + --spamassassin) args="${args}-t " ;; + --iptables) args="${args}-i " ;; + --fail2ban) args="${args}-b " ;; + --softaculous) args="${args}-o " ;; + --remi) args="${args}-r " ;; --quota) args="${args}-q " ;; - *) [[ "${arg:0:1}" == "-" ]] || delim="\"" - args="${args}${delim}${arg}${delim} ";; + --lang) args="${args}-l " ;; + --interactive) args="${args}-y " ;; + --hostname) args="${args}-s " ;; + --ssl) args="${args}-u " ;; + --email) args="${args}-e " ;; + --port) args="${args}-d " ;; + --password) args="${args}-p " ;; + --force) args="${args}-f " ;; + --help) args="${args}-h " ;; + *) [[ "${arg:0:1}" == "-" ]] || delim="\"" + args="${args}${delim}${arg}${delim} ";; esac done eval set -- "$args" -# Getopt -while getopts "hfibdnqe:m:p:s:" Option; do +# Parsing arguments +while getopts "a:n:w:v:j:k:m:g:x:z:c:t:i:b:r:o:q:l:y:s:u:e:d:p:fh" Option; do case $Option in - h) help ;; # Help - f) force='yes' ;; # Force install - i) disable_iptables='yes' ;; # Disable iptables - b) disable_fail2ban='yes' ;; # Disable fail2ban - n) noupdate='yes' ;; # Disable yum update - s) servername=$OPTARG ;; # Server hostname - e) email=$OPTARG ;; # Set email - p) vpass=$OPTARG ;; # Admin password - m) mpass=$OPTARG ;; # MySQL pasword - q) quota='yes' ;; # Enable quota - *) help ;; # Default + a) apache=$OPTARG ;; # Apache + n) nginx=$OPTARG ;; # Nginx + w) phpfpm=$OPTARG ;; # PHP-FPM + v) vsftpd=$OPTARG ;; # Vsftpd + j) proftpd=$OPTARG ;; # Proftpd + k) named=$OPTARG ;; # Named + m) mysql=$OPTARG ;; # MySQL + g) postgresql=$OPTARG ;; # PostgreSQL + x) exim=$OPTARG ;; # Exim + z) dovecot=$OPTARG ;; # Dovecot + c) clamd=$OPTARG ;; # ClamAV + t) spamd=$OPTARG ;; # SpamAssassin + i) iptables=$OPTARG ;; # Iptables + b) fail2ban=$OPTARG ;; # Fail2ban + r) remi=$OPTARG ;; # Remi repo + o) softaculous=$OPTARG ;; # Softaculous plugin + q) quota=$OPTARG ;; # FS Quota + l) lang=$OPTARG ;; # Language + y) interactive=$OPTARG ;; # Interactive install + s) servername=$OPTARG ;; # Hostname + u) ssl=$OPTARG ;; # Add Let's Encrypt SSL for hostname + e) email=$OPTARG ;; # Admin email + d) port=$OPTARG ;; # Vesta port + p) vpass=$OPTARG ;; # Admin password + f) force='yes' ;; # Force install + h) help ;; # Help + *) help ;; # Print help (default) esac done -# Am I root? -if [ "x$(id -u)" != 'x0' ]; then - echo 'Error: this script can only be executed by root' - exit 1 -fi - -# Check supported version -if [ -e '/etc/redhat-release' ]; then - echo 'Error: sorry, this installer works only on Ubuntu' - exit 1 -fi - -# Check supported OS -if [ "$(arch)" != 'x86_64' ]; then - arch='i386' +# Defining default software stack +set_default_value 'nginx' 'yes' +set_default_value 'apache' 'yes' +set_default_value 'phpfpm' 'no' +set_default_value 'vsftpd' 'yes' +set_default_value 'proftpd' 'no' +set_default_value 'named' 'yes' +set_default_value 'mysql' 'yes' +set_default_value 'postgresql' 'no' +set_default_value 'mongodb' 'no' +set_default_value 'exim' 'yes' +set_default_value 'dovecot' 'yes' +if [ $memory -lt 1500000 ]; then + set_default_value 'clamd' 'no' + set_default_value 'spamd' 'no' else - arch="amd64" + set_default_value 'clamd' 'yes' + set_default_value 'spamd' 'yes' fi -os=$(head -n 1 /etc/issue | cut -f 1 -d ' ') -release=$(head -n 1 /etc/issue | cut -f 2 -d ' ' ) -codename=$(lsb_release -cs | egrep "precise|quantal|raring|saucy|trusty") -if [ -z "$codename" ]; then - echo "Error: Ubuntu $(lsb_release -r|awk '{print $2}') is not supported" - exit 1 +set_default_value 'iptables' 'yes' +set_default_value 'fail2ban' 'yes' +set_default_value 'softaculous' 'yes' +set_default_value 'quota' 'no' +set_default_value 'interactive' 'yes' +set_default_value 'ssl' 'no' +set_default_lang 'en' + +# Checking software conflicts +if [ "$phpfpm" = 'yes' ]; then + apache='no' + nginx='yes' +fi +if [ "$proftpd" = 'yes' ]; then + vsftpd='no' +fi +if [ "$exim" = 'no' ]; then + clamd='no' + spamd='no' + dovecot='no' +fi +if [ "$iptables" = 'no' ]; then + fail2ban='no' fi -# Check admin user account -if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" != 'yes' ]; then - echo "Error: user admin exists" - echo +# Checking root permissions +if [ "x$(id -u)" != 'x0' ]; then + check_result 1 "Script can be run executed only by root" +fi + +# Checking admin user account +if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ -z "$force" ]; then echo 'Please remove admin user account before proceeding.' echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 + echo -e "Example: bash $0 --force\n" + check_result 1 "User admin exists" fi -# Check admin user account -if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" != 'yes' ]; then - echo "Error: user admin exists" - echo - echo 'Please remove admin user account before proceeding.' - echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi - -# Check wget +# Checking wget if [ ! -e '/usr/bin/wget' ]; then apt-get -y install wget - if [ $? -ne 0 ]; then - echo "Error: can't install wget" - exit 1 - fi + check_result $? "Can't install wget" fi -# Check repo availability -wget -q "$CHOST/$VERSION/vesta.conf" -O /dev/null -if [ $? -ne 0 ]; then - echo "Error: no access to repository" - exit 1 -fi +# Checking repository availability +wget -q "c.vestacp.com/deb_signing.key" -O /dev/null +check_result $? "No access to Vesta repository" -# Check installed packages +# Checking installed packages tmpfile=$(mktemp -p /tmp) dpkg --get-selections > $tmpfile +# Checking gnupg (fix for latest Ubuntu vestions) +for pkg in gnupg gnupg1 gnupg2; do + if [ ! -z "$(grep '$pkg' $tmpfile)" ]; then + gnupg_exist=true + break + fi +done +if [ -z "$gnupg_exist" ]; then + apt-get -y install gnupg + check_result $? "apt-get install failed" +fi +# Checking conflicts for pkg in exim4 mysql-server apache2 nginx vesta; do if [ ! -z "$(grep $pkg $tmpfile)" ]; then conflicts="$pkg $conflicts" @@ -170,211 +295,366 @@ if [ ! -z "$conflicts" ] && [ -z "$force" ]; then echo echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' echo - exit 1 + check_result 1 "Control Panel should be installed on clean server." fi -# Check server type -memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) -if [ "$memory" -lt '350000' ] && [ -z "$force" ]; then - echo "Error: not enough memory to install Vesta Control Panel." - echo -e "\nMinimum RAM required: 350Mb" - echo 'If you want to force installation run this script with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi -srv_type='micro' -if [ "$memory" -gt '1000000' ]; then - srv_type='small' +#----------------------------------------------------------# +# Brief Info # +#----------------------------------------------------------# + +# Printing nice ASCII logo +clear +echo +echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _| _|_|_| _|_| _| _|_|_|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _|_|_|_| _|_|_| _| _| _|' +echo +echo ' Vesta Control Panel' +echo -e "\n\n" + +echo 'The following software will be installed on your system:' + +# Web stack +if [ "$nginx" = 'yes' ]; then + echo ' - Nginx Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo ' - Apache Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo ' - Apache Web Server (as backend)' +fi +if [ "$phpfpm" = 'yes' ]; then + echo ' - PHP-FPM Application Server' fi -if [ "$memory" -gt '3000000' ]; then - srv_type='medium' +# DNS stack +if [ "$named" = 'yes' ]; then + echo ' - Bind DNS Server' fi -if [ "$memory" -gt '7000000' ]; then - srv_type='large' -fi - -# Are you sure ? -if [ -z $email ]; then - clear - echo - echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _|_|_|_| _|_|_| _| _| _| ' - echo - echo ' Vesta Control Panel' - echo - echo - echo 'Following software will be installed on your system:' - echo ' - Nginx frontend web server' - echo ' - Apache application web server' - echo ' - Bind DNS server' - echo ' - Exim mail server' - echo ' - Dovecot IMAP and POP3 server' - if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - echo ' - Clam mail antivirus' - echo ' - SpamAssassin antispam' +# Mail stack +if [ "$exim" = 'yes' ]; then + echo -n ' - Exim Mail Server' + if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ] ; then + echo -n ' + ' + if [ "$clamd" = 'yes' ]; then + echo -n 'ClamAV' + fi + if [ "$spamd" = 'yes' ]; then + echo -n 'SpamAssassin' + fi fi - echo ' - MySQL database server' - echo ' - Vsftpd FTP server' - echo - echo + echo + if [ "$dovecot" = 'yes' ]; then + echo ' - Dovecot POP3/IMAP Server' + fi +fi - read -p 'Do you want to proceed? [y/n]): ' answer +# Database stack +if [ "$mysql" = 'yes' ]; then + echo ' - MySQL Database Server' +fi +if [ "$postgresql" = 'yes' ]; then + echo ' - PostgreSQL Database Server' +fi +if [ "$mongodb" = 'yes' ]; then + echo ' - MongoDB Database Server' +fi + +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo ' - Vsftpd FTP Server' +fi +if [ "$proftpd" = 'yes' ]; then + echo ' - ProFTPD FTP Server' +fi + +# LE SSL for hostname +if [ "$ssl" = 'yes' ]; then + echo ' - LE SSL for hostname' +fi + +# Softaculous +if [ "$softaculous" = 'yes' ]; then + echo ' - Softaculous Plugin' +fi + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo -n ' - Iptables Firewall' +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo -n ' + Fail2Ban' +fi +echo -e "\n\n" + +# Asking for confirmation to proceed +if [ "$interactive" = 'yes' ]; then + read -p 'Would you like to continue [y/n]: ' answer if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then echo 'Goodbye' exit 1 fi - # Check email - read -p 'Please enter valid email address: ' email + # Asking for contact email + if [ -z "$email" ]; then + read -p 'Please enter admin email address: ' email + fi - # Define server hostname + # Asking for Vesta port + if [ -z "$port" ]; then + read -p 'Please enter Vesta port number (press enter for 8083): ' port + fi + + # Asking to set FQDN hostname if [ -z "$servername" ]; then - read -p "Please enter hostname [$(hostname)]: " servername + read -p "Please enter FQDN hostname [$(hostname -f)]: " servername fi fi -# Validate email -local_part=$(echo $email | cut -s -f1 -d\@) -remote_host=$(echo $email | cut -s -f2 -d\@) -mx_failed=1 -if [ ! -z "$remote_host" ] && [ ! -z "$local_part" ]; then - /usr/bin/host -t mx "$remote_host" > /dev/null 2>&1 - mx_failed="$?" +# Generating admin password if it wasn't set +if [ -z "$vpass" ]; then + vpass=$(gen_pass) fi -if [ "$mx_failed" -eq 1 ]; then - echo "Error: email $email is not valid" - exit 1 +# Set hostname if it wasn't set +if [ -z "$servername" ]; then + servername=$(hostname -f) +fi + +# Set FQDN if it wasn't set +mask1='(([[:alnum:]](-?[[:alnum:]])*)\.)' +mask2='*[[:alnum:]](-?[[:alnum:]])+\.[[:alnum:]]{2,}' +if ! [[ "$servername" =~ ^${mask1}${mask2}$ ]]; then + if [ ! -z "$servername" ]; then + servername="$servername.example.com" + else + servername="example.com" + fi + echo "127.0.0.1 $servername" >> /etc/hosts +fi + +# Set email if it wasn't set +if [ -z "$email" ]; then + email="admin@$servername" +fi + +# Set port if it wasn't set +if [ -z "$port" ]; then + port="8083" +fi + +# Defining backup directory +vst_backups="/root/vst_install_backups/$(date +%s)" +echo "Installation backup directory: $vst_backups" + +# Printing start message and sleeping for 5 seconds +echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" +sleep 5 + + +#----------------------------------------------------------# +# Checking swap # +#----------------------------------------------------------# + +# Checking swap on small instances +if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then + fallocate -l 1G /swapfile + chmod 600 /swapfile + mkswap /swapfile + swapon /swapfile + echo "/swapfile none swap sw 0 0" >> /etc/fstab fi #----------------------------------------------------------# # Install repository # #----------------------------------------------------------# -# Let's start -echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" -sleep 5 -# Update system -if [ -z "$noupdate" ]; then - apt-get -y upgrade - if [ $? -ne 0 ]; then - echo 'Error: apt-get upgrade failed' - exit 1 +# Updating system +apt-get -y upgrade +check_result $? 'apt-get upgrade failed' + +# Checking universe repository +if [[ ${release:0:2} -gt 16 ]]; then + if [ -z "$(grep universe /etc/apt/sources.list)" ]; then + add-apt-repository -y universe fi fi -# Install nginx repo +# Installing nginx repo apt=/etc/apt/sources.list.d -echo "deb http://nginx.org/packages/ubuntu/ $codename nginx" > $apt/nginx.list +echo "deb http://nginx.org/packages/mainline/ubuntu/ $codename nginx" \ + > $apt/nginx.list wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key apt-key add /tmp/nginx_signing.key -# Install vesta repo +# Installing vesta repo echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list wget $CHOST/deb_signing.key -O deb_signing.key apt-key add deb_signing.key #----------------------------------------------------------# -# Backups # +# Backup # #----------------------------------------------------------# -# Prepare backup tree -vst_backups="/root/vst_install_backups/$(date +%s)" -mkdir -p $vst_backups/nginx -mkdir -p $vst_backups/apache2 -mkdir -p $vst_backups/mysql -mkdir -p $vst_backups/exim4 -mkdir -p $vst_backups/dovecot -mkdir -p $vst_backups/clamav -mkdir -p $vst_backups/spamassassin -mkdir -p $vst_backups/vsftpd -mkdir -p $vst_backups/bind -mkdir -p $vst_backups/vesta -mkdir -p $vst_backups/home +# Creating backup directory tree +mkdir -p $vst_backups +cd $vst_backups +mkdir nginx apache2 php vsftpd proftpd bind exim4 dovecot clamd +mkdir spamassassin mysql postgresql mongodb vesta -# Backup sudoers -if [ -e '/etc/sudoers' ]; then - cp /etc/sudoers $vst_backups/ -fi - -# Backup nginx +# Backup nginx configuration service nginx stop > /dev/null 2>&1 -if [ -e '/etc/nginx/nginx.conf' ]; then - cp -r /etc/nginx/* $vst_backups/nginx/ -fi +cp -r /etc/nginx/* $vst_backups/nginx >/dev/null 2>&1 -# Backup apache2 +# Backup Apache configuration service apache2 stop > /dev/null 2>&1 -if [ -e '/etc/apache2/apache2.conf' ]; then - cp -r /etc/apache2/* $vst_backups/apache2/ -fi +cp -r /etc/apache2/* $vst_backups/apache2 > /dev/null 2>&1 +rm -f /etc/apache2/conf.d/* > /dev/null 2>&1 -# Backup bind9 +# Backup PHP-FPM configuration +service php7.0-fpm stop > /dev/null 2>&1 +service php5-fpm stop > /dev/null 2>&1 +service php-fpm stop > /dev/null 2>&1 +cp -r /etc/php7.0/* $vst_backups/php/ > /dev/null 2>&1 +cp -r /etc/php5/* $vst_backups/php/ > /dev/null 2>&1 +cp -r /etc/php/* $vst_backups/php/ > /dev/null 2>&1 + +# Backup Bind configuration service bind9 stop > /dev/null 2>&1 -if [ -e '/etc/bind/named.conf' ]; then - cp -r /etc/bind/* $vst_backups/bind/ -fi +cp -r /etc/bind/* $vst_backups/bind > /dev/null 2>&1 -# Backup vsftpd +# Backup Vsftpd configuration service vsftpd stop > /dev/null 2>&1 -if [ -e '/etc/vsftpd.conf' ]; then - cp /etc/vsftpd.conf $vst_backups/vsftpd/ -fi +cp /etc/vsftpd.conf $vst_backups/vsftpd > /dev/null 2>&1 -# Backup exim4 +# Backup ProFTPD configuration +service proftpd stop > /dev/null 2>&1 +cp /etc/proftpd.conf $vst_backups/proftpd > /dev/null 2>&1 + +# Backup Exim configuration service exim4 stop > /dev/null 2>&1 -if [ -e '/etc/exim4/exim4.conf.template' ]; then - cp -r /etc/exim4/* $vst_backups/exim4/ -fi +cp -r /etc/exim4/* $vst_backups/exim4 > /dev/null 2>&1 -# Backup clamav +# Backup ClamAV configuration service clamav-daemon stop > /dev/null 2>&1 -if [ -e '/etc/clamav/clamd.conf' ]; then - cp -r /etc/clamav/* $vst_backups/clamav/ -fi +cp -r /etc/clamav/* $vst_backups/clamav > /dev/null 2>&1 -# Backup SpamAssassin +# Backup SpamAssassin configuration service spamassassin stop > /dev/null 2>&1 -if [ -e '/etc/spamassassin/local.cf' ]; then - cp -r /etc/spamassassin/* $vst_backups/spamassassin/ -fi +cp -r /etc/spamassassin/* $vst_backups/spamassassin > /dev/null 2>&1 -# Backup dovecot +# Backup Dovecot configuration service dovecot stop > /dev/null 2>&1 -if [ -e '/etc/dovecot.conf' ]; then - cp /etc/dovecot.conf $vst_backups/dovecot/ -fi -if [ -e '/etc/dovecot' ]; then - cp -r /etc/dovecot/* $vst_backups/dovecot/ -fi +cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1 +cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1 -# Backup MySQL stuff +# Backup MySQL/MariaDB configuration and data service mysql stop > /dev/null 2>&1 -if [ -e '/var/lib/mysql' ]; then - mv /var/lib/mysql $vst_backups/mysql/mysql_datadir -fi -if [ -e '/etc/mysql/my.cnf' ]; then - cp -r /etc/mysql/* $vst_backups/mysql/ -fi -if [ -e '/root/.my.cnf' ]; then - mv /root/.my.cnf $vst_backups/mysql/ +killall -9 mysqld > /dev/null 2>&1 +mv /var/lib/mysql $vst_backups/mysql/mysql_datadir > /dev/null 2>&1 +cp -r /etc/mysql/* $vst_backups/mysql > /dev/null 2>&1 +mv -f /root/.my.cnf $vst_backups/mysql > /dev/null 2>&1 +if [ "$release" = '16.04' ] && [ -e '/etc/init.d/mysql' ]; then + mkdir -p /var/lib/mysql > /dev/null 2>&1 + chown mysql:mysql /var/lib/mysql + mysqld --initialize-insecure fi -# Backup vesta +# Backup Vesta service vesta stop > /dev/null 2>&1 -if [ -e '/usr/local/vesta' ]; then - cp -r /usr/local/vesta/* $vst_backups/vesta/ - apt-get -y remove vesta* - apt-get -y purge vesta* - rm -rf /usr/local/vesta +cp -r $VESTA/* $vst_backups/vesta > /dev/null 2>&1 +apt-get -y remove vesta vesta-nginx vesta-php > /dev/null 2>&1 +apt-get -y purge vesta vesta-nginx vesta-php > /dev/null 2>&1 +rm -rf $VESTA > /dev/null 2>&1 + + +#----------------------------------------------------------# +# Package Excludes # +#----------------------------------------------------------# + +# Excluding packages +if [ "$release" != "15.04" ] && [ "$release" != "15.04" ]; then + software=$(echo "$software" | sed -e "s/apache2.2-common//") +fi + +if [ "$nginx" = 'no' ]; then + software=$(echo "$software" | sed -e "s/ nginx/ /") +fi +if [ "$apache" = 'no' ]; then + software=$(echo "$software" | sed -e "s/apache2 //") + software=$(echo "$software" | sed -e "s/apache2-utils//") + software=$(echo "$software" | sed -e "s/apache2-suexec-custom//") + software=$(echo "$software" | sed -e "s/apache2.2-common//") + software=$(echo "$software" | sed -e "s/libapache2-mod-ruid2//") + software=$(echo "$software" | sed -e "s/libapache2-mod-rpaf//") + software=$(echo "$software" | sed -e "s/libapache2-mod-fcgid//") + software=$(echo "$software" | sed -e "s/libapache2-mod-php7.0//") + software=$(echo "$software" | sed -e "s/libapache2-mod-php5//") + software=$(echo "$software" | sed -e "s/libapache2-mod-php//") +fi +if [ "$phpfpm" = 'no' ]; then + software=$(echo "$software" | sed -e "s/php7.0-fpm//") + software=$(echo "$software" | sed -e "s/php5-fpm//") + software=$(echo "$software" | sed -e "s/php-fpm//") +fi +if [ "$vsftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/vsftpd//") +fi +if [ "$proftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/proftpd-basic//") + software=$(echo "$software" | sed -e "s/proftpd-mod-vroot//") +fi +if [ "$named" = 'no' ]; then + software=$(echo "$software" | sed -e "s/bind9//") +fi +if [ "$exim" = 'no' ]; then + software=$(echo "$software" | sed -e "s/exim4 //") + software=$(echo "$software" | sed -e "s/exim4-daemon-heavy//") + software=$(echo "$software" | sed -e "s/dovecot-imapd//") + software=$(echo "$software" | sed -e "s/dovecot-pop3d//") + software=$(echo "$software" | sed -e "s/clamav-daemon//") + software=$(echo "$software" | sed -e "s/spamassassin//") +fi +if [ "$clamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/clamav-daemon//") +fi +if [ "$spamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/spamassassin//") +fi +if [ "$dovecot" = 'no' ]; then + software=$(echo "$software" | sed -e "s/dovecot-imapd//") + software=$(echo "$software" | sed -e "s/dovecot-pop3d//") +fi +if [ "$mysql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/mysql-server//') + software=$(echo "$software" | sed -e 's/mysql-client//') + software=$(echo "$software" | sed -e 's/mysql-common//') + software=$(echo "$software" | sed -e 's/php7.0-mysql//') + software=$(echo "$software" | sed -e 's/php5-mysql//') + software=$(echo "$software" | sed -e 's/php-mysql//') + software=$(echo "$software" | sed -e 's/phpMyAdmin//') + software=$(echo "$software" | sed -e 's/phpmyadmin//') +fi +if [ "$postgresql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/postgresql-contrib//') + software=$(echo "$software" | sed -e 's/postgresql//') + software=$(echo "$software" | sed -e 's/php7.0-pgsql//') + software=$(echo "$software" | sed -e 's/php5-pgsql//') + software=$(echo "$software" | sed -e 's/php-pgsql//') + software=$(echo "$software" | sed -e 's/phppgadmin//') +fi +if [ "$softaculous" = 'no' ]; then + software=$(echo "$software" | sed -e 's/vesta-softaculous//') +fi +if [ "$iptables" = 'no' ] || [ "$fail2ban" = 'no' ]; then + software=$(echo "$software" | sed -e 's/fail2ban//') fi @@ -382,39 +662,18 @@ fi # Install packages # #----------------------------------------------------------# -# Exclude heavy packages -if [ "$srv_type" = 'micro' ]; then - software=$(echo "$software" | sed -e 's/libapache2-mod-fcgid//') - software=$(echo "$software" | sed -e 's/clamav-daemon//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -if [ "$srv_type" = 'small' ]; then - software=$(echo "$software" | sed -e 's/clamav-daemon//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -# Exclude fail2ban -if [ "$disable_fail2ban" = 'yes' ]; then - software=$(echo "$software" | sed -e 's/fail2ban//') -fi - -# Update system packages +# Updating system apt-get update -# Disable daemon autostart -# For more details /usr/share/doc/sysv-rc/README.policy-rc.d.gz -echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d +# Disabling daemon autostart on apt-get install +echo -e '#!/bin/sh\nexit 101' > /usr/sbin/policy-rc.d chmod a+x /usr/sbin/policy-rc.d -# Install Vesta packages +# Installing apt packages apt-get -y install $software -if [ $? -ne 0 ]; then - echo 'Error: apt-get install failed' - exit 1 -fi +check_result $? "apt-get install failed" -# Restore policy +# Restoring autostart policy rm -f /usr/sbin/policy-rc.d @@ -422,140 +681,28 @@ rm -f /usr/sbin/policy-rc.d # Configure system # #----------------------------------------------------------# -# Set writable permission on tmp directory -chmod 777 /tmp - -# Vesta configuration -echo "export VESTA='/usr/local/vesta'" > /etc/profile.d/vesta.sh -chmod 755 /etc/profile.d/vesta.sh -source /etc/profile.d/vesta.sh -echo 'PATH=$PATH:/usr/local/vesta/bin' >> /root/.bash_profile -echo 'export PATH' >> /root/.bash_profile -source /root/.bash_profile -wget $CHOST/$VERSION/vesta.log -O /etc/logrotate.d/vesta - -# Directory tree -mkdir -p $VESTA/conf -mkdir -p $VESTA/log -mkdir -p $VESTA/ssl -mkdir -p $VESTA/data -mkdir -p $VESTA/data/ips -mkdir -p $VESTA/data/queue -mkdir -p $VESTA/data/users -mkdir -p $VESTA/data/firewall -touch $VESTA/data/queue/backup.pipe -touch $VESTA/data/queue/disk.pipe -touch $VESTA/data/queue/webstats.pipe -touch $VESTA/data/queue/restart.pipe -touch $VESTA/data/queue/traffic.pipe -chmod 750 $VESTA/conf -chmod 750 $VESTA/data/users -chmod 750 $VESTA/data/ips -chmod -R 750 $VESTA/data/queue -ln -s /usr/local/vesta/log /var/log/vesta -touch /var/log/vesta/system.log -touch /var/log/vesta/nginx-error.log -touch /var/log/vesta/auth.log -chmod 660 /var/log/vesta/* -adduser backup > /dev/null 2>&1 -mkdir -p /home/backup -chown backup:backup /home/backup -ln -s /home/backup /backup -chmod a+x /backup - -# vesta.conf -wget $CHOST/$VERSION/vesta.conf -O $VESTA/conf/vesta.conf -if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then - sed -i "s/clamav-daemon//g" $VESTA/conf/vesta.conf - sed -i "s/spamassassin//g" $VESTA/conf/vesta.conf -fi - -# Set server hostname -if [ -z "$servername" ]; then - servername=$(hostname) -fi -/usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null - -# Templates, packages -cd /usr/local/vesta/data -wget $CHOST/$VERSION/packages.tar.gz -O packages.tar.gz -tar -xzf packages.tar.gz -rm -f packages.tar.gz -cd /usr/local/vesta/data -wget $CHOST/$VERSION/templates.tar.gz -O templates.tar.gz -tar -xzf templates.tar.gz -rm -f templates.tar.gz -if [ "$codename" = 'saucy' ] || [ "$codename" = 'trusty' ]; then - sed -i "s/Include /IncludeOptional /g" \ - $VESTA/data/templates/web/apache2/*tpl -fi -chmod -R 755 /usr/local/vesta/data/templates -cp templates/web/skel/public_html/index.html /var/www/ -sed -i 's/%domain%/It worked!/g' /var/www/index.html -if [ "$srv_type" = 'micro' ]; then - rm -f /usr/local/vesta/data/templates/web/apache2/phpfcgid.* -fi - -# Removing CGI templates -if [ "$codename" = 'trusty' ]; then - rm -f /usr/local/vesta/data/templates/web/apache2/phpcgi.* -fi - -# Firewall configuartion -wget $CHOST/$VERSION/firewall.tar.gz -O firewall.tar.gz -tar -xzf firewall.tar.gz -if [ "$disable_iptables" = 'yes' ]; then - sed -i "s/iptables//" $VESTA/conf/vesta.conf -else - $BIN/v-update-firewall -fi - -# Generating SSL certificate -$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ - 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem - -# Parsing merged certificate file -crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) -key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) -key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) - -# Adding SSL certificate -cd /usr/local/vesta/ssl -sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt -sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key -chown root:mail /usr/local/vesta/ssl/* -chmod 660 /usr/local/vesta/ssl/* -rm /tmp/vst.pem - -# Enable SSH password auth +# Enabling SSH password auth sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config service ssh restart -# AppArmor -aa-complain /usr/sbin/named - -# Disable awstats cron +# Disabling AWStats cron rm -f /etc/cron.d/awstats # Set directory color echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile -# Register /sbin/nologin -echo "/sbin/nologin" >> /etc/shells +# Registering /usr/sbin/nologin +if [ -z "$(grep nologin /etc/shells)" ]; then + echo "/usr/sbin/nologin" >> /etc/shells +fi -# Sudo configuration -wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers -wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin -chmod 440 /etc/sudoers -chmod 440 /etc/sudoers.d/admin - -# NTP Synchronization +# Configuring NTP echo '#!/bin/sh' > /etc/cron.daily/ntpdate -echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate +echo "$(which ntpdate) -s ntp.ubuntu.com" >> /etc/cron.daily/ntpdate chmod 775 /etc/cron.daily/ntpdate -ntpdate -s pool.ntp.org +ntpdate -s ntp.ubuntu.com -# Setup rssh +# Adding rssh if [ -z "$(grep /usr/bin/rssh /etc/shells)" ]; then echo /usr/bin/rssh >> /etc/shells fi @@ -564,327 +711,735 @@ sed -i 's/#allowsftp/allowsftp/' /etc/rssh.conf sed -i 's/#allowrsync/allowrsync/' /etc/rssh.conf chmod 755 /usr/bin/rssh -# Nginx configuration -rm -f /etc/nginx/conf.d/*.conf -wget $CHOST/$VERSION/nginx.conf -O /etc/nginx/nginx.conf -wget $CHOST/$VERSION/nginx-status.conf -O /etc/nginx/conf.d/status.conf -touch /etc/nginx/conf.d/vesta.conf -update-rc.d nginx defaults -service nginx stop > /dev/null 2>&1 -service nginx start -if [ "$?" -ne 0 ]; then - echo "Error: nginx start failed" - exit 1 + +#----------------------------------------------------------# +# Configure Vesta # +#----------------------------------------------------------# + +# Installing sudo configuration +mkdir -p /etc/sudoers.d +cp -f $vestacp/sudo/admin /etc/sudoers.d/ +chmod 440 /etc/sudoers.d/admin +sed -i "s/%admin.*ALL=(ALL).*/# sudo is limited to vesta scripts/" /etc/sudoers + +# Configuring system env +echo "export VESTA='$VESTA'" > /etc/profile.d/vesta.sh +chmod 755 /etc/profile.d/vesta.sh +source /etc/profile.d/vesta.sh +echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile +echo 'export PATH' >> /root/.bash_profile +source /root/.bash_profile + +# Configuring logrotate for Vesta logs +cp -f $vestacp/logrotate/vesta /etc/logrotate.d/ + +# Building directory tree and creating some blank files for Vesta +mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \ + $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \ + $VESTA/data/sessions +touch $VESTA/data/queue/backup.pipe $VESTA/data/queue/disk.pipe \ + $VESTA/data/queue/webstats.pipe $VESTA/data/queue/restart.pipe \ + $VESTA/data/queue/traffic.pipe $VESTA/log/system.log \ + $VESTA/log/nginx-error.log $VESTA/log/auth.log +chmod 750 $VESTA/conf $VESTA/data/users $VESTA/data/ips $VESTA/log +chmod -R 750 $VESTA/data/queue +chmod 660 $VESTA/log/* +rm -f /var/log/vesta +ln -s $VESTA/log /var/log/vesta +chmod 770 $VESTA/data/sessions + +# Generating Vesta configuration +rm -f $VESTA/conf/vesta.conf 2>/dev/null +touch $VESTA/conf/vesta.conf +chmod 660 $VESTA/conf/vesta.conf + +# Web stack +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='8080'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='8443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "PROXY_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "PROXY_PORT='80'" >> $VESTA/conf/vesta.conf + echo "PROXY_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'no' ] && [ "$nginx" = 'yes' ]; then + echo "WEB_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='openssl'" >> $VESTA/conf/vesta.conf + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf + fi + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf fi -# Apache configuration -wget $CHOST/$VERSION/apache2.conf -O /etc/apache2/apache2.conf -if [ "$codename" = 'saucy' ] || [ "$codename" = 'trusty' ]; then - sed -i "/^LockFile /d" /etc/apache2/apache2.conf +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo "FTP_SYSTEM='vsftpd'" >> $VESTA/conf/vesta.conf fi -wget $CHOST/$VERSION/apache2-status.conf \ - -O /etc/apache2/mods-enabled/status.conf -wget $CHOST/$VERSION/apache2.log -O /etc/logrotate.d/apache2 -echo "# Powered by vesta" > /etc/apache2/sites-available/default -echo "# Powered by vesta" > /etc/apache2/sites-available/default-ssl -echo "# Powered by vesta" > /etc/apache2/ports.conf -mkdir -p /etc/apache2/conf.d -rm -f /etc/apache2/conf.d/vesta.conf -echo > /etc/apache2/conf.d/vesta.conf -touch /var/log/apache2/access.log -touch /var/log/apache2/error.log -mkdir -p /var/log/apache2/domains -chmod a+x /var/log/apache2 -chmod 640 /var/log/apache2/access.log -chmod 640 /var/log/apache2/error.log -chmod 751 /var/log/apache2/domains -a2enmod rewrite -a2enmod ssl -a2enmod suexec -echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data -update-rc.d apache2 defaults -service apache2 stop > /dev/null 2>&1 -service apache2 start -if [ "$?" -ne 0 ]; then - echo "Error: apache2 start failed" - exit 1 +if [ "$proftpd" = 'yes' ]; then + echo "FTP_SYSTEM='proftpd'" >> $VESTA/conf/vesta.conf fi -# Vsftpd configuration -wget $CHOST/$VERSION/vsftpd.conf -O /etc/vsftpd.conf -update-rc.d vsftpd defaults -service vsftpd stop > /dev/null 2>&1 -service vsftpd start -if [ "$?" -ne 0 ]; then - echo "Error: vsftpd start failed" - exit 1 +# DNS stack +if [ "$named" = 'yes' ]; then + echo "DNS_SYSTEM='bind9'" >> $VESTA/conf/vesta.conf fi -# Generating MySQL password if it wasn't set -if [ -z "$mpass" ]; then - mpass=$(gen_pass) +# Mail stack +if [ "$exim" = 'yes' ]; then + echo "MAIL_SYSTEM='exim4'" >> $VESTA/conf/vesta.conf + if [ "$clamd" = 'yes' ]; then + echo "ANTIVIRUS_SYSTEM='clamav-daemon'" >> $VESTA/conf/vesta.conf + fi + if [ "$spamd" = 'yes' ]; then + echo "ANTISPAM_SYSTEM='spamassassin'" >> $VESTA/conf/vesta.conf + fi + if [ "$dovecot" = 'yes' ]; then + echo "IMAP_SYSTEM='dovecot'" >> $VESTA/conf/vesta.conf + fi fi -# MySQL configuration -wget $CHOST/$VERSION/my.cnf -O /etc/mysql/my.cnf -mysql_install_db -if [ "$release" != '14.04' ]; then +# Cron daemon +echo "CRON_SYSTEM='cron'" >> $VESTA/conf/vesta.conf + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo "FIREWALL_EXTENSION='fail2ban'" >> $VESTA/conf/vesta.conf +fi + +# Disk quota +if [ "$quota" = 'yes' ]; then + echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf +fi + +# Backups +echo "BACKUP_SYSTEM='local'" >> $VESTA/conf/vesta.conf + +# Language +echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf + +# Version +echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf + +# Installing hosting packages +cp -rf $vestacp/packages $VESTA/data/ + +# Installing templates +cp -rf $vestacp/templates $VESTA/data/ + +# Copying index.html to default documentroot +cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/ +sed -i 's/%domain%/It worked!/g' /var/www/index.html + +# Installing firewall rules +cp -rf $vestacp/firewall $VESTA/data/ + +# Configuring server hostname +$VESTA/bin/v-change-sys-hostname $servername 2>/dev/null + +# Generating SSL certificate +$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ + 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem + +# Parsing certificate file +crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) +key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) +key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) + +# Adding SSL certificate +cd $VESTA/ssl +sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt +sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key +chown root:mail $VESTA/ssl/* +chmod 660 $VESTA/ssl/* +rm /tmp/vst.pem + +# Adding nologin as a valid system shell +if [ -z "$(grep nologin /etc/shells)" ]; then + echo "/usr/sbin/nologin" >> /etc/shells +fi + + +#----------------------------------------------------------# +# Configure Nginx # +#----------------------------------------------------------# + +if [ "$nginx" = 'yes' ]; then + rm -f /etc/nginx/conf.d/*.conf + cp -f $vestacp/nginx/nginx.conf /etc/nginx/ + cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/ + cp -f $vestacp/nginx/phpmyadmin.inc /etc/nginx/conf.d/ + cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/ + cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/ + cp -f $vestacp/logrotate/nginx /etc/logrotate.d/ + echo > /etc/nginx/conf.d/vesta.conf + mkdir -p /var/log/nginx/domains + update-rc.d nginx defaults + service nginx start + check_result $? "nginx start failed" +fi + + +#----------------------------------------------------------# +# Configure Apache # +#----------------------------------------------------------# + +if [ "$apache" = 'yes' ]; then + cp -f $vestacp/apache2/apache2.conf /etc/apache2/ + cp -f $vestacp/apache2/status.conf /etc/apache2/mods-enabled/ + cp -f $vestacp/logrotate/apache2 /etc/logrotate.d/ + a2enmod rewrite + a2enmod suexec + a2enmod ssl + a2enmod actions + a2enmod ruid2 + mkdir -p /etc/apache2/conf.d + echo > /etc/apache2/conf.d/vesta.conf + echo "# Server control panel by VESTA" > /etc/apache2/sites-available/default + echo "# Server control panel by VESTA" > /etc/apache2/sites-available/default-ssl + echo "# Server control panel by VESTA" > /etc/apache2/ports.conf + echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data + touch /var/log/apache2/access.log /var/log/apache2/error.log + mkdir -p /var/log/apache2/domains + chmod a+x /var/log/apache2 + chmod 640 /var/log/apache2/access.log /var/log/apache2/error.log + chmod 751 /var/log/apache2/domains + update-rc.d apache2 defaults + service apache2 start + check_result $? "apache2 start failed" +else + update-rc.d apache2 disable >/dev/null 2>&1 + service apache2 stop >/dev/null 2>&1 +fi + + +#----------------------------------------------------------# +# Configure PHP-FPM # +#----------------------------------------------------------# + +if [ "$phpfpm" = 'yes' ]; then + pool=$(find /etc/php* -type d \( -name "pool.d" -o -name "*fpm.d" \)) + cp -f $vestacp/php-fpm/www.conf $pool/ + php_fpm=$(ls /etc/init.d/php*-fpm* |cut -f 4 -d /) + ln -s /etc/init.d/$php_fpm /etc/init.d/php-fpm > /dev/null 2>&1 + update-rc.d $php_fpm defaults + service $php_fpm start + check_result $? "php-fpm start failed" +fi + + +#----------------------------------------------------------# +# Configure PHP # +#----------------------------------------------------------# + +ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}') +if [ -z "$ZONE" ]; then + ZONE='UTC' +fi +for pconf in $(find /etc/php* -name php.ini); do + sed -i "s%;date.timezone =%date.timezone = $ZONE%g" $pconf + sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf +done + + +#----------------------------------------------------------# +# Configure Vsftpd # +#----------------------------------------------------------# + +if [ "$vsftpd" = 'yes' ]; then + cp -f $vestacp/vsftpd/vsftpd.conf /etc/ + touch /var/log/vsftpd.log + chown root:adm /var/log/vsftpd.log + chmod 640 /var/log/vsftpd.log + touch /var/log/xferlog + chown root:adm /var/log/xferlog + chmod 640 /var/log/xferlog + update-rc.d vsftpd defaults + service vsftpd start + check_result $? "vsftpd start failed" + +fi + + +#----------------------------------------------------------# +# Configure ProFTPD # +#----------------------------------------------------------# + +if [ "$proftpd" = 'yes' ]; then + echo "127.0.0.1 $servername" >> /etc/hosts + cp -f $vestacp/proftpd/proftpd.conf /etc/proftpd/ + update-rc.d proftpd defaults + service proftpd start + check_result $? "proftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure MySQL/MariaDB # +#----------------------------------------------------------# + +if [ "$mysql" = 'yes' ]; then + mycnf="my-small.cnf" + if [ $memory -gt 1200000 ]; then + mycnf="my-medium.cnf" + fi + if [ $memory -gt 3900000 ]; then + mycnf="my-large.cnf" + fi + + # Configuring MySQL/MariaDB + cp -f $vestacp/mysql/$mycnf /etc/mysql/my.cnf + if [ "$release" != '16.04' ]; then + mysql_install_db + fi + if [ "$release" == '18.04' ]; then + mkdir /var/lib/mysql + chown mysql:mysql /var/lib/mysql + mysqld --initialize-insecure + fi update-rc.d mysql defaults -fi -service mysql stop > /dev/null 2>&1 -service mysql start -if [ "$?" -ne 0 ]; then - echo "Error: mysql start failed" - exit 1 -fi -mysqladmin -u root password $mpass -echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf -chmod 600 /root/.my.cnf -mysql -e "DELETE FROM mysql.user WHERE User=''" -mysql -e "DROP DATABASE test" > /dev/null 2>&1 -mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" -mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" -mysql -e "FLUSH PRIVILEGES" + service mysql start + check_result $? "mysql start failed" -# Bind configuration -wget $CHOST/$VERSION/named.conf -O /etc/bind/named.conf -sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options -chown root:bind /etc/bind/named.conf -chmod 640 /etc/bind/named.conf -update-rc.d bind9 defaults -service bind9 stop > /dev/null 2>&1 -service bind9 start -if [ "$?" -ne 0 ]; then - echo "Error: bind9 start failed" - exit 1 + # Securing MySQL/MariaDB installation + mpass=$(gen_pass) + mysqladmin -u root password $mpass + echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf + chmod 600 /root/.my.cnf + mysql -e "DELETE FROM mysql.user WHERE User=''" + mysql -e "DROP DATABASE test" >/dev/null 2>&1 + mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" + mysql -e "DELETE FROM mysql.user WHERE user='' OR password='';" + mysql -e "FLUSH PRIVILEGES" + + # Configuring phpMyAdmin + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/ + ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf + fi + if [[ ${release:0:2} -ge 18 ]]; then + mysql < /usr/share/phpmyadmin/sql/create_tables.sql + p=$(grep dbpass /etc/phpmyadmin/config-db.php |cut -f 2 -d "'") + mysql -e "GRANT ALL ON phpmyadmin.* + TO phpmyadmin@localhost IDENTIFIED BY '$p'" + else + cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/ + fi + chmod 777 /var/lib/phpmyadmin/tmp fi -# Exim -wget $CHOST/$VERSION/exim4.conf.template -O /etc/exim4/exim4.conf.template -if [ "$srv_type" != 'micro' ] && [ "$srv_type" != 'small' ]; then - sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template - sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template -fi -wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim4/dnsbl.conf -wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim4/spam-blocks.conf -touch /etc/exim4/white-blocks.conf -rm -rf /etc/exim4/domains -mkdir -p /etc/exim4/domains -chmod 640 /etc/exim4/exim4.conf.template -gpasswd -a Debian-exim mail -if [ -e /etc/init.d/sendmail ]; then - update-rc.d -f sendmail remove - service sendmail stop -fi -if [ -e /etc/init.d/postfix ]; then - update-rc.d -f postfix remove - service postfix stop -fi -rm -f /etc/alternatives/mta -ln -s /usr/sbin/exim4 /etc/alternatives/mta -update-rc.d exim4 defaults -service exim4 stop > /dev/null 2>&1 -service exim4 start -if [ "$?" -ne 0 ]; then - echo "Error: exim start failed" - exit + +#----------------------------------------------------------# +# Configure PostgreSQL # +#----------------------------------------------------------# + +if [ "$postgresql" = 'yes' ]; then + ppass=$(gen_pass) + cp -f $vestacp/postgresql/pg_hba.conf /etc/postgresql/*/main/ + service postgresql restart + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'" + + # Configuring phpPgAdmin + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/pga/phppgadmin.conf /etc/apache2/conf.d/ + fi + cp -f $vestacp/pga/config.inc.php /etc/phppgadmin/ fi -# Dovecot configuration -wget $CHOST/$VERSION/dovecot.conf -O /etc/dovecot/dovecot.conf -cd /etc/dovecot/ -wget $CHOST/$VERSION/dovecot-conf.d.tar.gz -rm -rf conf.d *.ext README -tar -xzf dovecot-conf.d.tar.gz -rm -f dovecot-conf.d.tar.gz -chown -R root:root /etc/dovecot -gpasswd -a dovecot mail -update-rc.d dovecot defaults -service dovecot stop > /dev/null 2>&1 -service dovecot start -if [ "$?" -ne 0 ]; then - echo "Error: dovecot start failed" - exit 1 + +#----------------------------------------------------------# +# Configure Bind # +#----------------------------------------------------------# + +if [ "$named" = 'yes' ]; then + cp -f $vestacp/bind/named.conf /etc/bind/ + sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options + chown root:bind /etc/bind/named.conf + chmod 640 /etc/bind/named.conf + aa-complain /usr/sbin/named 2>/dev/null + echo "/home/** rwm," >> /etc/apparmor.d/local/usr.sbin.named 2>/dev/null + service apparmor status >/dev/null 2>&1 + if [ $? -ne 0 ]; then + service apparmor restart + fi + update-rc.d bind9 defaults + service bind9 start + check_result $? "bind9 start failed" + + # Workaround for OpenVZ/Virtuozzo + if [ -e "/proc/vz/veinfo" ]; then + sed -i "s/^exit 0/service bind9 restart\nexit 0/" /etc/rc.local + fi fi -# ClamAV configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - wget $CHOST/$VERSION/clamd.conf -O /etc/clamav/clamd.conf +#----------------------------------------------------------# +# Configure Exim # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ]; then + gpasswd -a Debian-exim mail + cp -f $vestacp/exim/exim4.conf.template /etc/exim4/ + cp -f $vestacp/exim/dnsbl.conf /etc/exim4/ + cp -f $vestacp/exim/spam-blocks.conf /etc/exim4/ + touch /etc/exim4/white-blocks.conf + + if [ "$spamd" = 'yes' ]; then + sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template + fi + if [ "$clamd" = 'yes' ]; then + sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template + fi + + chmod 640 /etc/exim4/exim4.conf.template + rm -rf /etc/exim4/domains + mkdir -p /etc/exim4/domains + + rm -f /etc/alternatives/mta + ln -s /usr/sbin/exim4 /etc/alternatives/mta + update-rc.d -f sendmail remove > /dev/null 2>&1 + service sendmail stop > /dev/null 2>&1 + update-rc.d -f postfix remove > /dev/null 2>&1 + service postfix stop > /dev/null 2>&1 + + update-rc.d exim4 defaults + service exim4 start + check_result $? "exim4 start failed" +fi + + +#----------------------------------------------------------# +# Configure Dovecot # +#----------------------------------------------------------# + +if [ "$dovecot" = 'yes' ]; then + gpasswd -a dovecot mail + if [[ ${release:0:2} -ge 18 ]]; then + cp -r /usr/local/vesta/install/debian/9/dovecot /etc/ + if [ -z "$(grep yes /etc/dovecot/conf.d/10-mail.conf)" ]; then + echo "namespace inbox {" >> /etc/dovecot/conf.d/10-mail.conf + echo " inbox = yes" >> /etc/dovecot/conf.d/10-mail.conf + echo "}" >> /etc/dovecot/conf.d/10-mail.conf + echo "first_valid_uid = 1000" >> /etc/dovecot/conf.d/10-mail.conf + echo "mbox_write_locks = fcntl" >> /etc/dovecot/conf.d/10-mail.conf + fi + else + cp -rf $vestacp/dovecot /etc/ + fi + cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/ + chown -R root:root /etc/dovecot* + update-rc.d dovecot defaults + service dovecot start + check_result $? "dovecot start failed" +fi + + +#----------------------------------------------------------# +# Configure ClamAV # +#----------------------------------------------------------# + +if [ "$clamd" = 'yes' ]; then gpasswd -a clamav mail gpasswd -a clamav Debian-exim + cp -f $vestacp/clamav/clamd.conf /etc/clamav/ /usr/bin/freshclam update-rc.d clamav-daemon defaults - service clamav-daemon stop > /dev/null 2>&1 service clamav-daemon start - if [ "$?" -ne 0 ]; then - echo "Error: clamav start failed" - exit 1 - fi + check_result $? "clamav-daemon start failed" fi -# SpamAssassin configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then + +#----------------------------------------------------------# +# Configure SpamAssassin # +#----------------------------------------------------------# + +if [ "$spamd" = 'yes' ]; then update-rc.d spamassassin defaults sed -i "s/ENABLED=0/ENABLED=1/" /etc/default/spamassassin - service spamassassin stop > /dev/null 2>&1 service spamassassin start - if [ "$?" -ne 0 ]; then - echo "Error: spamassassin start failed" - exit 1 + check_result $? "spamassassin start failed" + unit_files="$(systemctl list-unit-files |grep spamassassin)" + if [[ "$unit_files" =~ "disabled" ]]; then + systemctl enable spamassassin fi fi -# Fail2ban configuration -if [ -z "$disable_fail2ban" ]; then - cd /etc - wget $CHOST/$VERSION/fail2ban.tar.gz -O fail2ban.tar.gz - tar -xzf fail2ban.tar.gz - rm -f fail2ban.tar.gz - chkconfig fail2ban on + +#----------------------------------------------------------# +# Configure Roundcube # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then + if [ "$apache" = 'yes' ]; then + cp -f $vestacp/roundcube/apache.conf /etc/roundcube/ + ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf + fi + + if [[ ${release:0:2} -ge 18 ]]; then + r=$(grep dbpass= /etc/roundcube/debian-db.php |cut -f 2 -d "'") + sed -i "s/default_host.*/default_host'] = 'localhost';/" \ + /etc/roundcube/config.inc.php + sed -i "s/^);/'password');/" /etc/roundcube/config.inc.php + else + r="$(gen_pass)" + cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/ + cp -f $vestacp/roundcube/db.inc.php /etc/roundcube/ + sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php + fi + + if [ "$release" = '16.04' ]; then + # TBD: should be fixed in config repo + mv /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php + mv /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php + chmod 640 /etc/roundcube/debian-db-roundcube.php + chown root:www-data /etc/roundcube/debian-db-roundcube.php + fi + + cp -f $vestacp/roundcube/vesta.php \ + /usr/share/roundcube/plugins/password/drivers/ + cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/ + + mysql -e "CREATE DATABASE roundcube" + mysql -e "GRANT ALL ON roundcube.* + TO roundcube@localhost IDENTIFIED BY '$r'" + mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql + + chmod 640 /etc/roundcube/debian-db* + chown root:www-data /etc/roundcube/debian-db* + touch /var/log/roundcube/errors + chmod 640 /var/log/roundcube/errors + chown www-data:adm /var/log/roundcube/errors + + php5enmod mcrypt 2>/dev/null + phpenmod mcrypt 2>/dev/null + if [ "$apache" = 'yes' ]; then + service apache2 restart + fi + if [ "$nginx" = 'yes' ]; then + service nginx restart + fi +fi + + +#----------------------------------------------------------# +# Configure Fail2Ban # +#----------------------------------------------------------# + +if [ "$fail2ban" = 'yes' ]; then + cp -rf $vestacp/fail2ban /etc/ + if [ "$dovecot" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$exim" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$vsftpd" = 'yes' ]; then + #Create vsftpd Log File + if [ ! -f "/var/log/vsftpd.log" ]; then + touch /var/log/vsftpd.log + fi + fline=$(cat /etc/fail2ban/jail.local |grep -n vsftpd-iptables -A 2) + fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local + fi + update-rc.d fail2ban defaults service fail2ban start -else - sed -i "s/fail2ban//" $VESTA/conf/vestac.conf + check_result $? "fail2ban start failed" fi -# php configuration -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php5/apache2/php.ini -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php5/cli/php.ini -if [ "$codename" = 'saucy' ] || [ "$codename" = 'trusty' ]; then - ln -s /etc/php5/conf.d/mcrypt.ini /etc/php5/mods-available - php5enmod mcrypt - service apache2 restart -fi -# phpMyAdmin configuration -wget $CHOST/$VERSION/apache2-pma.conf -O /etc/phpmyadmin/apache.conf -wget $CHOST/$VERSION/pma.conf -O /etc/phpmyadmin/config.inc.php -ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf -mv -f /etc/phpmyadmin/config-db.php /etc/phpmyadmin/config-db.php_ -chmod 777 /var/lib/phpmyadmin/tmp +#----------------------------------------------------------# +# Configure Admin User # +#----------------------------------------------------------# -# Roundcube configuration -wget $CHOST/$VERSION/apache2-webmail.conf -O /etc/roundcube/apache.conf -wget $CHOST/$VERSION/roundcube-main.conf -O /etc/roundcube/main.inc.php -wget $CHOST/$VERSION/roundcube-db.conf -O /etc/roundcube/db.inc.php -wget $CHOST/$VERSION/roundcube-driver.php -O \ - /usr/share/roundcube/plugins/password/drivers/vesta.php -wget $CHOST/$VERSION/roundcube-pw.conf -O \ - /etc/roundcube/plugins/password/config.inc.php -r="$(gen_pass)" -mysql -e "DROP DATABASE roundcube" > /dev/null 2>&1 -mysql -e "CREATE DATABASE roundcube" -mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" -sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php -mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql -if [ "$codename" = 'saucy' ] || [ "$codename" = 'trusty' ]; then - wget $CHOST/$VERSION/roundcube-driver-new.php -O \ - /usr/share/roundcube/plugins/password/drivers/vesta.php - ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/ - service apache2 restart -fi -mkdir -p /var/log/roundcube/error -chmod -R 777 /var/log/roundcube - -# Deleting old admin user account if exists +# Deleting old admin user if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then chattr -i /home/admin/conf > /dev/null 2>&1 - userdel -f admin - chattr -i /home/admin/conf - mv -f /home/admin $vst_backups/home/ - rm -f /tmp/sess_* + userdel -f admin >/dev/null 2>&1 + chattr -i /home/admin/conf >/dev/null 2>&1 + mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1 + rm -f /tmp/sess_* >/dev/null 2>&1 fi if [ ! -z "$(grep ^admin: /etc/group)" ]; then groupdel admin > /dev/null 2>&1 fi -# Generating admin password if it wasn't set -if [ -z "$vpass" ]; then - vpass=$(gen_pass) -fi - -# Adding admin account +# Adding Vesta admin account $VESTA/bin/v-add-user admin $vpass $email default System Administrator -if [ $? -ne 0 ]; then - echo "Error: can't create admin user" - exit 1 -fi +check_result $? "can't create admin user" $VESTA/bin/v-change-user-shell admin bash -$VESTA/bin/v-change-user-language admin en +$VESTA/bin/v-change-user-language admin $lang -# Configure mysql host -$VESTA/bin/v-add-database-host mysql localhost root $mpass -$VESTA/bin/v-add-database admin default default $(gen_pass) mysql - -# Configuring system ips +# Configuring system IPs $VESTA/bin/v-update-sys-ip -# Get main ip -main_ip=$(ifconfig |grep 'inet addr:' |grep -v 127.0.0.1 |head -n1 | \ - cut -f2 -d: | cut -f1 -d ' ') +# Get main IP +ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/) -# Get remote ip -vst_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) -if [ ! -z "$vst_ip" ] && [ "$vst_ip" != "$main_ip" ]; then - # Set NAT association - $VESTA/bin/v-change-sys-ip-nat $main_ip $vst_ip -fi -if [ -z "$vst_ip" ]; then - vst_ip=$main_ip +# Configuring firewall +if [ "$iptables" = 'yes' ]; then + $VESTA/bin/v-update-firewall fi -# Add default web domain -$VESTA/bin/v-add-web-domain admin default.domain $vst_ip +# Get public IP +pub_ip=$(curl -s vestacp.com/what-is-my-ip/) +if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then + echo "$VESTA/bin/v-update-sys-ip" >> /etc/rc.local + $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip + ip=$pub_ip +fi -# Add default dns domain -$VESTA/bin/v-add-dns-domain admin default.domain $vst_ip +# Configuring MySQL/MariaDB host +if [ "$mysql" = 'yes' ]; then + $VESTA/bin/v-add-database-host mysql localhost root $mpass + $VESTA/bin/v-add-database admin default default $(gen_pass) mysql +fi -# Add default mail domain -$VESTA/bin/v-add-mail-domain admin default.domain +# Configuring PostgreSQL host +if [ "$postgresql" = 'yes' ]; then + $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass + $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql +fi -# Configuring cron jobs -command='sudo /usr/local/vesta/bin/v-update-sys-queue disk' +# Adding default domain +$VESTA/bin/v-add-domain admin $servername + +# Adding cron jobs +command="sudo $VESTA/bin/v-update-sys-queue disk" $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-queue traffic' +command="sudo $VESTA/bin/v-update-sys-queue traffic" $VESTA/bin/v-add-cron-job 'admin' '10' '00' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-queue webstats' +command="sudo $VESTA/bin/v-update-sys-queue webstats" $VESTA/bin/v-add-cron-job 'admin' '30' '03' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-queue backup' +command="sudo $VESTA/bin/v-update-sys-queue backup" $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-backup-users' +command="sudo $VESTA/bin/v-backup-users" $VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-user-stats' +command="sudo $VESTA/bin/v-update-user-stats" $VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command" -command='sudo /usr/local/vesta/bin/v-update-sys-rrd' +command="sudo $VESTA/bin/v-update-sys-rrd" $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" +service cron restart -# Building inititall rrd images +# Building initital rrd images $VESTA/bin/v-update-sys-rrd -# Enable file system quota +# Enabling file system quota if [ "$quota" = 'yes' ]; then $VESTA/bin/v-add-sys-quota fi -# Start system service -update-rc.d vesta defaults -service vesta stop > /dev/null 2>&1 -service vesta start -if [ "$?" -ne 0 ]; then - echo "Error: vesta start failed" - exit 1 +# Enabling softaculous plugin +if [ "$softaculous" = 'yes' ]; then + $VESTA/bin/v-add-vesta-softaculous fi -# Send notification to vestacp.com -wget vestacp.com/notify/?$codename -O /dev/null +# Starting Vesta service +update-rc.d vesta defaults +service vesta start +check_result $? "vesta start failed" +chown admin:admin $VESTA/data/sessions -# Send notification to admin email +# Adding notifications +$VESTA/upd/add_notifications.sh + +# Adding cronjob for autoupdates +$VESTA/bin/v-add-cron-vesta-autoupdate + +if [ "$port" != "8083" ]; then + echo "=== Set Vesta port: $port" + $VESTA/bin/v-change-vesta-port $port +fi + +echo "NOTIFY_ADMIN_FULL_BACKUP='$email'" >> $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Vesta Access Info # +#----------------------------------------------------------# + +# Comparing hostname and ip + +if [ "$ssl" = 'no' ]; then +host_ip=$(host $servername |head -n 1 |awk '{print $NF}') +if [ "$host_ip" = "$ip" ]; then + ip="$servername" +fi +fi + +if [ "$ssl" = 'yes' ]; then +make_ssl=0 +host_ip=$(host $servername | head -n 1 | awk '{print $NF}') +if [ "$host_ip" != "$pub_ip" ]; then + echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)" + echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname." + echo "Try to setup an A record in your DNS, pointing your hostname $servername to IP address $ip and then press ENTER." + echo "(or register ns1.$servername and ns2.$servername as DNS Nameservers and put those Nameservers on $servername domain)" + echo "If we detect that hostname is still not pointing to your IP, installer will not add LetsEncrypt SSL certificate to your hosting panel (unsigned SSL will be used instead)." + read -p "To force to try anyway to add LetsEncrypt, press f and then ENTER." answer + host_ip=$(host $servername | head -n 1 | awk '{print $NF}') +fi +if [ "$answer" = "f" ]; then + make_ssl=1 +fi +if [ "$host_ip" = "$ip" ]; then + ip="$servername" + make_ssl=1 +fi + +if [ $make_ssl -eq 1 ]; then + # Check if www is also pointing to our IP + www_host="www.$servername" + www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}') + if [ "$www_host_ip" != "$pub_ip" ]; then + if [ "$named" = 'yes' ]; then + echo "=== Deleting www to server hostname" + $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no' + $VESTA/bin/v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no' + fi + www_host="" + fi +fi + +echo "===" +echo "Hostname $servername is pointing to $host_ip" + +if [ $make_ssl -eq 1 ]; then + echo "=== Generating HOSTNAME SSL" + $VESTA/bin/v-add-letsencrypt-domain 'admin' "$servername" "$www_host" 'yes' + $VESTA/bin/v-update-host-certificate 'admin' "$servername" +else + echo "We will not generate SSL because of this" +fi +echo "===" +echo "UPDATE_HOSTNAME_SSL='yes'" >> $VESTA/conf/vesta.conf +fi + +# Sending notification to admin email echo -e "Congratulations, you have just successfully installed \ -the Vesta Control Panel +Vesta Control Panel -You can login in Vesta with following credentials: + https://$ip:$port username: admin password: $vpass - https://$vst_ip:8083 We hope that you enjoy your installation of Vesta. Please \ feel free to contact us anytime if you have any questions. @@ -897,12 +1452,10 @@ vestacp.com team send_mail="$VESTA/web/inc/mail-wrapper.php" cat $tmpfile | $send_mail -s "Vesta Control Panel" $email -rm -f $tmpfile # Congrats echo '=======================================================' echo -echo echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' echo ' _| _| _| _| _| _| _| ' echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' @@ -910,20 +1463,7 @@ echo ' _| _| _| _| _| _| _| ' echo ' _| _|_|_|_| _|_|_| _| _| _| ' echo echo -echo '-------------------------------' -echo " https://$vst_ip:8083" -echo ' username: admin' -echo " password: $vpass" -echo '-------------------------------' -echo -echo -echo 'Congratulations,' -echo 'you have successfully installed Vesta Control Panel.' -echo -echo +cat $tmpfile +rm -f $tmpfile -# Tricky way to get new PATH variable -cd -bash - -#EOF +# EOF diff --git a/install/vst-install.sh b/install/vst-install.sh old mode 100644 new mode 100755 index b3c3f50ad..aa9ecbf62 --- a/install/vst-install.sh +++ b/install/vst-install.sh @@ -5,10 +5,11 @@ # # Currently Supported Operating Systems: # -# RHEL 5, RHEL 6 -# CentOS 5, CentOS 6 -# Debian 7 -# Ubuntu LTS, Ubuntu 13.04, Ubuntu 13.10 +# RHEL 5, 6, 7 +# CentOS 5, 6, 7 +# Debian 7, 8 +# Ubuntu 12.04 - 18.04 +# Amazon Linux 2017 # # Am I root? @@ -21,44 +22,29 @@ fi if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ -z "$1" ]; then echo "Error: user admin exists" echo - echo 'Please remove admin user account before proceeding.' + echo 'Please remove admin user before proceeding.' echo 'If you want to do it automatically run installer with -f option:' echo "Example: bash $0 --force" exit 1 fi -# Check admin user account +# Check admin group if [ ! -z "$(grep ^admin: /etc/group)" ] && [ -z "$1" ]; then echo "Error: group admin exists" echo - echo 'Please remove admin user account before proceeding.' + echo 'Please remove admin group before proceeding.' echo 'If you want to do it automatically run installer with -f option:' echo "Example: bash $0 --force" exit 1 fi -# Check OS type -if [ -e '/etc/redhat-release' ]; then - type="rhel" -fi - -if [ -e '/etc/lsb-release' ] && [ -e '/etc/debian_version' ]; then - type="ubuntu" -fi - -if [ -z "$type" ]; then - os=$(head -n1 /etc/issue | cut -f 1 -d ' ') - if [ "$os" == 'Debian' ]; then - type="debian" - fi -fi - -# Check type -if [ -z "$type" ]; then - echo 'Error: only RHEL,CentOS, Ubuntu LTS and Debian 7 is supported' - exit 1 -fi - +# Detect OS +case $(head -n1 /etc/issue | cut -f 1 -d ' ') in + Debian) type="debian" ;; + Ubuntu) type="ubuntu" ;; + Amazon) type="amazon" ;; + *) type="rhel" ;; +esac # Check wget if [ -e '/usr/bin/wget' ]; then @@ -84,34 +70,4 @@ if [ -e '/usr/bin/curl' ]; then fi fi -# Let's try to install wget automaticaly -if [ "$type" = 'rhel' ]; then - yum -y install wget - if [ $? -ne 0 ]; then - echo "Error: can't install wget" - exit 1 - fi -else - apt-get -y install wget - if [ $? -ne 0 ]; then - echo "Error: can't install wget" - exit 1 - fi -fi - -# OK, last try -if [ -e '/usr/bin/wget' ]; then - wget http://vestacp.com/pub/vst-install-$type.sh -O vst-install-$type.sh - if [ "$?" -eq '0' ]; then - bash vst-install-$type.sh $* - exit - else - echo "Error: vst-install-$type.sh download failed." - exit 1 - fi -else - echo "Error: /usr/bin/wget not found" - exit 1 -fi - exit diff --git a/src/bash_coding_style.txt b/src/bash_coding_style.txt index 4cf1e6221..e8fed9dc4 100644 --- a/src/bash_coding_style.txt +++ b/src/bash_coding_style.txt @@ -5,7 +5,7 @@ Contents: 1. Introduction 2. Naming Convention - 3. Coments + 3. Comments 4. Coding Styles 5. Basic formating 6. If, For, and While @@ -41,7 +41,7 @@ Contents: } # -3. Coments +3. Comments The total length of a line (including comment) must not exceed more than 80 characters. Every file must be documented with an introductory comment that provides shorthand information on the file name and its contents. diff --git a/src/deb/ioncube/changelog b/src/deb/ioncube/changelog new file mode 100644 index 000000000..fbd1444f7 --- /dev/null +++ b/src/deb/ioncube/changelog @@ -0,0 +1,6 @@ +vesta (0.9.8-18) unstable; urgency=low + + * Initial release (Closes: #nnnn) + + -- Serghey Rodin Fri, 16 Jun 2017 12:12:49 +0000 + diff --git a/src/deb/ioncube/conffiles b/src/deb/ioncube/conffiles new file mode 100644 index 000000000..e69de29bb diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control new file mode 100644 index 000000000..e4ca9a96f --- /dev/null +++ b/src/deb/ioncube/control @@ -0,0 +1,10 @@ +Source: vesta-ioncube +Package: vesta-ioncube +Priority: optional +Version: 1.0.0-1 +Section: admin +Maintainer: Serghey Rodin +Homepage: https://www.ioncube.com +Architecture: amd64 +Depends: bash, awk, sed, vesta-php +Description: ionCube Loader for Vesta diff --git a/src/deb/ioncube/copyright b/src/deb/ioncube/copyright new file mode 100644 index 000000000..bd92bd819 --- /dev/null +++ b/src/deb/ioncube/copyright @@ -0,0 +1,243 @@ +LICENCE AGREEMENT FOR THE IONCUBE PHP LOADER, PROVIDED TO ENABLE THE USE +OF IONCUBE ENCODED FILES AND AS PART OF THE IONCUBE24 SERVICE (ioncube24.com) + +YOU SHOULD CAREFULLY READ THE FOLLOWING TERMS AND CONDITIONS BEFORE USING THE +LOADER SOFTWARE. THE INSTALLATION AND/OR USE OR COPYING OF THE IONCUBE PHP +LOADER SOFTWARE INDICATES YOUR ACCEPTANCE OF THIS LICENCE AGREEMENT. IF YOU +DO NOT ACCEPT THE TERMS OF THIS LICENCE AGREEMENT, DO NOT INSTALL, COPY +AND/OR USE THE LOADER SOFTWARE. + +DEFINITIONS + +The following definitions shall apply in this document: + +LOADER shall mean the ionCube PHP Loader software package or collection +of Loaders, including any modifications or upgrades to the software, used for +executing PHP scripts previously encoded with the ionCube PHP Encoder +software to render them non-humanly readable, and any associated +documentation or electronic or online materials relating to the software. + +ENCODER shall mean any ionCube PHP Encoder software or service used for the +purpose of producing non-humanly readable encoded files from PHP scripts. + +ENCODED FILE shall mean a non-humanly readable file produced by the +Encoder and being derived from humanly readable PHP script source. + +PROVIDER shall mean ionCube Ltd. + +USER/YOU shall mean any entity who has downloaded or obtained through any +other means a version of the Loader software. + + +1 LICENSE ENTITLEMENT + +1.1 The Loader is provided without charge. Title to the Loader does not pass +to the user in any circumstances. The Loader is supplied as object code. + +1.2 The provider grants a personal, non-transferable, non-exclusive licence to +use the Loader in accordance with the terms and conditions of this Licence +Agreement. + +1.3 The installation or downloading and use of the Loader entitles the user +to install and use the Loader for its own internal lawful purposes. + + +2 DISTRIBUTION + +2.1 The Loader may be freely distributed to third parties alone or as +part of a distribution containing other items provided that this license +is also included. + +2.2 The Loader may under no circumstances be branded as another product, +whether distributed or not. + +2.3 Distribution as part of a commercial product is permitted provided such +distribution is in accordance with clauses 2.1 and 2.2 with respect to the +Loader. + + +3 ANALYSIS / REVERSE ENGINEERING / MODIFICATION + +Except insofar as the user is permitted to do so in accordance with applicable +law: + +3.1 Any analysis of the Loader and embedded data by any means and by +any entity whether human or otherwise and including but without limitation to +discover details of internal operation, to reverse engineer, to de-compile +object code, or to modify for the purposes of modifying behaviour is +forbidden. + +3.2 Any analysis of encoded files by any means and by any entity whether human +or otherwise and including but without limitation to discover details of file +format or for the purposes of modifying behaviour or scope of their usage is +forbidden. + + +4 WARRANTY + +THE LOADER SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED +WARRANTIES INCLUDING BUT WITHOUT LIMITATION THE IMPLIED WARRANTIES +OF MERCHANTABILITY AND FITNESS FOR ANY PARTICULAR PURPOSE ARE +DISCLAIMED. THE PROVIDER DOES NOT WARRANT THAT THE LOADER IS UNINTERRUPTED +OR ERROR FREE, NOR THAT THE OPERATION OF THE LOADER WILL FUNCTION IN +CONJUNCTION WITH ANY OTHER PRODUCT. + + +5 LIMITATION OF LIABILITY + +5.1 IN NO EVENT WILL THE PROVIDER OF THE LOADER BE LIABLE TO THE USER OR ANY +PARTY FOR ANY DIRECT, INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL OR OTHER +CONSEQUENTIAL DAMAGES ARISING DIRECTLY OR INDIRECTLY FROM THIS LICENCE +AGREEMENT OR ANY USE OF THE LOADER OR ENCODED FILES, EVEN IF THE PROVIDER IS +EXPRESSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + +5.2 THE LOADER IS PROVIDED ON AN "AS IS" BASIS. THE PROVIDER EXCLUDES ALL +WARRANTIES, CONDITIONS, TERMS, UNDERTAKINGS AND REPRESENTATIONS (EXCLUDING +FRAUDULENT MISREPRESENTATION) OF ANY KIND, EXPRESS OR IMPLIED, STATUTORY OR +OTHERWISE IN CONNECTION WITH THE LOADER TO THE FULLEST EXTENT PERMITTED BY +LAW. + +5.3 DOWNLOADING THE LOADER IS AT YOUR OWN RISK AND THE PROVIDER DOES NOT +ACCEPT LIABILITY FOR ANY DIRECT OR INDIRECT LOSS OR DAMAGE HOWSOEVER CAUSED AS +A RESULT OF ANY COMPUTER VIRUSES, BUGS, TROJAN HORSES, WORMS, SOFTWARE BOMBS +OR OTHER SIMILAR PROGRAMS ARISING FROM YOUR USE OF THE LOADER. WHILST THE +PROVIDER WILL DO ITS BEST TO ENSURE THAT THE LOADER IS FREE FROM SUCH +DESTRUCTIVE PROGRAMS, IT IS YOUR RESPONSIBILITY TO TAKE REASONABLE PRECAUTIONS +TO SCAN FOR SUCH DESTRUCTIVE PROGRAMS DOWNLOADED FROM THE INTERNET. + +5.4 THE PROVIDER'S MAXIMUM LIABILITY FOR ANY LOSS OR DAMAGE ARISING FROM THIS +LICENCE AGREEMENT SHALL IN ANY EVENT BE LIMITED IN THE SOLE DISCRETION OF THE +PROVIDER TO THE REPLACEMENT OF THE LOADER PRODUCT. + +5.5 DUE TO THE NATURE OF THE INTERNET, THE PROVIDER CANNOT GUARANTEE THAT ANY +E-MAILS OR OTHER ELECTRONIC TRANSMISSIONS WILL BE SENT TO YOU OR RECEIVED BY +THE PROVIDER OR THAT THE CONTENT OF SUCH TRANSMISSIONS WILL BE SECURE DURING +TRANSMISSION. + + +6 BUG FIXING AND PRODUCT SUPPORT + +6.1 The provider will use reasonable endeavours to provide support to users. +The provider will at their discretion only provide support for the latest +release. + +6.2 Support comprises of fault reporting via tickets and fault diagnosis, +recommendations on workarounds, and where reasonably possible a timely +resolution. + +6.3 The user accepts that on occasion the ability of the provider to meet +anticipated or published support schedules may be impaired due to, but without +limitation, Internet service provider failures or software failures that +affect the ability to communicate for an indeterminate period. + +6.4 The provider reserves the right to refuse to provide support at any time. + +6.5 The provider wishes to maintain and offer a product of the highest +possible quality, and accordingly may from time to time and at its discretion +make product changes for the purpose of correcting behaviour in variance to +the published specification or the user's reasonable expectations. + +6.6 The provider reserves the right to charge for support where the user does +not have a valid support plan in place, or where the support offered exceeds +the scope of the active support plan. + + +7 PRODUCT UPGRADES + +7.1 The provider may from time to time release product upgrades. These will +be provided free of charge and attempts made to provide a timely notification +to customers of the existence of any new release. + + +8 ERRORS AND OMISSIONS + +Whilst reasonable endeavours are made to ensure the accuracy of documentation +concerning the details of the Loader, the user accepts the possibility of +inaccuracies in information presented in any format, including email +communications and online services. The provider shall under no circumstances +be liable for any events that arise as a result of unintentional inaccuracies +or omissions. + + +9 USER INDEMNITY + +You agree to fully indemnify, defend and hold the provider harmless +immediately upon demand from and against all actions, liability, claims, +losses, damages, costs and expenses (including legal/attorney fees) incurred +by the provider arising directly or indirectly as a result of your breach of +this Licence Agreement. + + +10 INTELLECTUAL PROPERTY RIGHTS + +10.1 The user acknowledges that the Loader and associated documentation and +materials contain proprietary information of the provider and are and shall +remain the exclusive property of the provider and/or its licensors and all +title, copyright, trade marks, trade names, patents and other intellectual +property rights therein of whatever nature shall remain the sole property of +the provider and/or its licensors. + +10.2 No title to or rights of ownership, copyright or other intellectual +property in the Loader is transferred to the user (other than the licence +rights expressly granted in this Licence Agreement). + + +11 TERMINATION + +11.1 The provider reserves the right to terminate this Licence Agreement +immediately by notice in writing against the user if the user is in breach of +any terms and conditions of this Licence Agreement. + +11.2 Termination of this Licence Agreement for any reason shall be without +prejudice to any other rights or remedies of the provider which may have +arisen on or before the date of termination under this Licence Agreement or in +law. + +11.3 The provisions of the following clauses shall survive any termination of +this agreement; clause 3, 5, 10 and 13. + + +12 GENERAL + +12.1 The provider reserves the right to transfer or assign all or any of its +rights and duties and responsibilities set out in this Licence Agreement to +another party. + +12.2 Headings have been included for convenience only and will not be used in +construing any provision of this Licence Agreement. + +12.3 No delay or failure by the provider to exercise any powers, rights or +remedies under this Licence Agreement will operate as a waiver of them nor +will any single or partial exercise of any such powers, rights or remedies +include any other or further exercise of them. + +12.4 If any part of this Licence Agreement is found by a court of competent +jurisdiction or other competent authority to be invalid, unlawful or +unenforceable then such part shall be severed from the remainder of this +Licence Agreement which will continue to be valid and enforceable to the +fullest extent permitted by applicable law. + +12.5 This Licence Agreement including the documents or other sources referred +to herein supersede all prior representations, understandings and agreements +between the user and the provider relating to the Loader and sets forth the +entire agreement and understanding between the user and the provider relating +to the Loader. + +12.6 Nothing in this Licence Agreement shall be deemed to constitute a +partnership between you and the provider nor constitute either party being an +agent of the other party. + +12.7 This Agreement does not create any rights or benefits enforceable by any +person not a party to it (within the meaning of the U.K.Contracts (Rights of +Third Parties) Act 1999) except that a person who under clause 12.1 is a +permitted successor or assignee of the rights or benefits of the provider may +enforce such rights or benefits. + + +13 GOVERNING LAW AND JURISDICTION + +This License Agreement and any issues relating thereto shall be construed and +interpreted in accordance with the laws of England and subject to the +exclusive jurisdiction of the English courts. + +Copyright (c) 2002-2017 ionCube Ltd. Last revised 23-April-2015 diff --git a/src/deb/ioncube/postinst b/src/deb/ioncube/postinst new file mode 100755 index 000000000..c9b3b1d2a --- /dev/null +++ b/src/deb/ioncube/postinst @@ -0,0 +1,8 @@ +#!/bin/bash + +# Run triggers only on updates +if [ -e /usr/local/vesta/ioncube/ioncube.sh ]; then + /usr/local/vesta/ioncube/ioncube.sh add +fi + +exit 0 diff --git a/src/deb/ioncube/prerm b/src/deb/ioncube/prerm new file mode 100755 index 000000000..9bf2bea60 --- /dev/null +++ b/src/deb/ioncube/prerm @@ -0,0 +1,8 @@ +#!/bin/bash + +# Run triggers only on updates +if [ -e /usr/local/vesta/ioncube/ioncube.sh ]; then + /usr/local/vesta/ioncube/ioncube.sh delete +fi + +exit 0 diff --git a/src/deb/nginx/control b/src/deb/nginx/control index c9aa82857..275cfad2a 100644 --- a/src/deb/nginx/control +++ b/src/deb/nginx/control @@ -1,7 +1,7 @@ Source: vesta-nginx Package: vesta-nginx Priority: optional -Version: 0.9.7-3 +Version: 1.0.0-1 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/php/control b/src/deb/php/control index 31260d5ff..b85cf4ffc 100644 --- a/src/deb/php/control +++ b/src/deb/php/control @@ -1,7 +1,7 @@ Source: vesta-php Package: vesta-php Priority: optional -Version: 0.9.7-3 +Version: 1.0.0-1 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/php/postinst b/src/deb/php/postinst new file mode 100755 index 000000000..c9b3b1d2a --- /dev/null +++ b/src/deb/php/postinst @@ -0,0 +1,8 @@ +#!/bin/bash + +# Run triggers only on updates +if [ -e /usr/local/vesta/ioncube/ioncube.sh ]; then + /usr/local/vesta/ioncube/ioncube.sh add +fi + +exit 0 diff --git a/src/deb/softaculous/changelog b/src/deb/softaculous/changelog new file mode 100644 index 000000000..fbd1444f7 --- /dev/null +++ b/src/deb/softaculous/changelog @@ -0,0 +1,6 @@ +vesta (0.9.8-18) unstable; urgency=low + + * Initial release (Closes: #nnnn) + + -- Serghey Rodin Fri, 16 Jun 2017 12:12:49 +0000 + diff --git a/src/deb/softaculous/conffiles b/src/deb/softaculous/conffiles new file mode 100644 index 000000000..e69de29bb diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control new file mode 100644 index 000000000..65649146d --- /dev/null +++ b/src/deb/softaculous/control @@ -0,0 +1,10 @@ +Source: vesta-softaculous +Package: vesta-softaculous +Priority: optional +Version: 1.0.0-1 +Section: admin +Maintainer: Serghey Rodin +Homepage: https://www.softaculous.com +Architecture: amd64 +Depends: bash, awk, sed, vesta-ioncube +Description: softaculous plugin for Vesta diff --git a/src/deb/softaculous/copyright b/src/deb/softaculous/copyright new file mode 100644 index 000000000..098722c11 --- /dev/null +++ b/src/deb/softaculous/copyright @@ -0,0 +1,20 @@ +The below lists the License Agreement to which users of Softaculous must agree to before using the Softaculous Package : + + This license applies to FREE / PREMIUM / PAID Softaculous Packages. + Users may use this software, on both personal and commercial web sites. + You may NOT modify our Softaculous Code in any way, however you may modify THEMES, LANGUAGES and the SCRIPTS INSTALLED by SOFTACULOUS based on your needs. + PREMIUM / PAID License includes free support and regular updates and expires after one year. + Users may NOT, however, redistribute or repost/ resell for download any part of this software (SOFTACULOUS PACKAGE) without expressed written consent from the Softaculous Team. Redistribution is defined as re-offering our scripts for download in any fashion, whether on a competing web site, an application that generates code snippets, or a CD-ROM collection of PHP codes etc. HOWEVER, you can redistribute only the Scripts/Codes that are permitted by their respective licenses for redistribution. + Users agree not to remove/ edit the credit notice within the source code, or claim the code to be work of their own. + Users agree not to use this software for illegal purposes, or on sites containing illegal material. + Users agree not to hold http://www.softaculous.com/ (Softaculous) or any other copyright holder or developer of this software, liable for any damages resulted from proper or improper use of any of this software. Use at your own risk. + USERS MUST NOT REMOVE OR HIDE OR MODIFY the copyright notice at the bottom of every page created. + An annual license includes support and updating for a period of one year. To receive support and updates after one year requires a renewal of the license. + A lifetime license (also called an "owned" or "one-time" license) includes support and updating for the life of the product. + VPS licenses may only be used on Virtual Private Server servers. + You understand that breach of this License will result in immediate cancellation of your license(s), and no refunds will be given. + The pricing structure may be changed at any time. Price changes do not affect existing licenses. The new rates will be applicable to the existing licenses when the license is renewed. + + + +NO WARRANTY : THERE IS NO WARRANTY FOR THE SOFTWARE. THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHORS/COPYRIGHT HOLDERS BE LIABLE TO ANY PARTY FOR ANY KIND OF DAMAGE IN ANY FORM ARISING IN ANY WAY OUT OF THE USE OR MISUSE OF THIS SOFTWARE. diff --git a/src/deb/vesta/conffiles b/src/deb/vesta/conffiles index af70e57cd..a4af675a6 100644 --- a/src/deb/vesta/conffiles +++ b/src/deb/vesta/conffiles @@ -1,6 +1,9 @@ -/usr/local/vesta/web/images/logo.png +/usr/local/vesta/web/images/sprite.png /usr/local/vesta/web/images/favicon.ico -/usr/local/vesta/web/css/csshover3.htc -/usr/local/vesta/web/css/ie.css +/usr/local/vesta/web/css/file_manager.css +/usr/local/vesta/web/css/file_manager_editor.css +/usr/local/vesta/web/css/jquery.arcticmodal.css /usr/local/vesta/web/css/jquery-custom-dialogs.css -/usr/local/vesta/web/css/main.css +/usr/local/vesta/web/css/jquery.fileupload.css +/usr/local/vesta/web/css/styles.min.css +/usr/local/vesta/web/css/uploadify.css diff --git a/src/deb/vesta/control b/src/deb/vesta/control index 32189033f..b0aa767bb 100644 --- a/src/deb/vesta/control +++ b/src/deb/vesta/control @@ -1,7 +1,7 @@ Source: vesta Package: vesta Priority: optional -Version: 0.9.8-12 +Version: 1.0.0-7 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst index 5e102c55d..73f28d834 100755 --- a/src/deb/vesta/postinst +++ b/src/deb/vesta/postinst @@ -1,23 +1,8 @@ #!/bin/bash -# Run fwd_only trigger -if [ -x "/usr/local/vesta/upd/add_fwd_only.sh" ]; then - /usr/local/vesta/upd/add_fwd_only.sh -fi - -# Run exim permission fixer -if [ -x "/usr/local/vesta/upd/fix_exim_permissions.sh" ]; then - /usr/local/vesta/upd/fix_exim_permissions.sh -fi - -# Run vesta permission fixer -if [ -x "/usr/local/vesta/upd/fix_vesta_ssl_permissions.sh" ]; then - /usr/local/vesta/upd/fix_vesta_ssl_permissions.sh -fi - -# Run MySQL autostart fixed -if [ -x "/usr/local/vesta/upd/fix_mysql_startup.sh" ]; then - /usr/local/vesta/upd/fix_mysql_startup.sh +# Run triggers only on updates +if [ ! -e "/usr/local/vesta/data/users/admin" ]; then + exit fi # Run SUDO trigger @@ -25,9 +10,30 @@ if [ -x "/usr/local/vesta/upd/add_sudo.sh" ]; then /usr/local/vesta/upd/add_sudo.sh fi -# Run Firewall trigger -if [ -x "/usr/local/vesta/upd/add_firewall.sh" ]; then - /usr/local/vesta/upd/add_firewall.sh +# Run Notification trigger +if [ -x "/usr/local/vesta/upd/add_notifications.sh" ]; then + /usr/local/vesta/upd/add_notifications.sh +fi + +# Run session save path trigger +if [ -x "/usr/local/vesta/upd/fix_sessions.sh" ]; then + /usr/local/vesta/upd/fix_sessions.sh +fi + +if [ -x /usr/local/vesta/upd/fix_nginx_auth.sh ]; then + /usr/local/vesta/upd/fix_nginx_auth.sh +fi + +if [ -x /usr/local/vesta/upd/fix_roundcube.sh ]; then + /usr/local/vesta/upd/fix_roundcube.sh +fi + +if [ -x /usr/local/vesta/upd/limit_sudo.sh ]; then + /usr/local/vesta/upd/limit_sudo.sh +fi + +if [ -x /usr/local/vesta/upd/fix_dhcprenew.sh ]; then + /usr/local/vesta/upd/fix_dhcprenew.sh fi diff --git a/src/react/README.md b/src/react/README.md new file mode 100755 index 000000000..9d9614c4f --- /dev/null +++ b/src/react/README.md @@ -0,0 +1,68 @@ +This project was bootstrapped with [Create React App](https://github.com/facebook/create-react-app). + +## Available Scripts + +In the project directory, you can run: + +### `npm start` + +Runs the app in the development mode.
+Open [http://localhost:3000](http://localhost:3000) to view it in the browser. + +The page will reload if you make edits.
+You will also see any lint errors in the console. + +### `npm test` + +Launches the test runner in the interactive watch mode.
+See the section about [running tests](https://facebook.github.io/create-react-app/docs/running-tests) for more information. + +### `npm run build` + +Builds the app for production to the `build` folder.
+It correctly bundles React in production mode and optimizes the build for the best performance. + +The build is minified and the filenames include the hashes.
+Your app is ready to be deployed! + +See the section about [deployment](https://facebook.github.io/create-react-app/docs/deployment) for more information. + +### `npm run eject` + +**Note: this is a one-way operation. Once you `eject`, you can’t go back!** + +If you aren’t satisfied with the build tool and configuration choices, you can `eject` at any time. This command will remove the single build dependency from your project. + +Instead, it will copy all the configuration files and the transitive dependencies (Webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except `eject` will still work, but they will point to the copied scripts so you can tweak them. At this point you’re on your own. + +You don’t have to ever use `eject`. The curated feature set is suitable for small and middle deployments, and you shouldn’t feel obligated to use this feature. However we understand that this tool wouldn’t be useful if you couldn’t customize it when you are ready for it. + +## Learn More + +You can learn more in the [Create React App documentation](https://facebook.github.io/create-react-app/docs/getting-started). + +To learn React, check out the [React documentation](https://reactjs.org/). + +### Code Splitting + +This section has moved here: https://facebook.github.io/create-react-app/docs/code-splitting + +### Analyzing the Bundle Size + +This section has moved here: https://facebook.github.io/create-react-app/docs/analyzing-the-bundle-size + +### Making a Progressive Web App + +This section has moved here: https://facebook.github.io/create-react-app/docs/making-a-progressive-web-app + +### Advanced Configuration + +This section has moved here: https://facebook.github.io/create-react-app/docs/advanced-configuration + +### Deployment + +This section has moved here: https://facebook.github.io/create-react-app/docs/deployment + +### `npm run build` fails to minify + +This section has moved here: https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify diff --git a/src/react/jsconfig.json b/src/react/jsconfig.json new file mode 100644 index 000000000..97f4bc227 --- /dev/null +++ b/src/react/jsconfig.json @@ -0,0 +1,7 @@ +{ + "compilerOptions": { + "baseUrl": "." + }, + "include": ["src"], + "exclude": ["node_modules", "build"] +} diff --git a/src/react/package-lock.json b/src/react/package-lock.json new file mode 100644 index 000000000..2c695e13d --- /dev/null +++ b/src/react/package-lock.json @@ -0,0 +1,14983 @@ +{ + "name": "react-control-panel", + "version": "1.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@babel/code-frame": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.10.4.tgz", + "integrity": "sha512-vG6SvB6oYEhvgisZNFRmRCUkLz11c7rp+tbNTynGqc6mS1d5ATd/sGyV6W0KZZnXRKMTzZDRgQT3Ou9jhpAfUg==", + "requires": { + "@babel/highlight": "^7.10.4" + } + }, + "@babel/compat-data": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.11.0.tgz", + "integrity": "sha512-TPSvJfv73ng0pfnEOh17bYMPQbI95+nGWc71Ss4vZdRBHTDqmM9Z8ZV4rYz8Ks7sfzc95n30k6ODIq5UGnXcYQ==", + "requires": { + "browserslist": "^4.12.0", + "invariant": "^2.2.4", + "semver": "^5.5.0" + } + }, + "@babel/core": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.9.0.tgz", + "integrity": "sha512-kWc7L0fw1xwvI0zi8OKVBuxRVefwGOrKSQMvrQ3dW+bIIavBY3/NpXmpjMy7bQnLgwgzWQZ8TlM57YHpHNHz4w==", + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/generator": "^7.9.0", + "@babel/helper-module-transforms": "^7.9.0", + "@babel/helpers": "^7.9.0", + "@babel/parser": "^7.9.0", + "@babel/template": "^7.8.6", + "@babel/traverse": "^7.9.0", + "@babel/types": "^7.9.0", + "convert-source-map": "^1.7.0", + "debug": "^4.1.0", + "gensync": "^1.0.0-beta.1", + "json5": "^2.1.2", + "lodash": "^4.17.13", + "resolve": "^1.3.2", + "semver": "^5.4.1", + "source-map": "^0.5.0" + }, + "dependencies": { + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "requires": { + "ms": "^2.1.1" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=" + } + } + }, + "@babel/generator": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.11.0.tgz", + "integrity": "sha512-fEm3Uzw7Mc9Xi//qU20cBKatTfs2aOtKqmvy/Vm7RkJEGFQ4xc9myCfbXxqK//ZS8MR/ciOHw6meGASJuKmDfQ==", + "requires": { + "@babel/types": "^7.11.0", + "jsesc": "^2.5.1", + "source-map": "^0.5.0" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=" + } + } + }, + "@babel/helper-annotate-as-pure": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-annotate-as-pure/-/helper-annotate-as-pure-7.10.4.tgz", + "integrity": "sha512-XQlqKQP4vXFB7BN8fEEerrmYvHp3fK/rBkRFz9jaJbzK0B1DSfej9Kc7ZzE8Z/OnId1jpJdNAZ3BFQjWG68rcA==", + "requires": { + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-builder-binary-assignment-operator-visitor": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-builder-binary-assignment-operator-visitor/-/helper-builder-binary-assignment-operator-visitor-7.10.4.tgz", + "integrity": "sha512-L0zGlFrGWZK4PbT8AszSfLTM5sDU1+Az/En9VrdT8/LmEiJt4zXt+Jve9DCAnQcbqDhCI+29y/L93mrDzddCcg==", + "requires": { + "@babel/helper-explode-assignable-expression": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-builder-react-jsx": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-builder-react-jsx/-/helper-builder-react-jsx-7.10.4.tgz", + "integrity": "sha512-5nPcIZ7+KKDxT1427oBivl9V9YTal7qk0diccnh7RrcgrT/pGFOjgGw1dgryyx1GvHEpXVfoDF6Ak3rTiWh8Rg==", + "requires": { + "@babel/helper-annotate-as-pure": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-builder-react-jsx-experimental": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/helper-builder-react-jsx-experimental/-/helper-builder-react-jsx-experimental-7.10.5.tgz", + "integrity": "sha512-Buewnx6M4ttG+NLkKyt7baQn7ScC/Td+e99G914fRU8fGIUivDDgVIQeDHFa5e4CRSJQt58WpNHhsAZgtzVhsg==", + "requires": { + "@babel/helper-annotate-as-pure": "^7.10.4", + "@babel/helper-module-imports": "^7.10.4", + "@babel/types": "^7.10.5" + } + }, + "@babel/helper-compilation-targets": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.10.4.tgz", + "integrity": "sha512-a3rYhlsGV0UHNDvrtOXBg8/OpfV0OKTkxKPzIplS1zpx7CygDcWWxckxZeDd3gzPzC4kUT0A4nVFDK0wGMh4MQ==", + "requires": { + "@babel/compat-data": "^7.10.4", + "browserslist": "^4.12.0", + "invariant": "^2.2.4", + "levenary": "^1.1.1", + "semver": "^5.5.0" + } + }, + "@babel/helper-create-class-features-plugin": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.10.5.tgz", + "integrity": "sha512-0nkdeijB7VlZoLT3r/mY3bUkw3T8WG/hNw+FATs/6+pG2039IJWjTYL0VTISqsNHMUTEnwbVnc89WIJX9Qed0A==", + "requires": { + "@babel/helper-function-name": "^7.10.4", + "@babel/helper-member-expression-to-functions": "^7.10.5", + "@babel/helper-optimise-call-expression": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/helper-replace-supers": "^7.10.4", + "@babel/helper-split-export-declaration": "^7.10.4" + } + }, + "@babel/helper-create-regexp-features-plugin": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.10.4.tgz", + "integrity": "sha512-2/hu58IEPKeoLF45DBwx3XFqsbCXmkdAay4spVr2x0jYgRxrSNp+ePwvSsy9g6YSaNDcKIQVPXk1Ov8S2edk2g==", + "requires": { + "@babel/helper-annotate-as-pure": "^7.10.4", + "@babel/helper-regex": "^7.10.4", + "regexpu-core": "^4.7.0" + } + }, + "@babel/helper-define-map": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/helper-define-map/-/helper-define-map-7.10.5.tgz", + "integrity": "sha512-fMw4kgFB720aQFXSVaXr79pjjcW5puTCM16+rECJ/plGS+zByelE8l9nCpV1GibxTnFVmUuYG9U8wYfQHdzOEQ==", + "requires": { + "@babel/helper-function-name": "^7.10.4", + "@babel/types": "^7.10.5", + "lodash": "^4.17.19" + } + }, + "@babel/helper-explode-assignable-expression": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-explode-assignable-expression/-/helper-explode-assignable-expression-7.10.4.tgz", + "integrity": "sha512-4K71RyRQNPRrR85sr5QY4X3VwG4wtVoXZB9+L3r1Gp38DhELyHCtovqydRi7c1Ovb17eRGiQ/FD5s8JdU0Uy5A==", + "requires": { + "@babel/traverse": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-function-name": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.10.4.tgz", + "integrity": "sha512-YdaSyz1n8gY44EmN7x44zBn9zQ1Ry2Y+3GTA+3vH6Mizke1Vw0aWDM66FOYEPw8//qKkmqOckrGgTYa+6sceqQ==", + "requires": { + "@babel/helper-get-function-arity": "^7.10.4", + "@babel/template": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-get-function-arity": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.10.4.tgz", + "integrity": "sha512-EkN3YDB+SRDgiIUnNgcmiD361ti+AVbL3f3Henf6dqqUyr5dMsorno0lJWJuLhDhkI5sYEpgj6y9kB8AOU1I2A==", + "requires": { + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-hoist-variables": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.10.4.tgz", + "integrity": "sha512-wljroF5PgCk2juF69kanHVs6vrLwIPNp6DLD+Lrl3hoQ3PpPPikaDRNFA+0t81NOoMt2DL6WW/mdU8k4k6ZzuA==", + "requires": { + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-member-expression-to-functions": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.11.0.tgz", + "integrity": "sha512-JbFlKHFntRV5qKw3YC0CvQnDZ4XMwgzzBbld7Ly4Mj4cbFy3KywcR8NtNctRToMWJOVvLINJv525Gd6wwVEx/Q==", + "requires": { + "@babel/types": "^7.11.0" + } + }, + "@babel/helper-module-imports": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.10.4.tgz", + "integrity": "sha512-nEQJHqYavI217oD9+s5MUBzk6x1IlvoS9WTPfgG43CbMEeStE0v+r+TucWdx8KFGowPGvyOkDT9+7DHedIDnVw==", + "requires": { + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-module-transforms": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.11.0.tgz", + "integrity": "sha512-02EVu8COMuTRO1TAzdMtpBPbe6aQ1w/8fePD2YgQmxZU4gpNWaL9gK3Jp7dxlkUlUCJOTaSeA+Hrm1BRQwqIhg==", + "requires": { + "@babel/helper-module-imports": "^7.10.4", + "@babel/helper-replace-supers": "^7.10.4", + "@babel/helper-simple-access": "^7.10.4", + "@babel/helper-split-export-declaration": "^7.11.0", + "@babel/template": "^7.10.4", + "@babel/types": "^7.11.0", + "lodash": "^4.17.19" + } + }, + "@babel/helper-optimise-call-expression": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.10.4.tgz", + "integrity": "sha512-n3UGKY4VXwXThEiKrgRAoVPBMqeoPgHVqiHZOanAJCG9nQUL2pLRQirUzl0ioKclHGpGqRgIOkgcIJaIWLpygg==", + "requires": { + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-plugin-utils": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.10.4.tgz", + "integrity": "sha512-O4KCvQA6lLiMU9l2eawBPMf1xPP8xPfB3iEQw150hOVTqj/rfXz0ThTb4HEzqQfs2Bmo5Ay8BzxfzVtBrr9dVg==" + }, + "@babel/helper-regex": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/helper-regex/-/helper-regex-7.10.5.tgz", + "integrity": "sha512-68kdUAzDrljqBrio7DYAEgCoJHxppJOERHOgOrDN7WjOzP0ZQ1LsSDRXcemzVZaLvjaJsJEESb6qt+znNuENDg==", + "requires": { + "lodash": "^4.17.19" + } + }, + "@babel/helper-remap-async-to-generator": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-remap-async-to-generator/-/helper-remap-async-to-generator-7.10.4.tgz", + "integrity": "sha512-86Lsr6NNw3qTNl+TBcF1oRZMaVzJtbWTyTko+CQL/tvNvcGYEFKbLXDPxtW0HKk3McNOk4KzY55itGWCAGK5tg==", + "requires": { + "@babel/helper-annotate-as-pure": "^7.10.4", + "@babel/helper-wrap-function": "^7.10.4", + "@babel/template": "^7.10.4", + "@babel/traverse": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-replace-supers": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.10.4.tgz", + "integrity": "sha512-sPxZfFXocEymYTdVK1UNmFPBN+Hv5mJkLPsYWwGBxZAxaWfFu+xqp7b6qWD0yjNuNL2VKc6L5M18tOXUP7NU0A==", + "requires": { + "@babel/helper-member-expression-to-functions": "^7.10.4", + "@babel/helper-optimise-call-expression": "^7.10.4", + "@babel/traverse": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-simple-access": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.10.4.tgz", + "integrity": "sha512-0fMy72ej/VEvF8ULmX6yb5MtHG4uH4Dbd6I/aHDb/JVg0bbivwt9Wg+h3uMvX+QSFtwr5MeItvazbrc4jtRAXw==", + "requires": { + "@babel/template": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/helper-skip-transparent-expression-wrappers": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/helper-skip-transparent-expression-wrappers/-/helper-skip-transparent-expression-wrappers-7.11.0.tgz", + "integrity": "sha512-0XIdiQln4Elglgjbwo9wuJpL/K7AGCY26kmEt0+pRP0TAj4jjyNq1MjoRvikrTVqKcx4Gysxt4cXvVFXP/JO2Q==", + "requires": { + "@babel/types": "^7.11.0" + } + }, + "@babel/helper-split-export-declaration": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.11.0.tgz", + "integrity": "sha512-74Vejvp6mHkGE+m+k5vHY93FX2cAtrw1zXrZXRlG4l410Nm9PxfEiVTn1PjDPV5SnmieiueY4AFg2xqhNFuuZg==", + "requires": { + "@babel/types": "^7.11.0" + } + }, + "@babel/helper-validator-identifier": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.10.4.tgz", + "integrity": "sha512-3U9y+43hz7ZM+rzG24Qe2mufW5KhvFg/NhnNph+i9mgCtdTCtMJuI1TMkrIUiK7Ix4PYlRF9I5dhqaLYA/ADXw==" + }, + "@babel/helper-wrap-function": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helper-wrap-function/-/helper-wrap-function-7.10.4.tgz", + "integrity": "sha512-6py45WvEF0MhiLrdxtRjKjufwLL1/ob2qDJgg5JgNdojBAZSAKnAjkyOCNug6n+OBl4VW76XjvgSFTdaMcW0Ug==", + "requires": { + "@babel/helper-function-name": "^7.10.4", + "@babel/template": "^7.10.4", + "@babel/traverse": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/helpers": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.10.4.tgz", + "integrity": "sha512-L2gX/XeUONeEbI78dXSrJzGdz4GQ+ZTA/aazfUsFaWjSe95kiCuOZ5HsXvkiw3iwF+mFHSRUfJU8t6YavocdXA==", + "requires": { + "@babel/template": "^7.10.4", + "@babel/traverse": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/highlight": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.10.4.tgz", + "integrity": "sha512-i6rgnR/YgPEQzZZnbTHHuZdlE8qyoBNalD6F+q4vAFlcMEcqmkoG+mPqJYJCo63qPf74+Y1UZsl3l6f7/RIkmA==", + "requires": { + "@babel/helper-validator-identifier": "^7.10.4", + "chalk": "^2.0.0", + "js-tokens": "^4.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@babel/parser": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.11.0.tgz", + "integrity": "sha512-qvRvi4oI8xii8NllyEc4MDJjuZiNaRzyb7Y7lup1NqJV8TZHF4O27CcP+72WPn/k1zkgJ6WJfnIbk4jTsVAZHw==" + }, + "@babel/plugin-proposal-async-generator-functions": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.10.5.tgz", + "integrity": "sha512-cNMCVezQbrRGvXJwm9fu/1sJj9bHdGAgKodZdLqOQIpfoH3raqmRPBM17+lh7CzhiKRRBrGtZL9WcjxSoGYUSg==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/helper-remap-async-to-generator": "^7.10.4", + "@babel/plugin-syntax-async-generators": "^7.8.0" + } + }, + "@babel/plugin-proposal-class-properties": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-class-properties/-/plugin-proposal-class-properties-7.10.4.tgz", + "integrity": "sha512-vhwkEROxzcHGNu2mzUC0OFFNXdZ4M23ib8aRRcJSsW8BZK9pQMD7QB7csl97NBbgGZO7ZyHUyKDnxzOaP4IrCg==", + "requires": { + "@babel/helper-create-class-features-plugin": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-proposal-decorators": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-decorators/-/plugin-proposal-decorators-7.8.3.tgz", + "integrity": "sha512-e3RvdvS4qPJVTe288DlXjwKflpfy1hr0j5dz5WpIYYeP7vQZg2WfAEIp8k5/Lwis/m5REXEteIz6rrcDtXXG7w==", + "requires": { + "@babel/helper-create-class-features-plugin": "^7.8.3", + "@babel/helper-plugin-utils": "^7.8.3", + "@babel/plugin-syntax-decorators": "^7.8.3" + } + }, + "@babel/plugin-proposal-dynamic-import": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-dynamic-import/-/plugin-proposal-dynamic-import-7.10.4.tgz", + "integrity": "sha512-up6oID1LeidOOASNXgv/CFbgBqTuKJ0cJjz6An5tWD+NVBNlp3VNSBxv2ZdU7SYl3NxJC7agAQDApZusV6uFwQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-dynamic-import": "^7.8.0" + } + }, + "@babel/plugin-proposal-export-namespace-from": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-export-namespace-from/-/plugin-proposal-export-namespace-from-7.10.4.tgz", + "integrity": "sha512-aNdf0LY6/3WXkhh0Fdb6Zk9j1NMD8ovj3F6r0+3j837Pn1S1PdNtcwJ5EG9WkVPNHPxyJDaxMaAOVq4eki0qbg==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-export-namespace-from": "^7.8.3" + } + }, + "@babel/plugin-proposal-json-strings": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-json-strings/-/plugin-proposal-json-strings-7.10.4.tgz", + "integrity": "sha512-fCL7QF0Jo83uy1K0P2YXrfX11tj3lkpN7l4dMv9Y9VkowkhkQDwFHFd8IiwyK5MZjE8UpbgokkgtcReH88Abaw==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-json-strings": "^7.8.0" + } + }, + "@babel/plugin-proposal-logical-assignment-operators": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-logical-assignment-operators/-/plugin-proposal-logical-assignment-operators-7.11.0.tgz", + "integrity": "sha512-/f8p4z+Auz0Uaf+i8Ekf1iM7wUNLcViFUGiPxKeXvxTSl63B875YPiVdUDdem7hREcI0E0kSpEhS8tF5RphK7Q==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4" + } + }, + "@babel/plugin-proposal-nullish-coalescing-operator": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-nullish-coalescing-operator/-/plugin-proposal-nullish-coalescing-operator-7.10.4.tgz", + "integrity": "sha512-wq5n1M3ZUlHl9sqT2ok1T2/MTt6AXE0e1Lz4WzWBr95LsAZ5qDXe4KnFuauYyEyLiohvXFMdbsOTMyLZs91Zlw==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.0" + } + }, + "@babel/plugin-proposal-numeric-separator": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-numeric-separator/-/plugin-proposal-numeric-separator-7.10.4.tgz", + "integrity": "sha512-73/G7QoRoeNkLZFxsoCCvlg4ezE4eM+57PnOqgaPOozd5myfj7p0muD1mRVJvbUWbOzD+q3No2bWbaKy+DJ8DA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-numeric-separator": "^7.10.4" + } + }, + "@babel/plugin-proposal-object-rest-spread": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.11.0.tgz", + "integrity": "sha512-wzch41N4yztwoRw0ak+37wxwJM2oiIiy6huGCoqkvSTA9acYWcPfn9Y4aJqmFFJ70KTJUu29f3DQ43uJ9HXzEA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-object-rest-spread": "^7.8.0", + "@babel/plugin-transform-parameters": "^7.10.4" + } + }, + "@babel/plugin-proposal-optional-catch-binding": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-optional-catch-binding/-/plugin-proposal-optional-catch-binding-7.10.4.tgz", + "integrity": "sha512-LflT6nPh+GK2MnFiKDyLiqSqVHkQnVf7hdoAvyTnnKj9xB3docGRsdPuxp6qqqW19ifK3xgc9U5/FwrSaCNX5g==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-optional-catch-binding": "^7.8.0" + } + }, + "@babel/plugin-proposal-optional-chaining": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-optional-chaining/-/plugin-proposal-optional-chaining-7.11.0.tgz", + "integrity": "sha512-v9fZIu3Y8562RRwhm1BbMRxtqZNFmFA2EG+pT2diuU8PT3H6T/KXoZ54KgYisfOFZHV6PfvAiBIZ9Rcz+/JCxA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/helper-skip-transparent-expression-wrappers": "^7.11.0", + "@babel/plugin-syntax-optional-chaining": "^7.8.0" + } + }, + "@babel/plugin-proposal-private-methods": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-private-methods/-/plugin-proposal-private-methods-7.10.4.tgz", + "integrity": "sha512-wh5GJleuI8k3emgTg5KkJK6kHNsGEr0uBTDBuQUBJwckk9xs1ez79ioheEVVxMLyPscB0LfkbVHslQqIzWV6Bw==", + "requires": { + "@babel/helper-create-class-features-plugin": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-proposal-unicode-property-regex": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-unicode-property-regex/-/plugin-proposal-unicode-property-regex-7.10.4.tgz", + "integrity": "sha512-H+3fOgPnEXFL9zGYtKQe4IDOPKYlZdF1kqFDQRRb8PK4B8af1vAGK04tF5iQAAsui+mHNBQSAtd2/ndEDe9wuA==", + "requires": { + "@babel/helper-create-regexp-features-plugin": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-async-generators": { + "version": "7.8.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-class-properties": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.10.4.tgz", + "integrity": "sha512-GCSBF7iUle6rNugfURwNmCGG3Z/2+opxAMLs1nND4bhEG5PuxTIggDBoeYYSujAlLtsupzOHYJQgPS3pivwXIA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-decorators": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-decorators/-/plugin-syntax-decorators-7.10.4.tgz", + "integrity": "sha512-2NaoC6fAk2VMdhY1eerkfHV+lVYC1u8b+jmRJISqANCJlTxYy19HGdIkkQtix2UtkcPuPu+IlDgrVseZnU03bw==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-dynamic-import": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-dynamic-import/-/plugin-syntax-dynamic-import-7.8.3.tgz", + "integrity": "sha512-5gdGbFon+PszYzqs83S3E5mpi7/y/8M9eC90MRTZfduQOYW76ig6SOSPNe41IG5LoP3FGBn2N0RjVDSQiS94kQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-export-namespace-from": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-export-namespace-from/-/plugin-syntax-export-namespace-from-7.8.3.tgz", + "integrity": "sha512-MXf5laXo6c1IbEbegDmzGPwGNTsHZmEy6QGznu5Sh2UCWvueywb2ee+CCE4zQiZstxU9BMoQO9i6zUFSY0Kj0Q==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-flow": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-flow/-/plugin-syntax-flow-7.10.4.tgz", + "integrity": "sha512-yxQsX1dJixF4qEEdzVbst3SZQ58Nrooz8NV9Z9GL4byTE25BvJgl5lf0RECUf0fh28rZBb/RYTWn/eeKwCMrZQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-json-strings": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-jsx": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.10.4.tgz", + "integrity": "sha512-KCg9mio9jwiARCB7WAcQ7Y1q+qicILjoK8LP/VkPkEKaf5dkaZZK1EcTe91a3JJlZ3qy6L5s9X52boEYi8DM9g==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-logical-assignment-operators": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", + "integrity": "sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-nullish-coalescing-operator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-numeric-separator": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", + "integrity": "sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-object-rest-spread": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-catch-binding": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-chaining": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-top-level-await": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.10.4.tgz", + "integrity": "sha512-ni1brg4lXEmWyafKr0ccFWkJG0CeMt4WV1oyeBW6EFObF4oOHclbkj5cARxAPQyAQ2UTuplJyK4nfkXIMMFvsQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-syntax-typescript": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.10.4.tgz", + "integrity": "sha512-oSAEz1YkBCAKr5Yiq8/BNtvSAPwkp/IyUnwZogd8p+F0RuYQQrLeRUzIQhueQTTBy/F+a40uS7OFKxnkRvmvFQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-arrow-functions": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-arrow-functions/-/plugin-transform-arrow-functions-7.10.4.tgz", + "integrity": "sha512-9J/oD1jV0ZCBcgnoFWFq1vJd4msoKb/TCpGNFyyLt0zABdcvgK3aYikZ8HjzB14c26bc7E3Q1yugpwGy2aTPNA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-async-to-generator": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.10.4.tgz", + "integrity": "sha512-F6nREOan7J5UXTLsDsZG3DXmZSVofr2tGNwfdrVwkDWHfQckbQXnXSPfD7iO+c/2HGqycwyLST3DnZ16n+cBJQ==", + "requires": { + "@babel/helper-module-imports": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/helper-remap-async-to-generator": "^7.10.4" + } + }, + "@babel/plugin-transform-block-scoped-functions": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoped-functions/-/plugin-transform-block-scoped-functions-7.10.4.tgz", + "integrity": "sha512-WzXDarQXYYfjaV1szJvN3AD7rZgZzC1JtjJZ8dMHUyiK8mxPRahynp14zzNjU3VkPqPsO38CzxiWO1c9ARZ8JA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-block-scoping": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.10.5.tgz", + "integrity": "sha512-6Ycw3hjpQti0qssQcA6AMSFDHeNJ++R6dIMnpRqUjFeBBTmTDPa8zgF90OVfTvAo11mXZTlVUViY1g8ffrURLg==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-classes": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-classes/-/plugin-transform-classes-7.10.4.tgz", + "integrity": "sha512-2oZ9qLjt161dn1ZE0Ms66xBncQH4In8Sqw1YWgBUZuGVJJS5c0OFZXL6dP2MRHrkU/eKhWg8CzFJhRQl50rQxA==", + "requires": { + "@babel/helper-annotate-as-pure": "^7.10.4", + "@babel/helper-define-map": "^7.10.4", + "@babel/helper-function-name": "^7.10.4", + "@babel/helper-optimise-call-expression": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/helper-replace-supers": "^7.10.4", + "@babel/helper-split-export-declaration": "^7.10.4", + "globals": "^11.1.0" + } + }, + "@babel/plugin-transform-computed-properties": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-computed-properties/-/plugin-transform-computed-properties-7.10.4.tgz", + "integrity": "sha512-JFwVDXcP/hM/TbyzGq3l/XWGut7p46Z3QvqFMXTfk6/09m7xZHJUN9xHfsv7vqqD4YnfI5ueYdSJtXqqBLyjBw==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-destructuring": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.10.4.tgz", + "integrity": "sha512-+WmfvyfsyF603iPa6825mq6Qrb7uLjTOsa3XOFzlYcYDHSS4QmpOWOL0NNBY5qMbvrcf3tq0Cw+v4lxswOBpgA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-dotall-regex": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.10.4.tgz", + "integrity": "sha512-ZEAVvUTCMlMFAbASYSVQoxIbHm2OkG2MseW6bV2JjIygOjdVv8tuxrCTzj1+Rynh7ODb8GivUy7dzEXzEhuPaA==", + "requires": { + "@babel/helper-create-regexp-features-plugin": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-duplicate-keys": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.10.4.tgz", + "integrity": "sha512-GL0/fJnmgMclHiBTTWXNlYjYsA7rDrtsazHG6mglaGSTh0KsrW04qml+Bbz9FL0LcJIRwBWL5ZqlNHKTkU3xAA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-exponentiation-operator": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.10.4.tgz", + "integrity": "sha512-S5HgLVgkBcRdyQAHbKj+7KyuWx8C6t5oETmUuwz1pt3WTWJhsUV0WIIXuVvfXMxl/QQyHKlSCNNtaIamG8fysw==", + "requires": { + "@babel/helper-builder-binary-assignment-operator-visitor": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-flow-strip-types": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-flow-strip-types/-/plugin-transform-flow-strip-types-7.9.0.tgz", + "integrity": "sha512-7Qfg0lKQhEHs93FChxVLAvhBshOPQDtJUTVHr/ZwQNRccCm4O9D79r9tVSoV8iNwjP1YgfD+e/fgHcPkN1qEQg==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.3", + "@babel/plugin-syntax-flow": "^7.8.3" + } + }, + "@babel/plugin-transform-for-of": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.10.4.tgz", + "integrity": "sha512-ItdQfAzu9AlEqmusA/65TqJ79eRcgGmpPPFvBnGILXZH975G0LNjP1yjHvGgfuCxqrPPueXOPe+FsvxmxKiHHQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-function-name": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-function-name/-/plugin-transform-function-name-7.10.4.tgz", + "integrity": "sha512-OcDCq2y5+E0dVD5MagT5X+yTRbcvFjDI2ZVAottGH6tzqjx/LKpgkUepu3hp/u4tZBzxxpNGwLsAvGBvQ2mJzg==", + "requires": { + "@babel/helper-function-name": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-literals": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-literals/-/plugin-transform-literals-7.10.4.tgz", + "integrity": "sha512-Xd/dFSTEVuUWnyZiMu76/InZxLTYilOSr1UlHV+p115Z/Le2Fi1KXkJUYz0b42DfndostYlPub3m8ZTQlMaiqQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-member-expression-literals": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-member-expression-literals/-/plugin-transform-member-expression-literals-7.10.4.tgz", + "integrity": "sha512-0bFOvPyAoTBhtcJLr9VcwZqKmSjFml1iVxvPL0ReomGU53CX53HsM4h2SzckNdkQcHox1bpAqzxBI1Y09LlBSw==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-modules-amd": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.10.5.tgz", + "integrity": "sha512-elm5uruNio7CTLFItVC/rIzKLfQ17+fX7EVz5W0TMgIHFo1zY0Ozzx+lgwhL4plzl8OzVn6Qasx5DeEFyoNiRw==", + "requires": { + "@babel/helper-module-transforms": "^7.10.5", + "@babel/helper-plugin-utils": "^7.10.4", + "babel-plugin-dynamic-import-node": "^2.3.3" + } + }, + "@babel/plugin-transform-modules-commonjs": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.10.4.tgz", + "integrity": "sha512-Xj7Uq5o80HDLlW64rVfDBhao6OX89HKUmb+9vWYaLXBZOma4gA6tw4Ni1O5qVDoZWUV0fxMYA0aYzOawz0l+1w==", + "requires": { + "@babel/helper-module-transforms": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/helper-simple-access": "^7.10.4", + "babel-plugin-dynamic-import-node": "^2.3.3" + } + }, + "@babel/plugin-transform-modules-systemjs": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.10.5.tgz", + "integrity": "sha512-f4RLO/OL14/FP1AEbcsWMzpbUz6tssRaeQg11RH1BP/XnPpRoVwgeYViMFacnkaw4k4wjRSjn3ip1Uw9TaXuMw==", + "requires": { + "@babel/helper-hoist-variables": "^7.10.4", + "@babel/helper-module-transforms": "^7.10.5", + "@babel/helper-plugin-utils": "^7.10.4", + "babel-plugin-dynamic-import-node": "^2.3.3" + } + }, + "@babel/plugin-transform-modules-umd": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-umd/-/plugin-transform-modules-umd-7.10.4.tgz", + "integrity": "sha512-mohW5q3uAEt8T45YT7Qc5ws6mWgJAaL/8BfWD9Dodo1A3RKWli8wTS+WiQ/knF+tXlPirW/1/MqzzGfCExKECA==", + "requires": { + "@babel/helper-module-transforms": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-named-capturing-groups-regex": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-named-capturing-groups-regex/-/plugin-transform-named-capturing-groups-regex-7.10.4.tgz", + "integrity": "sha512-V6LuOnD31kTkxQPhKiVYzYC/Jgdq53irJC/xBSmqcNcqFGV+PER4l6rU5SH2Vl7bH9mLDHcc0+l9HUOe4RNGKA==", + "requires": { + "@babel/helper-create-regexp-features-plugin": "^7.10.4" + } + }, + "@babel/plugin-transform-new-target": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-new-target/-/plugin-transform-new-target-7.10.4.tgz", + "integrity": "sha512-YXwWUDAH/J6dlfwqlWsztI2Puz1NtUAubXhOPLQ5gjR/qmQ5U96DY4FQO8At33JN4XPBhrjB8I4eMmLROjjLjw==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-object-super": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-object-super/-/plugin-transform-object-super-7.10.4.tgz", + "integrity": "sha512-5iTw0JkdRdJvr7sY0vHqTpnruUpTea32JHmq/atIWqsnNussbRzjEDyWep8UNztt1B5IusBYg8Irb0bLbiEBCQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/helper-replace-supers": "^7.10.4" + } + }, + "@babel/plugin-transform-parameters": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.10.5.tgz", + "integrity": "sha512-xPHwUj5RdFV8l1wuYiu5S9fqWGM2DrYc24TMvUiRrPVm+SM3XeqU9BcokQX/kEUe+p2RBwy+yoiR1w/Blq6ubw==", + "requires": { + "@babel/helper-get-function-arity": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-property-literals": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-property-literals/-/plugin-transform-property-literals-7.10.4.tgz", + "integrity": "sha512-ofsAcKiUxQ8TY4sScgsGeR2vJIsfrzqvFb9GvJ5UdXDzl+MyYCaBj/FGzXuv7qE0aJcjWMILny1epqelnFlz8g==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-react-constant-elements": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-constant-elements/-/plugin-transform-react-constant-elements-7.10.4.tgz", + "integrity": "sha512-cYmQBW1pXrqBte1raMkAulXmi7rjg3VI6ZLg9QIic8Hq7BtYXaWuZSxsr2siOMI6SWwpxjWfnwhTUrd7JlAV7g==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-react-display-name": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-display-name/-/plugin-transform-react-display-name-7.10.4.tgz", + "integrity": "sha512-Zd4X54Mu9SBfPGnEcaGcOrVAYOtjT2on8QZkLKEq1S/tHexG39d9XXGZv19VfRrDjPJzFmPfTAqOQS1pfFOujw==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-react-jsx": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-jsx/-/plugin-transform-react-jsx-7.10.4.tgz", + "integrity": "sha512-L+MfRhWjX0eI7Js093MM6MacKU4M6dnCRa/QPDwYMxjljzSCzzlzKzj9Pk4P3OtrPcxr2N3znR419nr3Xw+65A==", + "requires": { + "@babel/helper-builder-react-jsx": "^7.10.4", + "@babel/helper-builder-react-jsx-experimental": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-jsx": "^7.10.4" + } + }, + "@babel/plugin-transform-react-jsx-development": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-jsx-development/-/plugin-transform-react-jsx-development-7.10.4.tgz", + "integrity": "sha512-RM3ZAd1sU1iQ7rI2dhrZRZGv0aqzNQMbkIUCS1txYpi9wHQ2ZHNjo5TwX+UD6pvFW4AbWqLVYvKy5qJSAyRGjQ==", + "requires": { + "@babel/helper-builder-react-jsx-experimental": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-jsx": "^7.10.4" + } + }, + "@babel/plugin-transform-react-jsx-self": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-jsx-self/-/plugin-transform-react-jsx-self-7.10.4.tgz", + "integrity": "sha512-yOvxY2pDiVJi0axdTWHSMi5T0DILN+H+SaeJeACHKjQLezEzhLx9nEF9xgpBLPtkZsks9cnb5P9iBEi21En3gg==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-jsx": "^7.10.4" + } + }, + "@babel/plugin-transform-react-jsx-source": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-jsx-source/-/plugin-transform-react-jsx-source-7.10.5.tgz", + "integrity": "sha512-wTeqHVkN1lfPLubRiZH3o73f4rfon42HpgxUSs86Nc+8QIcm/B9s8NNVXu/gwGcOyd7yDib9ikxoDLxJP0UiDA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-jsx": "^7.10.4" + } + }, + "@babel/plugin-transform-react-pure-annotations": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-pure-annotations/-/plugin-transform-react-pure-annotations-7.10.4.tgz", + "integrity": "sha512-+njZkqcOuS8RaPakrnR9KvxjoG1ASJWpoIv/doyWngId88JoFlPlISenGXjrVacZUIALGUr6eodRs1vmPnF23A==", + "requires": { + "@babel/helper-annotate-as-pure": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-regenerator": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.10.4.tgz", + "integrity": "sha512-3thAHwtor39A7C04XucbMg17RcZ3Qppfxr22wYzZNcVIkPHfpM9J0SO8zuCV6SZa265kxBJSrfKTvDCYqBFXGw==", + "requires": { + "regenerator-transform": "^0.14.2" + } + }, + "@babel/plugin-transform-reserved-words": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-reserved-words/-/plugin-transform-reserved-words-7.10.4.tgz", + "integrity": "sha512-hGsw1O6Rew1fkFbDImZIEqA8GoidwTAilwCyWqLBM9f+e/u/sQMQu7uX6dyokfOayRuuVfKOW4O7HvaBWM+JlQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-runtime": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.9.0.tgz", + "integrity": "sha512-pUu9VSf3kI1OqbWINQ7MaugnitRss1z533436waNXp+0N3ur3zfut37sXiQMxkuCF4VUjwZucen/quskCh7NHw==", + "requires": { + "@babel/helper-module-imports": "^7.8.3", + "@babel/helper-plugin-utils": "^7.8.3", + "resolve": "^1.8.1", + "semver": "^5.5.1" + } + }, + "@babel/plugin-transform-shorthand-properties": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-shorthand-properties/-/plugin-transform-shorthand-properties-7.10.4.tgz", + "integrity": "sha512-AC2K/t7o07KeTIxMoHneyX90v3zkm5cjHJEokrPEAGEy3UCp8sLKfnfOIGdZ194fyN4wfX/zZUWT9trJZ0qc+Q==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-spread": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-spread/-/plugin-transform-spread-7.11.0.tgz", + "integrity": "sha512-UwQYGOqIdQJe4aWNyS7noqAnN2VbaczPLiEtln+zPowRNlD+79w3oi2TWfYe0eZgd+gjZCbsydN7lzWysDt+gw==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/helper-skip-transparent-expression-wrappers": "^7.11.0" + } + }, + "@babel/plugin-transform-sticky-regex": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-sticky-regex/-/plugin-transform-sticky-regex-7.10.4.tgz", + "integrity": "sha512-Ddy3QZfIbEV0VYcVtFDCjeE4xwVTJWTmUtorAJkn6u/92Z/nWJNV+mILyqHKrUxXYKA2EoCilgoPePymKL4DvQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/helper-regex": "^7.10.4" + } + }, + "@babel/plugin-transform-template-literals": { + "version": "7.10.5", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-template-literals/-/plugin-transform-template-literals-7.10.5.tgz", + "integrity": "sha512-V/lnPGIb+KT12OQikDvgSuesRX14ck5FfJXt6+tXhdkJ+Vsd0lDCVtF6jcB4rNClYFzaB2jusZ+lNISDk2mMMw==", + "requires": { + "@babel/helper-annotate-as-pure": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-typeof-symbol": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-typeof-symbol/-/plugin-transform-typeof-symbol-7.10.4.tgz", + "integrity": "sha512-QqNgYwuuW0y0H+kUE/GWSR45t/ccRhe14Fs/4ZRouNNQsyd4o3PG4OtHiIrepbM2WKUBDAXKCAK/Lk4VhzTaGA==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-typescript": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-typescript/-/plugin-transform-typescript-7.11.0.tgz", + "integrity": "sha512-edJsNzTtvb3MaXQwj8403B7mZoGu9ElDJQZOKjGUnvilquxBA3IQoEIOvkX/1O8xfAsnHS/oQhe2w/IXrr+w0w==", + "requires": { + "@babel/helper-create-class-features-plugin": "^7.10.5", + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-syntax-typescript": "^7.10.4" + } + }, + "@babel/plugin-transform-unicode-escapes": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-unicode-escapes/-/plugin-transform-unicode-escapes-7.10.4.tgz", + "integrity": "sha512-y5XJ9waMti2J+e7ij20e+aH+fho7Wb7W8rNuu72aKRwCHFqQdhkdU2lo3uZ9tQuboEJcUFayXdARhcxLQ3+6Fg==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/plugin-transform-unicode-regex": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-unicode-regex/-/plugin-transform-unicode-regex-7.10.4.tgz", + "integrity": "sha512-wNfsc4s8N2qnIwpO/WP2ZiSyjfpTamT2C9V9FDH/Ljub9zw6P3SjkXcFmc0RQUt96k2fmIvtla2MMjgTwIAC+A==", + "requires": { + "@babel/helper-create-regexp-features-plugin": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4" + } + }, + "@babel/preset-env": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.11.0.tgz", + "integrity": "sha512-2u1/k7rG/gTh02dylX2kL3S0IJNF+J6bfDSp4DI2Ma8QN6Y9x9pmAax59fsCk6QUQG0yqH47yJWA+u1I1LccAg==", + "requires": { + "@babel/compat-data": "^7.11.0", + "@babel/helper-compilation-targets": "^7.10.4", + "@babel/helper-module-imports": "^7.10.4", + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-proposal-async-generator-functions": "^7.10.4", + "@babel/plugin-proposal-class-properties": "^7.10.4", + "@babel/plugin-proposal-dynamic-import": "^7.10.4", + "@babel/plugin-proposal-export-namespace-from": "^7.10.4", + "@babel/plugin-proposal-json-strings": "^7.10.4", + "@babel/plugin-proposal-logical-assignment-operators": "^7.11.0", + "@babel/plugin-proposal-nullish-coalescing-operator": "^7.10.4", + "@babel/plugin-proposal-numeric-separator": "^7.10.4", + "@babel/plugin-proposal-object-rest-spread": "^7.11.0", + "@babel/plugin-proposal-optional-catch-binding": "^7.10.4", + "@babel/plugin-proposal-optional-chaining": "^7.11.0", + "@babel/plugin-proposal-private-methods": "^7.10.4", + "@babel/plugin-proposal-unicode-property-regex": "^7.10.4", + "@babel/plugin-syntax-async-generators": "^7.8.0", + "@babel/plugin-syntax-class-properties": "^7.10.4", + "@babel/plugin-syntax-dynamic-import": "^7.8.0", + "@babel/plugin-syntax-export-namespace-from": "^7.8.3", + "@babel/plugin-syntax-json-strings": "^7.8.0", + "@babel/plugin-syntax-logical-assignment-operators": "^7.10.4", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.0", + "@babel/plugin-syntax-numeric-separator": "^7.10.4", + "@babel/plugin-syntax-object-rest-spread": "^7.8.0", + "@babel/plugin-syntax-optional-catch-binding": "^7.8.0", + "@babel/plugin-syntax-optional-chaining": "^7.8.0", + "@babel/plugin-syntax-top-level-await": "^7.10.4", + "@babel/plugin-transform-arrow-functions": "^7.10.4", + "@babel/plugin-transform-async-to-generator": "^7.10.4", + "@babel/plugin-transform-block-scoped-functions": "^7.10.4", + "@babel/plugin-transform-block-scoping": "^7.10.4", + "@babel/plugin-transform-classes": "^7.10.4", + "@babel/plugin-transform-computed-properties": "^7.10.4", + "@babel/plugin-transform-destructuring": "^7.10.4", + "@babel/plugin-transform-dotall-regex": "^7.10.4", + "@babel/plugin-transform-duplicate-keys": "^7.10.4", + "@babel/plugin-transform-exponentiation-operator": "^7.10.4", + "@babel/plugin-transform-for-of": "^7.10.4", + "@babel/plugin-transform-function-name": "^7.10.4", + "@babel/plugin-transform-literals": "^7.10.4", + "@babel/plugin-transform-member-expression-literals": "^7.10.4", + "@babel/plugin-transform-modules-amd": "^7.10.4", + "@babel/plugin-transform-modules-commonjs": "^7.10.4", + "@babel/plugin-transform-modules-systemjs": "^7.10.4", + "@babel/plugin-transform-modules-umd": "^7.10.4", + "@babel/plugin-transform-named-capturing-groups-regex": "^7.10.4", + "@babel/plugin-transform-new-target": "^7.10.4", + "@babel/plugin-transform-object-super": "^7.10.4", + "@babel/plugin-transform-parameters": "^7.10.4", + "@babel/plugin-transform-property-literals": "^7.10.4", + "@babel/plugin-transform-regenerator": "^7.10.4", + "@babel/plugin-transform-reserved-words": "^7.10.4", + "@babel/plugin-transform-shorthand-properties": "^7.10.4", + "@babel/plugin-transform-spread": "^7.11.0", + "@babel/plugin-transform-sticky-regex": "^7.10.4", + "@babel/plugin-transform-template-literals": "^7.10.4", + "@babel/plugin-transform-typeof-symbol": "^7.10.4", + "@babel/plugin-transform-unicode-escapes": "^7.10.4", + "@babel/plugin-transform-unicode-regex": "^7.10.4", + "@babel/preset-modules": "^0.1.3", + "@babel/types": "^7.11.0", + "browserslist": "^4.12.0", + "core-js-compat": "^3.6.2", + "invariant": "^2.2.2", + "levenary": "^1.1.1", + "semver": "^5.5.0" + } + }, + "@babel/preset-modules": { + "version": "0.1.3", + "resolved": "https://registry.npmjs.org/@babel/preset-modules/-/preset-modules-0.1.3.tgz", + "integrity": "sha512-Ra3JXOHBq2xd56xSF7lMKXdjBn3T772Y1Wet3yWnkDly9zHvJki029tAFzvAAK5cf4YV3yoxuP61crYRol6SVg==", + "requires": { + "@babel/helper-plugin-utils": "^7.0.0", + "@babel/plugin-proposal-unicode-property-regex": "^7.4.4", + "@babel/plugin-transform-dotall-regex": "^7.4.4", + "@babel/types": "^7.4.4", + "esutils": "^2.0.2" + } + }, + "@babel/preset-react": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/preset-react/-/preset-react-7.10.4.tgz", + "integrity": "sha512-BrHp4TgOIy4M19JAfO1LhycVXOPWdDbTRep7eVyatf174Hff+6Uk53sDyajqZPu8W1qXRBiYOfIamek6jA7YVw==", + "requires": { + "@babel/helper-plugin-utils": "^7.10.4", + "@babel/plugin-transform-react-display-name": "^7.10.4", + "@babel/plugin-transform-react-jsx": "^7.10.4", + "@babel/plugin-transform-react-jsx-development": "^7.10.4", + "@babel/plugin-transform-react-jsx-self": "^7.10.4", + "@babel/plugin-transform-react-jsx-source": "^7.10.4", + "@babel/plugin-transform-react-pure-annotations": "^7.10.4" + } + }, + "@babel/preset-typescript": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/preset-typescript/-/preset-typescript-7.9.0.tgz", + "integrity": "sha512-S4cueFnGrIbvYJgwsVFKdvOmpiL0XGw9MFW9D0vgRys5g36PBhZRL8NX8Gr2akz8XRtzq6HuDXPD/1nniagNUg==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.3", + "@babel/plugin-transform-typescript": "^7.9.0" + } + }, + "@babel/runtime": { + "version": "7.6.3", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.6.3.tgz", + "integrity": "sha512-kq6anf9JGjW8Nt5rYfEuGRaEAaH1mkv3Bbu6rYvLOpPh/RusSJXuKPEAoZ7L7gybZkchE8+NV5g9vKF4AGAtsA==", + "requires": { + "regenerator-runtime": "^0.13.2" + } + }, + "@babel/runtime-corejs3": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/runtime-corejs3/-/runtime-corejs3-7.11.0.tgz", + "integrity": "sha512-K0ioacsw8JgzDSPpUiGWokMvLzGvnZPXLrTsJfyHPrFsnp4yoKn+Ap/8NNZgWKZG9o5+qotH8tAa8AXn8gTN5A==", + "requires": { + "core-js-pure": "^3.0.0", + "regenerator-runtime": "^0.13.4" + }, + "dependencies": { + "regenerator-runtime": { + "version": "0.13.7", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.7.tgz", + "integrity": "sha512-a54FxoJDIr27pgf7IgeQGxmqUNYrcV338lf/6gH456HZ/PhX+5BcwHXG9ajESmwe6WRO0tAzRUrRmNONWgkrew==" + } + } + }, + "@babel/template": { + "version": "7.10.4", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.10.4.tgz", + "integrity": "sha512-ZCjD27cGJFUB6nmCB1Enki3r+L5kJveX9pq1SvAUKoICy6CZ9yD8xO086YXdYhvNjBdnekm4ZnaP5yC8Cs/1tA==", + "requires": { + "@babel/code-frame": "^7.10.4", + "@babel/parser": "^7.10.4", + "@babel/types": "^7.10.4" + } + }, + "@babel/traverse": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.11.0.tgz", + "integrity": "sha512-ZB2V+LskoWKNpMq6E5UUCrjtDUh5IOTAyIl0dTjIEoXum/iKWkoIEKIRDnUucO6f+2FzNkE0oD4RLKoPIufDtg==", + "requires": { + "@babel/code-frame": "^7.10.4", + "@babel/generator": "^7.11.0", + "@babel/helper-function-name": "^7.10.4", + "@babel/helper-split-export-declaration": "^7.11.0", + "@babel/parser": "^7.11.0", + "@babel/types": "^7.11.0", + "debug": "^4.1.0", + "globals": "^11.1.0", + "lodash": "^4.17.19" + }, + "dependencies": { + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "requires": { + "ms": "^2.1.1" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + } + } + }, + "@babel/types": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.11.0.tgz", + "integrity": "sha512-O53yME4ZZI0jO1EVGtF1ePGl0LHirG4P1ibcD80XyzZcKhcMFeCXmh4Xb1ifGBIV233Qg12x4rBfQgA+tmOukA==", + "requires": { + "@babel/helper-validator-identifier": "^7.10.4", + "lodash": "^4.17.19", + "to-fast-properties": "^2.0.0" + } + }, + "@cnakazawa/watch": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@cnakazawa/watch/-/watch-1.0.4.tgz", + "integrity": "sha512-v9kIhKwjeZThiWrLmj0y17CWoyddASLj9O2yvbZkbvw/N3rWOYy9zkV66ursAoVr0mV15bL8g0c4QZUE6cdDoQ==", + "requires": { + "exec-sh": "^0.3.2", + "minimist": "^1.2.0" + } + }, + "@csstools/convert-colors": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@csstools/convert-colors/-/convert-colors-1.4.0.tgz", + "integrity": "sha512-5a6wqoJV/xEdbRNKVo6I4hO3VjyDq//8q2f9I6PBAvMesJHFauXDorcNCsr9RzvsZnaWi5NYCcfyqP1QeFHFbw==" + }, + "@csstools/normalize.css": { + "version": "10.1.0", + "resolved": "https://registry.npmjs.org/@csstools/normalize.css/-/normalize.css-10.1.0.tgz", + "integrity": "sha512-ij4wRiunFfaJxjB0BdrYHIH8FxBJpOwNPhhAcunlmPdXudL1WQV1qoP9un6JsEBAgQH+7UXyyjh0g7jTxXK6tg==" + }, + "@fortawesome/fontawesome-common-types": { + "version": "0.2.25", + "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-common-types/-/fontawesome-common-types-0.2.25.tgz", + "integrity": "sha512-3RuZPDuuPELd7RXtUqTCfed14fcny9UiPOkdr2i+cYxBoTOfQgxcDoq77fHiiHcgWuo1LoBUpvGxFF1H/y7s3Q==" + }, + "@fortawesome/fontawesome-free": { + "version": "5.11.2", + "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-free/-/fontawesome-free-5.11.2.tgz", + "integrity": "sha512-XiUPoS79r1G7PcpnNtq85TJ7inJWe0v+b5oZJZKb0pGHNIV6+UiNeQWiFGmuQ0aj7GEhnD/v9iqxIsjuRKtEnQ==" + }, + "@fortawesome/fontawesome-svg-core": { + "version": "1.2.25", + "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-svg-core/-/fontawesome-svg-core-1.2.25.tgz", + "integrity": "sha512-MotKnn53JKqbkLQiwcZSBJVYtTgIKFbh7B8+kd05TSnfKYPFmjKKI59o2fpz5t0Hzl35vVGU6+N4twoOpZUrqA==", + "requires": { + "@fortawesome/fontawesome-common-types": "^0.2.25" + } + }, + "@fortawesome/free-brands-svg-icons": { + "version": "5.11.2", + "resolved": "https://registry.npmjs.org/@fortawesome/free-brands-svg-icons/-/free-brands-svg-icons-5.11.2.tgz", + "integrity": "sha512-wKK5znpHiZ2S0VgOvbeAnYuzkk3H86rxWajD9PVpfBj3s/kySEWTFKh/uLPyxiTOx8Tsd0OGN4En/s9XudVHLQ==", + "requires": { + "@fortawesome/fontawesome-common-types": "^0.2.25" + } + }, + "@fortawesome/free-solid-svg-icons": { + "version": "5.11.2", + "resolved": "https://registry.npmjs.org/@fortawesome/free-solid-svg-icons/-/free-solid-svg-icons-5.11.2.tgz", + "integrity": "sha512-zBue4i0PAZJUXOmLBBvM7L0O7wmsDC8dFv9IhpW5QL4kT9xhhVUsYg/LX1+5KaukWq4/cbDcKT+RT1aRe543sg==", + "requires": { + "@fortawesome/fontawesome-common-types": "^0.2.25" + } + }, + "@fortawesome/react-fontawesome": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/@fortawesome/react-fontawesome/-/react-fontawesome-0.1.6.tgz", + "integrity": "sha512-DNqt2t4JQ0YQKi832XzByk1wlQzgugwwCCNQHsFyz1z/zA9dtypSvsvVwMIaWXMljalYzKAA2zHX13C1DIxKAw==", + "requires": { + "prop-types": "^15.5.10" + } + }, + "@hapi/address": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/@hapi/address/-/address-2.1.4.tgz", + "integrity": "sha512-QD1PhQk+s31P1ixsX0H0Suoupp3VMXzIVMSwobR3F3MSUO2YCV0B7xqLcUw/Bh8yuvd3LhpyqLQWTNcRmp6IdQ==" + }, + "@hapi/bourne": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@hapi/bourne/-/bourne-1.3.2.tgz", + "integrity": "sha512-1dVNHT76Uu5N3eJNTYcvxee+jzX4Z9lfciqRRHCU27ihbUcYi+iSc2iml5Ke1LXe1SyJCLA0+14Jh4tXJgOppA==" + }, + "@hapi/hoek": { + "version": "8.5.1", + "resolved": "https://registry.npmjs.org/@hapi/hoek/-/hoek-8.5.1.tgz", + "integrity": "sha512-yN7kbciD87WzLGc5539Tn0sApjyiGHAJgKvG9W8C7O+6c7qmoQMfVs0W4bX17eqz6C78QJqqFrtgdK5EWf6Qow==" + }, + "@hapi/joi": { + "version": "15.1.1", + "resolved": "https://registry.npmjs.org/@hapi/joi/-/joi-15.1.1.tgz", + "integrity": "sha512-entf8ZMOK8sc+8YfeOlM8pCfg3b5+WZIKBfUaaJT8UsjAAPjartzxIYm3TIbjvA4u+u++KbcXD38k682nVHDAQ==", + "requires": { + "@hapi/address": "2.x.x", + "@hapi/bourne": "1.x.x", + "@hapi/hoek": "8.x.x", + "@hapi/topo": "3.x.x" + } + }, + "@hapi/topo": { + "version": "3.1.6", + "resolved": "https://registry.npmjs.org/@hapi/topo/-/topo-3.1.6.tgz", + "integrity": "sha512-tAag0jEcjwH+P2quUfipd7liWCNX2F8NvYjQp2wtInsZxnMlypdw0FtAOLxtvvkO+GSRRbmNi8m/5y42PQJYCQ==", + "requires": { + "@hapi/hoek": "^8.3.0" + } + }, + "@jest/console": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/console/-/console-24.9.0.tgz", + "integrity": "sha512-Zuj6b8TnKXi3q4ymac8EQfc3ea/uhLeCGThFqXeC8H9/raaH8ARPUTdId+XyGd03Z4In0/VjD2OYFcBF09fNLQ==", + "requires": { + "@jest/source-map": "^24.9.0", + "chalk": "^2.0.1", + "slash": "^2.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@jest/core": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/core/-/core-24.9.0.tgz", + "integrity": "sha512-Fogg3s4wlAr1VX7q+rhV9RVnUv5tD7VuWfYy1+whMiWUrvl7U3QJSJyWcDio9Lq2prqYsZaeTv2Rz24pWGkJ2A==", + "requires": { + "@jest/console": "^24.7.1", + "@jest/reporters": "^24.9.0", + "@jest/test-result": "^24.9.0", + "@jest/transform": "^24.9.0", + "@jest/types": "^24.9.0", + "ansi-escapes": "^3.0.0", + "chalk": "^2.0.1", + "exit": "^0.1.2", + "graceful-fs": "^4.1.15", + "jest-changed-files": "^24.9.0", + "jest-config": "^24.9.0", + "jest-haste-map": "^24.9.0", + "jest-message-util": "^24.9.0", + "jest-regex-util": "^24.3.0", + "jest-resolve": "^24.9.0", + "jest-resolve-dependencies": "^24.9.0", + "jest-runner": "^24.9.0", + "jest-runtime": "^24.9.0", + "jest-snapshot": "^24.9.0", + "jest-util": "^24.9.0", + "jest-validate": "^24.9.0", + "jest-watcher": "^24.9.0", + "micromatch": "^3.1.10", + "p-each-series": "^1.0.0", + "realpath-native": "^1.1.0", + "rimraf": "^2.5.4", + "slash": "^2.0.0", + "strip-ansi": "^5.0.0" + }, + "dependencies": { + "ansi-escapes": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-3.2.0.tgz", + "integrity": "sha512-cBhpre4ma+U0T1oM5fXg7Dy1Jw7zzwv7lt/GoCpr+hDQJoYnKVPLL4dCvSEFMmQurOQvSrwT7SL/DAlhBI97RQ==" + }, + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" + }, + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "requires": { + "ansi-regex": "^4.1.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@jest/environment": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-24.9.0.tgz", + "integrity": "sha512-5A1QluTPhvdIPFYnO3sZC3smkNeXPVELz7ikPbhUj0bQjB07EoE9qtLrem14ZUYWdVayYbsjVwIiL4WBIMV4aQ==", + "requires": { + "@jest/fake-timers": "^24.9.0", + "@jest/transform": "^24.9.0", + "@jest/types": "^24.9.0", + "jest-mock": "^24.9.0" + } + }, + "@jest/fake-timers": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-24.9.0.tgz", + "integrity": "sha512-eWQcNa2YSwzXWIMC5KufBh3oWRIijrQFROsIqt6v/NS9Io/gknw1jsAC9c+ih/RQX4A3O7SeWAhQeN0goKhT9A==", + "requires": { + "@jest/types": "^24.9.0", + "jest-message-util": "^24.9.0", + "jest-mock": "^24.9.0" + } + }, + "@jest/reporters": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-24.9.0.tgz", + "integrity": "sha512-mu4X0yjaHrffOsWmVLzitKmmmWSQ3GGuefgNscUSWNiUNcEOSEQk9k3pERKEQVBb0Cnn88+UESIsZEMH3o88Gw==", + "requires": { + "@jest/environment": "^24.9.0", + "@jest/test-result": "^24.9.0", + "@jest/transform": "^24.9.0", + "@jest/types": "^24.9.0", + "chalk": "^2.0.1", + "exit": "^0.1.2", + "glob": "^7.1.2", + "istanbul-lib-coverage": "^2.0.2", + "istanbul-lib-instrument": "^3.0.1", + "istanbul-lib-report": "^2.0.4", + "istanbul-lib-source-maps": "^3.0.1", + "istanbul-reports": "^2.2.6", + "jest-haste-map": "^24.9.0", + "jest-resolve": "^24.9.0", + "jest-runtime": "^24.9.0", + "jest-util": "^24.9.0", + "jest-worker": "^24.6.0", + "node-notifier": "^5.4.2", + "slash": "^2.0.0", + "source-map": "^0.6.0", + "string-length": "^2.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@jest/source-map": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-24.9.0.tgz", + "integrity": "sha512-/Xw7xGlsZb4MJzNDgB7PW5crou5JqWiBQaz6xyPd3ArOg2nfn/PunV8+olXbbEZzNl591o5rWKE9BRDaFAuIBg==", + "requires": { + "callsites": "^3.0.0", + "graceful-fs": "^4.1.15", + "source-map": "^0.6.0" + }, + "dependencies": { + "callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==" + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } + } + }, + "@jest/test-result": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-24.9.0.tgz", + "integrity": "sha512-XEFrHbBonBJ8dGp2JmF8kP/nQI/ImPpygKHwQ/SY+es59Z3L5PI4Qb9TQQMAEeYsThG1xF0k6tmG0tIKATNiiA==", + "requires": { + "@jest/console": "^24.9.0", + "@jest/types": "^24.9.0", + "@types/istanbul-lib-coverage": "^2.0.0" + } + }, + "@jest/test-sequencer": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-24.9.0.tgz", + "integrity": "sha512-6qqsU4o0kW1dvA95qfNog8v8gkRN9ph6Lz7r96IvZpHdNipP2cBcb07J1Z45mz/VIS01OHJ3pY8T5fUY38tg4A==", + "requires": { + "@jest/test-result": "^24.9.0", + "jest-haste-map": "^24.9.0", + "jest-runner": "^24.9.0", + "jest-runtime": "^24.9.0" + } + }, + "@jest/transform": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-24.9.0.tgz", + "integrity": "sha512-TcQUmyNRxV94S0QpMOnZl0++6RMiqpbH/ZMccFB/amku6Uwvyb1cjYX7xkp5nGNkbX4QPH/FcB6q1HBTHynLmQ==", + "requires": { + "@babel/core": "^7.1.0", + "@jest/types": "^24.9.0", + "babel-plugin-istanbul": "^5.1.0", + "chalk": "^2.0.1", + "convert-source-map": "^1.4.0", + "fast-json-stable-stringify": "^2.0.0", + "graceful-fs": "^4.1.15", + "jest-haste-map": "^24.9.0", + "jest-regex-util": "^24.9.0", + "jest-util": "^24.9.0", + "micromatch": "^3.1.10", + "pirates": "^4.0.1", + "realpath-native": "^1.1.0", + "slash": "^2.0.0", + "source-map": "^0.6.1", + "write-file-atomic": "2.4.1" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@jest/types": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-24.9.0.tgz", + "integrity": "sha512-XKK7ze1apu5JWQ5eZjHITP66AX+QsLlbaJRBGYr8pNzwcAE2JVkwnf0yqjHTsDRcjR0mujy/NmZMXw5kl+kGBw==", + "requires": { + "@types/istanbul-lib-coverage": "^2.0.0", + "@types/istanbul-reports": "^1.1.1", + "@types/yargs": "^13.0.0" + } + }, + "@mrmlnc/readdir-enhanced": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/@mrmlnc/readdir-enhanced/-/readdir-enhanced-2.2.1.tgz", + "integrity": "sha512-bPHp6Ji8b41szTOcaP63VlnbbO5Ny6dwAATtY6JTjh5N2OLrb5Qk/Th5cRkRQhkWCt+EJsYrNB0MiL+Gpn6e3g==", + "requires": { + "call-me-maybe": "^1.0.1", + "glob-to-regexp": "^0.3.0" + } + }, + "@nodelib/fs.stat": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-1.1.3.tgz", + "integrity": "sha512-shAmDyaQC4H92APFoIaVDHCx5bStIocgvbwQyxPRrbUY20V1EYTbSDchWbuwlMG3V17cprZhA6+78JfB+3DTPw==" + }, + "@svgr/babel-plugin-add-jsx-attribute": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-add-jsx-attribute/-/babel-plugin-add-jsx-attribute-4.2.0.tgz", + "integrity": "sha512-j7KnilGyZzYr/jhcrSYS3FGWMZVaqyCG0vzMCwzvei0coIkczuYMcniK07nI0aHJINciujjH11T72ICW5eL5Ig==" + }, + "@svgr/babel-plugin-remove-jsx-attribute": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-remove-jsx-attribute/-/babel-plugin-remove-jsx-attribute-4.2.0.tgz", + "integrity": "sha512-3XHLtJ+HbRCH4n28S7y/yZoEQnRpl0tvTZQsHqvaeNXPra+6vE5tbRliH3ox1yZYPCxrlqaJT/Mg+75GpDKlvQ==" + }, + "@svgr/babel-plugin-remove-jsx-empty-expression": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-remove-jsx-empty-expression/-/babel-plugin-remove-jsx-empty-expression-4.2.0.tgz", + "integrity": "sha512-yTr2iLdf6oEuUE9MsRdvt0NmdpMBAkgK8Bjhl6epb+eQWk6abBaX3d65UZ3E3FWaOwePyUgNyNCMVG61gGCQ7w==" + }, + "@svgr/babel-plugin-replace-jsx-attribute-value": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-replace-jsx-attribute-value/-/babel-plugin-replace-jsx-attribute-value-4.2.0.tgz", + "integrity": "sha512-U9m870Kqm0ko8beHawRXLGLvSi/ZMrl89gJ5BNcT452fAjtF2p4uRzXkdzvGJJJYBgx7BmqlDjBN/eCp5AAX2w==" + }, + "@svgr/babel-plugin-svg-dynamic-title": { + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-svg-dynamic-title/-/babel-plugin-svg-dynamic-title-4.3.3.tgz", + "integrity": "sha512-w3Be6xUNdwgParsvxkkeZb545VhXEwjGMwExMVBIdPQJeyMQHqm9Msnb2a1teHBqUYL66qtwfhNkbj1iarCG7w==" + }, + "@svgr/babel-plugin-svg-em-dimensions": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-svg-em-dimensions/-/babel-plugin-svg-em-dimensions-4.2.0.tgz", + "integrity": "sha512-C0Uy+BHolCHGOZ8Dnr1zXy/KgpBOkEUYY9kI/HseHVPeMbluaX3CijJr7D4C5uR8zrc1T64nnq/k63ydQuGt4w==" + }, + "@svgr/babel-plugin-transform-react-native-svg": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-transform-react-native-svg/-/babel-plugin-transform-react-native-svg-4.2.0.tgz", + "integrity": "sha512-7YvynOpZDpCOUoIVlaaOUU87J4Z6RdD6spYN4eUb5tfPoKGSF9OG2NuhgYnq4jSkAxcpMaXWPf1cePkzmqTPNw==" + }, + "@svgr/babel-plugin-transform-svg-component": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-transform-svg-component/-/babel-plugin-transform-svg-component-4.2.0.tgz", + "integrity": "sha512-hYfYuZhQPCBVotABsXKSCfel2slf/yvJY8heTVX1PCTaq/IgASq1IyxPPKJ0chWREEKewIU/JMSsIGBtK1KKxw==" + }, + "@svgr/babel-preset": { + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/@svgr/babel-preset/-/babel-preset-4.3.3.tgz", + "integrity": "sha512-6PG80tdz4eAlYUN3g5GZiUjg2FMcp+Wn6rtnz5WJG9ITGEF1pmFdzq02597Hn0OmnQuCVaBYQE1OVFAnwOl+0A==", + "requires": { + "@svgr/babel-plugin-add-jsx-attribute": "^4.2.0", + "@svgr/babel-plugin-remove-jsx-attribute": "^4.2.0", + "@svgr/babel-plugin-remove-jsx-empty-expression": "^4.2.0", + "@svgr/babel-plugin-replace-jsx-attribute-value": "^4.2.0", + "@svgr/babel-plugin-svg-dynamic-title": "^4.3.3", + "@svgr/babel-plugin-svg-em-dimensions": "^4.2.0", + "@svgr/babel-plugin-transform-react-native-svg": "^4.2.0", + "@svgr/babel-plugin-transform-svg-component": "^4.2.0" + } + }, + "@svgr/core": { + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/@svgr/core/-/core-4.3.3.tgz", + "integrity": "sha512-qNuGF1QON1626UCaZamWt5yedpgOytvLj5BQZe2j1k1B8DUG4OyugZyfEwBeXozCUwhLEpsrgPrE+eCu4fY17w==", + "requires": { + "@svgr/plugin-jsx": "^4.3.3", + "camelcase": "^5.3.1", + "cosmiconfig": "^5.2.1" + }, + "dependencies": { + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==" + } + } + }, + "@svgr/hast-util-to-babel-ast": { + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/@svgr/hast-util-to-babel-ast/-/hast-util-to-babel-ast-4.3.2.tgz", + "integrity": "sha512-JioXclZGhFIDL3ddn4Kiq8qEqYM2PyDKV0aYno8+IXTLuYt6TOgHUbUAAFvqtb0Xn37NwP0BTHglejFoYr8RZg==", + "requires": { + "@babel/types": "^7.4.4" + } + }, + "@svgr/plugin-jsx": { + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/@svgr/plugin-jsx/-/plugin-jsx-4.3.3.tgz", + "integrity": "sha512-cLOCSpNWQnDB1/v+SUENHH7a0XY09bfuMKdq9+gYvtuwzC2rU4I0wKGFEp1i24holdQdwodCtDQdFtJiTCWc+w==", + "requires": { + "@babel/core": "^7.4.5", + "@svgr/babel-preset": "^4.3.3", + "@svgr/hast-util-to-babel-ast": "^4.3.2", + "svg-parser": "^2.0.0" + } + }, + "@svgr/plugin-svgo": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/@svgr/plugin-svgo/-/plugin-svgo-4.3.1.tgz", + "integrity": "sha512-PrMtEDUWjX3Ea65JsVCwTIXuSqa3CG9px+DluF1/eo9mlDrgrtFE7NE/DjdhjJgSM9wenlVBzkzneSIUgfUI/w==", + "requires": { + "cosmiconfig": "^5.2.1", + "merge-deep": "^3.0.2", + "svgo": "^1.2.2" + } + }, + "@svgr/webpack": { + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/@svgr/webpack/-/webpack-4.3.3.tgz", + "integrity": "sha512-bjnWolZ6KVsHhgyCoYRFmbd26p8XVbulCzSG53BDQqAr+JOAderYK7CuYrB3bDjHJuF6LJ7Wrr42+goLRV9qIg==", + "requires": { + "@babel/core": "^7.4.5", + "@babel/plugin-transform-react-constant-elements": "^7.0.0", + "@babel/preset-env": "^7.4.5", + "@babel/preset-react": "^7.0.0", + "@svgr/core": "^4.3.3", + "@svgr/plugin-jsx": "^4.3.3", + "@svgr/plugin-svgo": "^4.3.1", + "loader-utils": "^1.2.3" + } + }, + "@types/babel__core": { + "version": "7.1.9", + "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.9.tgz", + "integrity": "sha512-sY2RsIJ5rpER1u3/aQ8OFSI7qGIy8o1NEEbgb2UaJcvOtXOMpd39ko723NBpjQFg9SIX7TXtjejZVGeIMLhoOw==", + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0", + "@types/babel__generator": "*", + "@types/babel__template": "*", + "@types/babel__traverse": "*" + } + }, + "@types/babel__generator": { + "version": "7.6.1", + "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.1.tgz", + "integrity": "sha512-bBKm+2VPJcMRVwNhxKu8W+5/zT7pwNEqeokFOmbvVSqGzFneNxYcEBro9Ac7/N9tlsaPYnZLK8J1LWKkMsLAew==", + "requires": { + "@babel/types": "^7.0.0" + } + }, + "@types/babel__template": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.0.2.tgz", + "integrity": "sha512-/K6zCpeW7Imzgab2bLkLEbz0+1JlFSrUMdw7KoIIu+IUdu51GWaBZpd3y1VXGVXzynvGa4DaIaxNZHiON3GXUg==", + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0" + } + }, + "@types/babel__traverse": { + "version": "7.0.13", + "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.0.13.tgz", + "integrity": "sha512-i+zS7t6/s9cdQvbqKDARrcbrPvtJGlbYsMkazo03nTAK3RX9FNrLllXys22uiTGJapPOTZTQ35nHh4ISph4SLQ==", + "requires": { + "@babel/types": "^7.3.0" + } + }, + "@types/color-name": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@types/color-name/-/color-name-1.1.1.tgz", + "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==" + }, + "@types/eslint-visitor-keys": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@types/eslint-visitor-keys/-/eslint-visitor-keys-1.0.0.tgz", + "integrity": "sha512-OCutwjDZ4aFS6PB1UZ988C4YgwlBHJd6wCeQqaLdmadZ/7e+w79+hbMUFC1QXDNCmdyoRfAFdm0RypzwR+Qpag==" + }, + "@types/glob": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/@types/glob/-/glob-7.1.3.tgz", + "integrity": "sha512-SEYeGAIQIQX8NN6LDKprLjbrd5dARM5EXsd8GI/A5l0apYI1fGMWgPHSe4ZKL4eozlAyI+doUE9XbYS4xCkQ1w==", + "requires": { + "@types/minimatch": "*", + "@types/node": "*" + } + }, + "@types/istanbul-lib-coverage": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz", + "integrity": "sha512-sz7iLqvVUg1gIedBOvlkxPlc8/uVzyS5OwGz1cKjXzkl3FpL3al0crU8YGU1WoHkxn0Wxbw5tyi6hvzJKNzFsw==" + }, + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "requires": { + "@types/istanbul-lib-coverage": "*" + } + }, + "@types/istanbul-reports": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-1.1.2.tgz", + "integrity": "sha512-P/W9yOX/3oPZSpaYOCQzGqgCQRXn0FFO/V8bWrCQs+wLmvVVxk6CRBXALEvNs9OHIatlnlFokfhuDo2ug01ciw==", + "requires": { + "@types/istanbul-lib-coverage": "*", + "@types/istanbul-lib-report": "*" + } + }, + "@types/json-schema": { + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.5.tgz", + "integrity": "sha512-7+2BITlgjgDhH0vvwZU/HZJVyk+2XUlvxXe8dFMedNX/aMkaOq++rMAFXc0tM7ij15QaWlbdQASBR9dihi+bDQ==" + }, + "@types/minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/@types/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-1z8k4wzFnNjVK/tlxvrWuK5WMt6mydWWP7+zvH5eFep4oj+UkrfiJTRtjCeBXNpwaA/FYqqtb4/QS4ianFpIRA==" + }, + "@types/node": { + "version": "14.14.37", + "resolved": "https://registry.npmjs.org/@types/node/-/node-14.14.37.tgz", + "integrity": "sha512-XYmBiy+ohOR4Lh5jE379fV2IU+6Jn4g5qASinhitfyO71b/sCo6MKsMLF5tc7Zf2CE8hViVQyYSobJNke8OvUw==" + }, + "@types/parse-json": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@types/parse-json/-/parse-json-4.0.0.tgz", + "integrity": "sha512-//oorEZjL6sbPcKUaCdIGlIUeH26mgzimjBB77G6XRgnDl/L5wOnpyBGRe/Mmf5CVW3PwEBE1NjiMZ/ssFh4wA==" + }, + "@types/q": { + "version": "1.5.4", + "resolved": "https://registry.npmjs.org/@types/q/-/q-1.5.4.tgz", + "integrity": "sha512-1HcDas8SEj4z1Wc696tH56G8OlRaH/sqZOynNNB+HF0WOeXPaxTtbYzJY2oEfiUxjSKjhCKr+MvR7dCHcEelug==" + }, + "@types/stack-utils": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-1.0.1.tgz", + "integrity": "sha512-l42BggppR6zLmpfU6fq9HEa2oGPEI8yrSPL3GITjfRInppYFahObbIQOQK3UGxEnyQpltZLaPe75046NOZQikw==" + }, + "@types/yargs": { + "version": "13.0.9", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-13.0.9.tgz", + "integrity": "sha512-xrvhZ4DZewMDhoH1utLtOAwYQy60eYFoXeje30TzM3VOvQlBwQaEpKFq5m34k1wOw2AKIi2pwtiAjdmhvlBUzg==", + "requires": { + "@types/yargs-parser": "*" + } + }, + "@types/yargs-parser": { + "version": "15.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-15.0.0.tgz", + "integrity": "sha512-FA/BWv8t8ZWJ+gEOnLLd8ygxH/2UFbAvgEonyfN6yWGLKc7zVjbpl2Y4CTjid9h2RfgPP6SEt6uHwEOply00yw==" + }, + "@typescript-eslint/eslint-plugin": { + "version": "2.34.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-2.34.0.tgz", + "integrity": "sha512-4zY3Z88rEE99+CNvTbXSyovv2z9PNOVffTWD2W8QF5s2prBQtwN2zadqERcrHpcR7O/+KMI3fcTAmUUhK/iQcQ==", + "requires": { + "@typescript-eslint/experimental-utils": "2.34.0", + "functional-red-black-tree": "^1.0.1", + "regexpp": "^3.0.0", + "tsutils": "^3.17.1" + } + }, + "@typescript-eslint/experimental-utils": { + "version": "2.34.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-2.34.0.tgz", + "integrity": "sha512-eS6FTkq+wuMJ+sgtuNTtcqavWXqsflWcfBnlYhg/nS4aZ1leewkXGbvBhaapn1q6qf4M71bsR1tez5JTRMuqwA==", + "requires": { + "@types/json-schema": "^7.0.3", + "@typescript-eslint/typescript-estree": "2.34.0", + "eslint-scope": "^5.0.0", + "eslint-utils": "^2.0.0" + } + }, + "@typescript-eslint/parser": { + "version": "2.34.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-2.34.0.tgz", + "integrity": "sha512-03ilO0ucSD0EPTw2X4PntSIRFtDPWjrVq7C3/Z3VQHRC7+13YB55rcJI3Jt+YgeHbjUdJPcPa7b23rXCBokuyA==", + "requires": { + "@types/eslint-visitor-keys": "^1.0.0", + "@typescript-eslint/experimental-utils": "2.34.0", + "@typescript-eslint/typescript-estree": "2.34.0", + "eslint-visitor-keys": "^1.1.0" + } + }, + "@typescript-eslint/typescript-estree": { + "version": "2.34.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-2.34.0.tgz", + "integrity": "sha512-OMAr+nJWKdlVM9LOqCqh3pQQPwxHAN7Du8DR6dmwCrAmxtiXQnhHJ6tBNtf+cggqfo51SG/FCwnKhXCIM7hnVg==", + "requires": { + "debug": "^4.1.1", + "eslint-visitor-keys": "^1.1.0", + "glob": "^7.1.6", + "is-glob": "^4.0.1", + "lodash": "^4.17.15", + "semver": "^7.3.2", + "tsutils": "^3.17.1" + }, + "dependencies": { + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "requires": { + "ms": "^2.1.1" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "semver": { + "version": "7.3.2", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.2.tgz", + "integrity": "sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ==" + } + } + }, + "@webassemblyjs/ast": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/ast/-/ast-1.8.5.tgz", + "integrity": "sha512-aJMfngIZ65+t71C3y2nBBg5FFG0Okt9m0XEgWZ7Ywgn1oMAT8cNwx00Uv1cQyHtidq0Xn94R4TAywO+LCQ+ZAQ==", + "requires": { + "@webassemblyjs/helper-module-context": "1.8.5", + "@webassemblyjs/helper-wasm-bytecode": "1.8.5", + "@webassemblyjs/wast-parser": "1.8.5" + } + }, + "@webassemblyjs/floating-point-hex-parser": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/floating-point-hex-parser/-/floating-point-hex-parser-1.8.5.tgz", + "integrity": "sha512-9p+79WHru1oqBh9ewP9zW95E3XAo+90oth7S5Re3eQnECGq59ly1Ri5tsIipKGpiStHsUYmY3zMLqtk3gTcOtQ==" + }, + "@webassemblyjs/helper-api-error": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-api-error/-/helper-api-error-1.8.5.tgz", + "integrity": "sha512-Za/tnzsvnqdaSPOUXHyKJ2XI7PDX64kWtURyGiJJZKVEdFOsdKUCPTNEVFZq3zJ2R0G5wc2PZ5gvdTRFgm81zA==" + }, + "@webassemblyjs/helper-buffer": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-buffer/-/helper-buffer-1.8.5.tgz", + "integrity": "sha512-Ri2R8nOS0U6G49Q86goFIPNgjyl6+oE1abW1pS84BuhP1Qcr5JqMwRFT3Ah3ADDDYGEgGs1iyb1DGX+kAi/c/Q==" + }, + "@webassemblyjs/helper-code-frame": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-code-frame/-/helper-code-frame-1.8.5.tgz", + "integrity": "sha512-VQAadSubZIhNpH46IR3yWO4kZZjMxN1opDrzePLdVKAZ+DFjkGD/rf4v1jap744uPVU6yjL/smZbRIIJTOUnKQ==", + "requires": { + "@webassemblyjs/wast-printer": "1.8.5" + } + }, + "@webassemblyjs/helper-fsm": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-fsm/-/helper-fsm-1.8.5.tgz", + "integrity": "sha512-kRuX/saORcg8se/ft6Q2UbRpZwP4y7YrWsLXPbbmtepKr22i8Z4O3V5QE9DbZK908dh5Xya4Un57SDIKwB9eow==" + }, + "@webassemblyjs/helper-module-context": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-module-context/-/helper-module-context-1.8.5.tgz", + "integrity": "sha512-/O1B236mN7UNEU4t9X7Pj38i4VoU8CcMHyy3l2cV/kIF4U5KoHXDVqcDuOs1ltkac90IM4vZdHc52t1x8Yfs3g==", + "requires": { + "@webassemblyjs/ast": "1.8.5", + "mamacro": "^0.0.3" + } + }, + "@webassemblyjs/helper-wasm-bytecode": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-wasm-bytecode/-/helper-wasm-bytecode-1.8.5.tgz", + "integrity": "sha512-Cu4YMYG3Ddl72CbmpjU/wbP6SACcOPVbHN1dI4VJNJVgFwaKf1ppeFJrwydOG3NDHxVGuCfPlLZNyEdIYlQ6QQ==" + }, + "@webassemblyjs/helper-wasm-section": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.8.5.tgz", + "integrity": "sha512-VV083zwR+VTrIWWtgIUpqfvVdK4ff38loRmrdDBgBT8ADXYsEZ5mPQ4Nde90N3UYatHdYoDIFb7oHzMncI02tA==", + "requires": { + "@webassemblyjs/ast": "1.8.5", + "@webassemblyjs/helper-buffer": "1.8.5", + "@webassemblyjs/helper-wasm-bytecode": "1.8.5", + "@webassemblyjs/wasm-gen": "1.8.5" + } + }, + "@webassemblyjs/ieee754": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/ieee754/-/ieee754-1.8.5.tgz", + "integrity": "sha512-aaCvQYrvKbY/n6wKHb/ylAJr27GglahUO89CcGXMItrOBqRarUMxWLJgxm9PJNuKULwN5n1csT9bYoMeZOGF3g==", + "requires": { + "@xtuc/ieee754": "^1.2.0" + } + }, + "@webassemblyjs/leb128": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/leb128/-/leb128-1.8.5.tgz", + "integrity": "sha512-plYUuUwleLIziknvlP8VpTgO4kqNaH57Y3JnNa6DLpu/sGcP6hbVdfdX5aHAV716pQBKrfuU26BJK29qY37J7A==", + "requires": { + "@xtuc/long": "4.2.2" + } + }, + "@webassemblyjs/utf8": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/utf8/-/utf8-1.8.5.tgz", + "integrity": "sha512-U7zgftmQriw37tfD934UNInokz6yTmn29inT2cAetAsaU9YeVCveWEwhKL1Mg4yS7q//NGdzy79nlXh3bT8Kjw==" + }, + "@webassemblyjs/wasm-edit": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-edit/-/wasm-edit-1.8.5.tgz", + "integrity": "sha512-A41EMy8MWw5yvqj7MQzkDjU29K7UJq1VrX2vWLzfpRHt3ISftOXqrtojn7nlPsZ9Ijhp5NwuODuycSvfAO/26Q==", + "requires": { + "@webassemblyjs/ast": "1.8.5", + "@webassemblyjs/helper-buffer": "1.8.5", + "@webassemblyjs/helper-wasm-bytecode": "1.8.5", + "@webassemblyjs/helper-wasm-section": "1.8.5", + "@webassemblyjs/wasm-gen": "1.8.5", + "@webassemblyjs/wasm-opt": "1.8.5", + "@webassemblyjs/wasm-parser": "1.8.5", + "@webassemblyjs/wast-printer": "1.8.5" + } + }, + "@webassemblyjs/wasm-gen": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-gen/-/wasm-gen-1.8.5.tgz", + "integrity": "sha512-BCZBT0LURC0CXDzj5FXSc2FPTsxwp3nWcqXQdOZE4U7h7i8FqtFK5Egia6f9raQLpEKT1VL7zr4r3+QX6zArWg==", + "requires": { + "@webassemblyjs/ast": "1.8.5", + "@webassemblyjs/helper-wasm-bytecode": "1.8.5", + "@webassemblyjs/ieee754": "1.8.5", + "@webassemblyjs/leb128": "1.8.5", + "@webassemblyjs/utf8": "1.8.5" + } + }, + "@webassemblyjs/wasm-opt": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-opt/-/wasm-opt-1.8.5.tgz", + "integrity": "sha512-HKo2mO/Uh9A6ojzu7cjslGaHaUU14LdLbGEKqTR7PBKwT6LdPtLLh9fPY33rmr5wcOMrsWDbbdCHq4hQUdd37Q==", + "requires": { + "@webassemblyjs/ast": "1.8.5", + "@webassemblyjs/helper-buffer": "1.8.5", + "@webassemblyjs/wasm-gen": "1.8.5", + "@webassemblyjs/wasm-parser": "1.8.5" + } + }, + "@webassemblyjs/wasm-parser": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-parser/-/wasm-parser-1.8.5.tgz", + "integrity": "sha512-pi0SYE9T6tfcMkthwcgCpL0cM9nRYr6/6fjgDtL6q/ZqKHdMWvxitRi5JcZ7RI4SNJJYnYNaWy5UUrHQy998lw==", + "requires": { + "@webassemblyjs/ast": "1.8.5", + "@webassemblyjs/helper-api-error": "1.8.5", + "@webassemblyjs/helper-wasm-bytecode": "1.8.5", + "@webassemblyjs/ieee754": "1.8.5", + "@webassemblyjs/leb128": "1.8.5", + "@webassemblyjs/utf8": "1.8.5" + } + }, + "@webassemblyjs/wast-parser": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/wast-parser/-/wast-parser-1.8.5.tgz", + "integrity": "sha512-daXC1FyKWHF1i11obK086QRlsMsY4+tIOKgBqI1lxAnkp9xe9YMcgOxm9kLe+ttjs5aWV2KKE1TWJCN57/Btsg==", + "requires": { + "@webassemblyjs/ast": "1.8.5", + "@webassemblyjs/floating-point-hex-parser": "1.8.5", + "@webassemblyjs/helper-api-error": "1.8.5", + "@webassemblyjs/helper-code-frame": "1.8.5", + "@webassemblyjs/helper-fsm": "1.8.5", + "@xtuc/long": "4.2.2" + } + }, + "@webassemblyjs/wast-printer": { + "version": "1.8.5", + "resolved": "https://registry.npmjs.org/@webassemblyjs/wast-printer/-/wast-printer-1.8.5.tgz", + "integrity": "sha512-w0U0pD4EhlnvRyeJzBqaVSJAo9w/ce7/WPogeXLzGkO6hzhr4GnQIZ4W4uUt5b9ooAaXPtnXlj0gzsXEOUNYMg==", + "requires": { + "@webassemblyjs/ast": "1.8.5", + "@webassemblyjs/wast-parser": "1.8.5", + "@xtuc/long": "4.2.2" + } + }, + "@xtuc/ieee754": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@xtuc/ieee754/-/ieee754-1.2.0.tgz", + "integrity": "sha512-DX8nKgqcGwsc0eJSqYt5lwP4DH5FlHnmuWWBRy7X0NcaGR0ZtuyeESgMwTYVEtxmsNGY+qit4QYT/MIYTOTPeA==" + }, + "@xtuc/long": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/@xtuc/long/-/long-4.2.2.tgz", + "integrity": "sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ==" + }, + "abab": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.4.tgz", + "integrity": "sha512-Eu9ELJWCz/c1e9gTiCY+FceWxcqzjYEbqMgtndnuSqZSUCOL73TWNK2mHfIj4Cw2E/ongOp+JISVNCmovt2KYQ==" + }, + "abbrev": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", + "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==" + }, + "accepts": { + "version": "1.3.7", + "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.7.tgz", + "integrity": "sha512-Il80Qs2WjYlJIBNzNkK6KYqlVMTbZLXgHx2oT0pU/fjRHyEp+PEfEPY0R3WCwAGVOtauxh1hOxNgIf5bv7dQpA==", + "requires": { + "mime-types": "~2.1.24", + "negotiator": "0.6.2" + } + }, + "acorn": { + "version": "7.4.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.0.tgz", + "integrity": "sha512-+G7P8jJmCHr+S+cLfQxygbWhXy+8YTVGzAkpEbcLo2mLoL7tij/VG41QSHACSf5QgYRhMZYHuNc6drJaO0Da+w==" + }, + "acorn-globals": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-4.3.4.tgz", + "integrity": "sha512-clfQEh21R+D0leSbUdWf3OcfqyaCSAQ8Ryq00bofSekfr9W8u1jyYZo6ir0xu9Gtcf7BjcHJpnbZH7JOCpP60A==", + "requires": { + "acorn": "^6.0.1", + "acorn-walk": "^6.0.1" + }, + "dependencies": { + "acorn": { + "version": "6.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", + "integrity": "sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==" + } + } + }, + "acorn-jsx": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.2.0.tgz", + "integrity": "sha512-HiUX/+K2YpkpJ+SzBffkM/AQ2YE03S0U1kjTLVpoJdhZMOWy8qvXVN9JdLqv2QsaQ6MPYQIuNmwD8zOiYUofLQ==" + }, + "acorn-walk": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-6.2.0.tgz", + "integrity": "sha512-7evsyfH1cLOCdAzZAd43Cic04yKydNx0cF+7tiA19p1XnLLPU4dpCQOqpjqwokFe//vS0QqfqqjCS2JkiIs0cA==" + }, + "address": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/address/-/address-1.1.2.tgz", + "integrity": "sha512-aT6camzM4xEA54YVJYSqxz1kv4IHnQZRtThJJHhUMRExaU5spC7jX5ugSwTaTgJliIgs4VhZOk7htClvQ/LmRA==" + }, + "adjust-sourcemap-loader": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/adjust-sourcemap-loader/-/adjust-sourcemap-loader-3.0.0.tgz", + "integrity": "sha512-YBrGyT2/uVQ/c6Rr+t6ZJXniY03YtHGMJQYal368burRGYKqhx9qGTWqcBU5s1CwYY9E/ri63RYyG1IacMZtqw==", + "requires": { + "loader-utils": "^2.0.0", + "regex-parser": "^2.2.11" + }, + "dependencies": { + "loader-utils": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/loader-utils/-/loader-utils-2.0.0.tgz", + "integrity": "sha512-rP4F0h2RaWSvPEkD7BLDFQnvSf+nK+wr3ESUjNTyAGobqrijmW92zc+SO6d4p4B1wh7+B/Jg1mkQe5NYUEHtHQ==", + "requires": { + "big.js": "^5.2.2", + "emojis-list": "^3.0.0", + "json5": "^2.1.2" + } + } + } + }, + "aggregate-error": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", + "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==", + "requires": { + "clean-stack": "^2.0.0", + "indent-string": "^4.0.0" + }, + "dependencies": { + "indent-string": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==" + } + } + }, + "ajv": { + "version": "6.12.3", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.3.tgz", + "integrity": "sha512-4K0cK3L1hsqk9xIb2z9vs/XU+PGJZ9PNpJRDS9YLzmNdX6jmVPfamLvTJr0aDAusnHyCHO6MjzlkAsgtqp9teA==", + "requires": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, + "ajv-errors": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/ajv-errors/-/ajv-errors-1.0.1.tgz", + "integrity": "sha512-DCRfO/4nQ+89p/RK43i8Ezd41EqdGIU4ld7nGF8OQ14oc/we5rEntLCUa7+jrn3nn83BosfwZA0wb4pon2o8iQ==" + }, + "ajv-keywords": { + "version": "3.5.2", + "resolved": "https://registry.npmjs.org/ajv-keywords/-/ajv-keywords-3.5.2.tgz", + "integrity": "sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==" + }, + "alphanum-sort": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/alphanum-sort/-/alphanum-sort-1.0.2.tgz", + "integrity": "sha1-l6ERlkmyEa0zaR2fn0hqjsn74KM=" + }, + "amdefine": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/amdefine/-/amdefine-1.0.1.tgz", + "integrity": "sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU=" + }, + "ansi-colors": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-3.2.4.tgz", + "integrity": "sha512-hHUXGagefjN2iRrID63xckIvotOXOojhQKWIPUZ4mNUZ9nLZW+7FMNoE1lOkEhNWYsx/7ysGIuJYCiMAA9FnrA==" + }, + "ansi-escapes": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.1.tgz", + "integrity": "sha512-JWF7ocqNrp8u9oqpgV+wH5ftbt+cfvv+PTjOvKLT3AdYly/LmORARfEVT1iyjwN+4MqE5UmVKoAdIBqeoCHgLA==", + "requires": { + "type-fest": "^0.11.0" + }, + "dependencies": { + "type-fest": { + "version": "0.11.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.11.0.tgz", + "integrity": "sha512-OdjXJxnCN1AvyLSzeKIgXTXxV+99ZuXl3Hpo9XpJAv9MBcHrrJOQ5kV7ypXOuQie+AmWG25hLbiKdwYTifzcfQ==" + } + } + }, + "ansi-html": { + "version": "0.0.7", + "resolved": "https://registry.npmjs.org/ansi-html/-/ansi-html-0.0.7.tgz", + "integrity": "sha1-gTWEAhliqenm/QOflA0S9WynhZ4=" + }, + "ansi-regex": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8=" + }, + "ansi-styles": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz", + "integrity": "sha1-tDLdM1i2NM914eRmQ2gkBTPB3b4=" + }, + "anymatch": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-2.0.0.tgz", + "integrity": "sha512-5teOsQWABXHHBFP9y3skS5P3d/WfWXpv3FUpy+LorMrNYaT9pI4oLMQX7jzQ2KklNpGpWHzdCXTDT2Y3XGlZBw==", + "requires": { + "micromatch": "^3.1.4", + "normalize-path": "^2.1.1" + } + }, + "aproba": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/aproba/-/aproba-1.2.0.tgz", + "integrity": "sha512-Y9J6ZjXtoYh8RnXVCMOU/ttDmk1aBjunq9vO0ta5x85WDQiQfUF9sIPBITdbiiIVcBo03Hi3jMxigBtsddlXRw==" + }, + "are-we-there-yet": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-1.1.7.tgz", + "integrity": "sha512-nxwy40TuMiUGqMyRHgCSWZ9FM4VAoRP4xUYSTv5ImRog+h9yISPbVH7H8fASCIzYn9wlEv4zvFL7uKDMCFQm3g==", + "requires": { + "delegates": "^1.0.0", + "readable-stream": "^2.0.6" + } + }, + "argparse": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "requires": { + "sprintf-js": "~1.0.2" + } + }, + "aria-query": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/aria-query/-/aria-query-3.0.0.tgz", + "integrity": "sha1-ZbP8wcoRVajJrmTW7uKX8V1RM8w=", + "requires": { + "ast-types-flow": "0.0.7", + "commander": "^2.11.0" + } + }, + "arity-n": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/arity-n/-/arity-n-1.0.4.tgz", + "integrity": "sha1-2edrEXM+CFacCEeuezmyhgswt0U=" + }, + "arr-diff": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-4.0.0.tgz", + "integrity": "sha1-1kYQdP6/7HHn4VI1dhoyml3HxSA=" + }, + "arr-flatten": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.1.0.tgz", + "integrity": "sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg==" + }, + "arr-union": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz", + "integrity": "sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ=" + }, + "array-equal": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/array-equal/-/array-equal-1.0.0.tgz", + "integrity": "sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM=" + }, + "array-find-index": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/array-find-index/-/array-find-index-1.0.2.tgz", + "integrity": "sha1-3wEKoSh+Fku9pvlyOwqWoexBh6E=" + }, + "array-flatten": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-2.1.2.tgz", + "integrity": "sha512-hNfzcOV8W4NdualtqBFPyVO+54DSJuZGY9qT4pRroB6S9e3iiido2ISIC5h9R2sPJ8H3FHCIiEnsv1lPXO3KtQ==" + }, + "array-includes": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/array-includes/-/array-includes-3.1.1.tgz", + "integrity": "sha512-c2VXaCHl7zPsvpkFsw4nxvFie4fh1ur9bpcgsVkIjqn0H/Xwdg+7fv3n2r/isyS8EBj5b06M9kHyZuIr4El6WQ==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.0", + "is-string": "^1.0.5" + } + }, + "array-union": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/array-union/-/array-union-1.0.2.tgz", + "integrity": "sha1-mjRBDk9OPaI96jdb5b5w8kd47Dk=", + "requires": { + "array-uniq": "^1.0.1" + } + }, + "array-uniq": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/array-uniq/-/array-uniq-1.0.3.tgz", + "integrity": "sha1-r2rId6Jcx/dOBYiUdThY39sk/bY=" + }, + "array-unique": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.3.2.tgz", + "integrity": "sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg=" + }, + "array.prototype.flat": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/array.prototype.flat/-/array.prototype.flat-1.2.3.tgz", + "integrity": "sha512-gBlRZV0VSmfPIeWfuuy56XZMvbVfbEUnOXUvt3F/eUUUSyzlgLxhEX4YAEpxNAogRGehPSnfXyPtYyKAhkzQhQ==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.0-next.1" + } + }, + "arrify": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/arrify/-/arrify-1.0.1.tgz", + "integrity": "sha1-iYUI2iIm84DfkEcoRWhJwVAaSw0=" + }, + "asap": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", + "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" + }, + "asn1": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", + "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", + "requires": { + "safer-buffer": "~2.1.0" + } + }, + "asn1.js": { + "version": "4.10.1", + "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-4.10.1.tgz", + "integrity": "sha512-p32cOF5q0Zqs9uBiONKYLm6BClCoBCM5O9JfeUSlnQLBTxYdTK+pW+nXflm8UkKd2UYlEbYz5qEi0JuZR9ckSw==", + "requires": { + "bn.js": "^4.0.0", + "inherits": "^2.0.1", + "minimalistic-assert": "^1.0.0" + }, + "dependencies": { + "bn.js": { + "version": "4.11.9", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz", + "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==" + } + } + }, + "assert": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/assert/-/assert-1.4.1.tgz", + "integrity": "sha1-mZEtWRg2tab1s0XA8H7vwI/GXZE=", + "requires": { + "util": "0.10.3" + } + }, + "assert-plus": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", + "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" + }, + "assign-symbols": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assign-symbols/-/assign-symbols-1.0.0.tgz", + "integrity": "sha1-WWZ/QfrdTyDMvCu5a41Pf3jsA2c=" + }, + "ast-types-flow": { + "version": "0.0.7", + "resolved": "https://registry.npmjs.org/ast-types-flow/-/ast-types-flow-0.0.7.tgz", + "integrity": "sha1-9wtzXGvKGlycItmCw+Oef+ujva0=" + }, + "astral-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-1.0.0.tgz", + "integrity": "sha512-+Ryf6g3BKoRc7jfp7ad8tM4TtMiaWvbF/1/sQcZPkkS7ag3D5nMBCe2UfOTONtAkaG0tO0ij3C5Lwmf1EiyjHg==" + }, + "async": { + "version": "2.6.3", + "resolved": "https://registry.npmjs.org/async/-/async-2.6.3.tgz", + "integrity": "sha512-zflvls11DCy+dQWzTW2dzuilv8Z5X/pjfmZOWba6TNIVDm+2UDaJmXSOXlasHKfNBs8oo3M0aT50fDEWfKZjXg==", + "requires": { + "lodash": "^4.17.14" + } + }, + "async-each": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/async-each/-/async-each-1.0.3.tgz", + "integrity": "sha512-z/WhQ5FPySLdvREByI2vZiTWwCnF0moMJ1hK9YQwDTHKh6I7/uSckMetoRGb5UBZPC1z0jlw+n/XCgjeH7y1AQ==" + }, + "async-foreach": { + "version": "0.1.3", + "resolved": "https://registry.npmjs.org/async-foreach/-/async-foreach-0.1.3.tgz", + "integrity": "sha1-NhIfhFwFeBct5Bmpfb6x0W7DRUI=" + }, + "async-limiter": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/async-limiter/-/async-limiter-1.0.1.tgz", + "integrity": "sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==" + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" + }, + "atob": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz", + "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==" + }, + "autoprefixer": { + "version": "9.8.6", + "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-9.8.6.tgz", + "integrity": "sha512-XrvP4VVHdRBCdX1S3WXVD8+RyG9qeb1D5Sn1DeLiG2xfSpzellk5k54xbUERJ3M5DggQxes39UGOTP8CFrEGbg==", + "requires": { + "browserslist": "^4.12.0", + "caniuse-lite": "^1.0.30001109", + "colorette": "^1.2.1", + "normalize-range": "^0.1.2", + "num2fraction": "^1.2.2", + "postcss": "^7.0.32", + "postcss-value-parser": "^4.1.0" + } + }, + "aws-sign2": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", + "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" + }, + "aws4": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.10.0.tgz", + "integrity": "sha512-3YDiu347mtVtjpyV3u5kVqQLP242c06zwDOgpeRnybmXlYYsLbtTrUBUm8i8srONt+FWobl5aibnU1030PeeuA==" + }, + "axios": { + "version": "0.21.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", + "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "requires": { + "follow-redirects": "^1.14.0" + }, + "dependencies": { + "follow-redirects": { + "version": "1.14.3", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.3.tgz", + "integrity": "sha512-3MkHxknWMUtb23apkgz/83fDoe+y+qr0TdgacGIA7bew+QLBo3vdgEN2xEsuXNivpFy4CyDhBBZnNZOtalmenw==" + } + } + }, + "axobject-query": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/axobject-query/-/axobject-query-2.2.0.tgz", + "integrity": "sha512-Td525n+iPOOyUQIeBfcASuG6uJsDOITl7Mds5gFyerkWiX7qhUTdYUBlSgNMyVqtSJqwpt1kXGLdUt6SykLMRA==" + }, + "babel-code-frame": { + "version": "6.26.0", + "resolved": "https://registry.npmjs.org/babel-code-frame/-/babel-code-frame-6.26.0.tgz", + "integrity": "sha1-Y/1D99weO7fONZR9uP42mj9Yx0s=", + "requires": { + "chalk": "^1.1.3", + "esutils": "^2.0.2", + "js-tokens": "^3.0.2" + }, + "dependencies": { + "js-tokens": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-3.0.2.tgz", + "integrity": "sha1-mGbfOVECEw449/mWvOtlRDIJwls=" + } + } + }, + "babel-eslint": { + "version": "10.1.0", + "resolved": "https://registry.npmjs.org/babel-eslint/-/babel-eslint-10.1.0.tgz", + "integrity": "sha512-ifWaTHQ0ce+448CYop8AdrQiBsGrnC+bMgfyKFdi6EsPLTAWG+QfyDeM6OH+FmWnKvEq5NnBMLvlBUPKQZoDSg==", + "requires": { + "@babel/code-frame": "^7.0.0", + "@babel/parser": "^7.7.0", + "@babel/traverse": "^7.7.0", + "@babel/types": "^7.7.0", + "eslint-visitor-keys": "^1.0.0", + "resolve": "^1.12.0" + } + }, + "babel-extract-comments": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/babel-extract-comments/-/babel-extract-comments-1.0.0.tgz", + "integrity": "sha512-qWWzi4TlddohA91bFwgt6zO/J0X+io7Qp184Fw0m2JYRSTZnJbFR8+07KmzudHCZgOiKRCrjhylwv9Xd8gfhVQ==", + "requires": { + "babylon": "^6.18.0" + } + }, + "babel-jest": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-24.9.0.tgz", + "integrity": "sha512-ntuddfyiN+EhMw58PTNL1ph4C9rECiQXjI4nMMBKBaNjXvqLdkXpPRcMSr4iyBrJg/+wz9brFUD6RhOAT6r4Iw==", + "requires": { + "@jest/transform": "^24.9.0", + "@jest/types": "^24.9.0", + "@types/babel__core": "^7.1.0", + "babel-plugin-istanbul": "^5.1.0", + "babel-preset-jest": "^24.9.0", + "chalk": "^2.4.2", + "slash": "^2.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "babel-loader": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/babel-loader/-/babel-loader-8.1.0.tgz", + "integrity": "sha512-7q7nC1tYOrqvUrN3LQK4GwSk/TQorZSOlO9C+RZDZpODgyN4ZlCqE5q9cDsyWOliN+aU9B4JX01xK9eJXowJLw==", + "requires": { + "find-cache-dir": "^2.1.0", + "loader-utils": "^1.4.0", + "mkdirp": "^0.5.3", + "pify": "^4.0.1", + "schema-utils": "^2.6.5" + }, + "dependencies": { + "pify": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pify/-/pify-4.0.1.tgz", + "integrity": "sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==" + } + } + }, + "babel-plugin-dynamic-import-node": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/babel-plugin-dynamic-import-node/-/babel-plugin-dynamic-import-node-2.3.3.tgz", + "integrity": "sha512-jZVI+s9Zg3IqA/kdi0i6UDCybUI3aSBLnglhYbSSjKlV7yF1F/5LWv8MakQmvYpnbJDS6fcBL2KzHSxNCMtWSQ==", + "requires": { + "object.assign": "^4.1.0" + } + }, + "babel-plugin-istanbul": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-5.2.0.tgz", + "integrity": "sha512-5LphC0USA8t4i1zCtjbbNb6jJj/9+X6P37Qfirc/70EQ34xKlMW+a1RHGwxGI+SwWpNwZ27HqvzAobeqaXwiZw==", + "requires": { + "@babel/helper-plugin-utils": "^7.0.0", + "find-up": "^3.0.0", + "istanbul-lib-instrument": "^3.3.0", + "test-exclude": "^5.2.3" + }, + "dependencies": { + "find-up": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-3.0.0.tgz", + "integrity": "sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==", + "requires": { + "locate-path": "^3.0.0" + } + } + } + }, + "babel-plugin-jest-hoist": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-24.9.0.tgz", + "integrity": "sha512-2EMA2P8Vp7lG0RAzr4HXqtYwacfMErOuv1U3wrvxHX6rD1sV6xS3WXG3r8TRQ2r6w8OhvSdWt+z41hQNwNm3Xw==", + "requires": { + "@types/babel__traverse": "^7.0.6" + } + }, + "babel-plugin-macros": { + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/babel-plugin-macros/-/babel-plugin-macros-2.8.0.tgz", + "integrity": "sha512-SEP5kJpfGYqYKpBrj5XU3ahw5p5GOHJ0U5ssOSQ/WBVdwkD2Dzlce95exQTs3jOVWPPKLBN2rlEWkCK7dSmLvg==", + "requires": { + "@babel/runtime": "^7.7.2", + "cosmiconfig": "^6.0.0", + "resolve": "^1.12.0" + }, + "dependencies": { + "@babel/runtime": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.11.0.tgz", + "integrity": "sha512-qArkXsjJq7H+T86WrIFV0Fnu/tNOkZ4cgXmjkzAu3b/58D5mFIO8JH/y77t7C9q0OdDRdh9s7Ue5GasYssxtXw==", + "requires": { + "regenerator-runtime": "^0.13.4" + } + }, + "cosmiconfig": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-6.0.0.tgz", + "integrity": "sha512-xb3ZL6+L8b9JLLCx3ZdoZy4+2ECphCMo2PwqgP1tlfVq6M6YReyzBJtvWWtbDSpNr9hn96pkCiZqUcFEc+54Qg==", + "requires": { + "@types/parse-json": "^4.0.0", + "import-fresh": "^3.1.0", + "parse-json": "^5.0.0", + "path-type": "^4.0.0", + "yaml": "^1.7.2" + } + }, + "import-fresh": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.2.1.tgz", + "integrity": "sha512-6e1q1cnWP2RXD9/keSkxHScg508CdXqXWgWBaETNhyuBFz+kUZlKboh+ISK+bU++DmbHimVBrOz/zzPe0sZ3sQ==", + "requires": { + "parent-module": "^1.0.0", + "resolve-from": "^4.0.0" + } + }, + "parse-json": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.0.1.tgz", + "integrity": "sha512-ztoZ4/DYeXQq4E21v169sC8qWINGpcosGv9XhTDvg9/hWvx/zrFkc9BiWxR58OJLHGk28j5BL0SDLeV2WmFZlQ==", + "requires": { + "@babel/code-frame": "^7.0.0", + "error-ex": "^1.3.1", + "json-parse-better-errors": "^1.0.1", + "lines-and-columns": "^1.1.6" + } + }, + "path-type": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", + "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==" + }, + "regenerator-runtime": { + "version": "0.13.7", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.7.tgz", + "integrity": "sha512-a54FxoJDIr27pgf7IgeQGxmqUNYrcV338lf/6gH456HZ/PhX+5BcwHXG9ajESmwe6WRO0tAzRUrRmNONWgkrew==" + }, + "resolve-from": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", + "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==" + } + } + }, + "babel-plugin-named-asset-import": { + "version": "0.3.6", + "resolved": "https://registry.npmjs.org/babel-plugin-named-asset-import/-/babel-plugin-named-asset-import-0.3.6.tgz", + "integrity": "sha512-1aGDUfL1qOOIoqk9QKGIo2lANk+C7ko/fqH0uIyC71x3PEGz0uVP8ISgfEsFuG+FKmjHTvFK/nNM8dowpmUxLA==" + }, + "babel-plugin-syntax-object-rest-spread": { + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/babel-plugin-syntax-object-rest-spread/-/babel-plugin-syntax-object-rest-spread-6.13.0.tgz", + "integrity": "sha1-/WU28rzhODb/o6VFjEkDpZe7O/U=" + }, + "babel-plugin-transform-object-rest-spread": { + "version": "6.26.0", + "resolved": "https://registry.npmjs.org/babel-plugin-transform-object-rest-spread/-/babel-plugin-transform-object-rest-spread-6.26.0.tgz", + "integrity": "sha1-DzZpLVD+9rfi1LOsFHgTepY7ewY=", + "requires": { + "babel-plugin-syntax-object-rest-spread": "^6.8.0", + "babel-runtime": "^6.26.0" + } + }, + "babel-plugin-transform-react-remove-prop-types": { + "version": "0.4.24", + "resolved": "https://registry.npmjs.org/babel-plugin-transform-react-remove-prop-types/-/babel-plugin-transform-react-remove-prop-types-0.4.24.tgz", + "integrity": "sha512-eqj0hVcJUR57/Ug2zE1Yswsw4LhuqqHhD+8v120T1cl3kjg76QwtyBrdIk4WVwK+lAhBJVYCd/v+4nc4y+8JsA==" + }, + "babel-preset-jest": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-24.9.0.tgz", + "integrity": "sha512-izTUuhE4TMfTRPF92fFwD2QfdXaZW08qvWTFCI51V8rW5x00UuPgc3ajRoWofXOuxjfcOM5zzSYsQS3H8KGCAg==", + "requires": { + "@babel/plugin-syntax-object-rest-spread": "^7.0.0", + "babel-plugin-jest-hoist": "^24.9.0" + } + }, + "babel-preset-react-app": { + "version": "9.1.2", + "resolved": "https://registry.npmjs.org/babel-preset-react-app/-/babel-preset-react-app-9.1.2.tgz", + "integrity": "sha512-k58RtQOKH21NyKtzptoAvtAODuAJJs3ZhqBMl456/GnXEQ/0La92pNmwgWoMn5pBTrsvk3YYXdY7zpY4e3UIxA==", + "requires": { + "@babel/core": "7.9.0", + "@babel/plugin-proposal-class-properties": "7.8.3", + "@babel/plugin-proposal-decorators": "7.8.3", + "@babel/plugin-proposal-nullish-coalescing-operator": "7.8.3", + "@babel/plugin-proposal-numeric-separator": "7.8.3", + "@babel/plugin-proposal-optional-chaining": "7.9.0", + "@babel/plugin-transform-flow-strip-types": "7.9.0", + "@babel/plugin-transform-react-display-name": "7.8.3", + "@babel/plugin-transform-runtime": "7.9.0", + "@babel/preset-env": "7.9.0", + "@babel/preset-react": "7.9.1", + "@babel/preset-typescript": "7.9.0", + "@babel/runtime": "7.9.0", + "babel-plugin-macros": "2.8.0", + "babel-plugin-transform-react-remove-prop-types": "0.4.24" + }, + "dependencies": { + "@babel/plugin-proposal-class-properties": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-class-properties/-/plugin-proposal-class-properties-7.8.3.tgz", + "integrity": "sha512-EqFhbo7IosdgPgZggHaNObkmO1kNUe3slaKu54d5OWvy+p9QIKOzK1GAEpAIsZtWVtPXUHSMcT4smvDrCfY4AA==", + "requires": { + "@babel/helper-create-class-features-plugin": "^7.8.3", + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-proposal-nullish-coalescing-operator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-nullish-coalescing-operator/-/plugin-proposal-nullish-coalescing-operator-7.8.3.tgz", + "integrity": "sha512-TS9MlfzXpXKt6YYomudb/KU7nQI6/xnapG6in1uZxoxDghuSMZsPb6D2fyUwNYSAp4l1iR7QtFOjkqcRYcUsfw==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.3", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.0" + } + }, + "@babel/plugin-proposal-numeric-separator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-numeric-separator/-/plugin-proposal-numeric-separator-7.8.3.tgz", + "integrity": "sha512-jWioO1s6R/R+wEHizfaScNsAx+xKgwTLNXSh7tTC4Usj3ItsPEhYkEpU4h+lpnBwq7NBVOJXfO6cRFYcX69JUQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.3", + "@babel/plugin-syntax-numeric-separator": "^7.8.3" + } + }, + "@babel/plugin-proposal-optional-chaining": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-optional-chaining/-/plugin-proposal-optional-chaining-7.9.0.tgz", + "integrity": "sha512-NDn5tu3tcv4W30jNhmc2hyD5c56G6cXx4TesJubhxrJeCvuuMpttxr0OnNCqbZGhFjLrg+NIhxxC+BK5F6yS3w==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.3", + "@babel/plugin-syntax-optional-chaining": "^7.8.0" + } + }, + "@babel/plugin-transform-react-display-name": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-react-display-name/-/plugin-transform-react-display-name-7.8.3.tgz", + "integrity": "sha512-3Jy/PCw8Fe6uBKtEgz3M82ljt+lTg+xJaM4og+eyu83qLT87ZUSckn0wy7r31jflURWLO83TW6Ylf7lyXj3m5A==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/preset-env": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.9.0.tgz", + "integrity": "sha512-712DeRXT6dyKAM/FMbQTV/FvRCms2hPCx+3weRjZ8iQVQWZejWWk1wwG6ViWMyqb/ouBbGOl5b6aCk0+j1NmsQ==", + "requires": { + "@babel/compat-data": "^7.9.0", + "@babel/helper-compilation-targets": "^7.8.7", + "@babel/helper-module-imports": "^7.8.3", + "@babel/helper-plugin-utils": "^7.8.3", + "@babel/plugin-proposal-async-generator-functions": "^7.8.3", + "@babel/plugin-proposal-dynamic-import": "^7.8.3", + "@babel/plugin-proposal-json-strings": "^7.8.3", + "@babel/plugin-proposal-nullish-coalescing-operator": "^7.8.3", + "@babel/plugin-proposal-numeric-separator": "^7.8.3", + "@babel/plugin-proposal-object-rest-spread": "^7.9.0", + "@babel/plugin-proposal-optional-catch-binding": "^7.8.3", + "@babel/plugin-proposal-optional-chaining": "^7.9.0", + "@babel/plugin-proposal-unicode-property-regex": "^7.8.3", + "@babel/plugin-syntax-async-generators": "^7.8.0", + "@babel/plugin-syntax-dynamic-import": "^7.8.0", + "@babel/plugin-syntax-json-strings": "^7.8.0", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.0", + "@babel/plugin-syntax-numeric-separator": "^7.8.0", + "@babel/plugin-syntax-object-rest-spread": "^7.8.0", + "@babel/plugin-syntax-optional-catch-binding": "^7.8.0", + "@babel/plugin-syntax-optional-chaining": "^7.8.0", + "@babel/plugin-syntax-top-level-await": "^7.8.3", + "@babel/plugin-transform-arrow-functions": "^7.8.3", + "@babel/plugin-transform-async-to-generator": "^7.8.3", + "@babel/plugin-transform-block-scoped-functions": "^7.8.3", + "@babel/plugin-transform-block-scoping": "^7.8.3", + "@babel/plugin-transform-classes": "^7.9.0", + "@babel/plugin-transform-computed-properties": "^7.8.3", + "@babel/plugin-transform-destructuring": "^7.8.3", + "@babel/plugin-transform-dotall-regex": "^7.8.3", + "@babel/plugin-transform-duplicate-keys": "^7.8.3", + "@babel/plugin-transform-exponentiation-operator": "^7.8.3", + "@babel/plugin-transform-for-of": "^7.9.0", + "@babel/plugin-transform-function-name": "^7.8.3", + "@babel/plugin-transform-literals": "^7.8.3", + "@babel/plugin-transform-member-expression-literals": "^7.8.3", + "@babel/plugin-transform-modules-amd": "^7.9.0", + "@babel/plugin-transform-modules-commonjs": "^7.9.0", + "@babel/plugin-transform-modules-systemjs": "^7.9.0", + "@babel/plugin-transform-modules-umd": "^7.9.0", + "@babel/plugin-transform-named-capturing-groups-regex": "^7.8.3", + "@babel/plugin-transform-new-target": "^7.8.3", + "@babel/plugin-transform-object-super": "^7.8.3", + "@babel/plugin-transform-parameters": "^7.8.7", + "@babel/plugin-transform-property-literals": "^7.8.3", + "@babel/plugin-transform-regenerator": "^7.8.7", + "@babel/plugin-transform-reserved-words": "^7.8.3", + "@babel/plugin-transform-shorthand-properties": "^7.8.3", + "@babel/plugin-transform-spread": "^7.8.3", + "@babel/plugin-transform-sticky-regex": "^7.8.3", + "@babel/plugin-transform-template-literals": "^7.8.3", + "@babel/plugin-transform-typeof-symbol": "^7.8.4", + "@babel/plugin-transform-unicode-regex": "^7.8.3", + "@babel/preset-modules": "^0.1.3", + "@babel/types": "^7.9.0", + "browserslist": "^4.9.1", + "core-js-compat": "^3.6.2", + "invariant": "^2.2.2", + "levenary": "^1.1.1", + "semver": "^5.5.0" + } + }, + "@babel/preset-react": { + "version": "7.9.1", + "resolved": "https://registry.npmjs.org/@babel/preset-react/-/preset-react-7.9.1.tgz", + "integrity": "sha512-aJBYF23MPj0RNdp/4bHnAP0NVqqZRr9kl0NAOP4nJCex6OYVio59+dnQzsAWFuogdLyeaKA1hmfUIVZkY5J+TQ==", + "requires": { + "@babel/helper-plugin-utils": "^7.8.3", + "@babel/plugin-transform-react-display-name": "^7.8.3", + "@babel/plugin-transform-react-jsx": "^7.9.1", + "@babel/plugin-transform-react-jsx-development": "^7.9.0", + "@babel/plugin-transform-react-jsx-self": "^7.9.0", + "@babel/plugin-transform-react-jsx-source": "^7.9.0" + } + }, + "@babel/runtime": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.9.0.tgz", + "integrity": "sha512-cTIudHnzuWLS56ik4DnRnqqNf8MkdUzV4iFFI1h7Jo9xvrpQROYaAnaSd2mHLQAzzZAPfATynX5ord6YlNYNMA==", + "requires": { + "regenerator-runtime": "^0.13.4" + } + }, + "regenerator-runtime": { + "version": "0.13.7", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.7.tgz", + "integrity": "sha512-a54FxoJDIr27pgf7IgeQGxmqUNYrcV338lf/6gH456HZ/PhX+5BcwHXG9ajESmwe6WRO0tAzRUrRmNONWgkrew==" + } + } + }, + "babel-runtime": { + "version": "6.26.0", + "resolved": "https://registry.npmjs.org/babel-runtime/-/babel-runtime-6.26.0.tgz", + "integrity": "sha1-llxwWGaOgrVde/4E/yM3vItWR/4=", + "requires": { + "core-js": "^2.4.0", + "regenerator-runtime": "^0.11.0" + }, + "dependencies": { + "core-js": { + "version": "2.6.11", + "resolved": "https://registry.npmjs.org/core-js/-/core-js-2.6.11.tgz", + "integrity": "sha512-5wjnpaT/3dV+XB4borEsnAYQchn00XSgTAWKDkEqv+K8KevjbzmofK6hfJ9TZIlpj2N0xQpazy7PiRQiWHqzWg==" + }, + "regenerator-runtime": { + "version": "0.11.1", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.11.1.tgz", + "integrity": "sha512-MguG95oij0fC3QV3URf4V2SDYGJhJnJGqvIIgdECeODCT98wSWDAJ94SSuVpYQUoTcGUIL6L4yNB7j1DFFHSBg==" + } + } + }, + "babylon": { + "version": "6.18.0", + "resolved": "https://registry.npmjs.org/babylon/-/babylon-6.18.0.tgz", + "integrity": "sha512-q/UEjfGJ2Cm3oKV71DJz9d25TPnq5rhBVL2Q4fA5wcC3jcrdn7+SssEybFIxwAvvP+YCsCYNKughoF33GxgycQ==" + }, + "balanced-match": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", + "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=" + }, + "base": { + "version": "0.11.2", + "resolved": "https://registry.npmjs.org/base/-/base-0.11.2.tgz", + "integrity": "sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==", + "requires": { + "cache-base": "^1.0.1", + "class-utils": "^0.3.5", + "component-emitter": "^1.2.1", + "define-property": "^1.0.0", + "isobject": "^3.0.1", + "mixin-deep": "^1.2.0", + "pascalcase": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + }, + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==" + } + } + }, + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "integrity": "sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g==" + }, + "batch": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/batch/-/batch-0.6.1.tgz", + "integrity": "sha1-3DQxT05nkxgJP8dgJyUl+UvyXBY=" + }, + "bcrypt-pbkdf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", + "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", + "requires": { + "tweetnacl": "^0.14.3" + } + }, + "big.js": { + "version": "5.2.2", + "resolved": "https://registry.npmjs.org/big.js/-/big.js-5.2.2.tgz", + "integrity": "sha512-vyL2OymJxmarO8gxMr0mhChsO9QGwhynfuu4+MHTAW6czfq9humCB7rKpUjDd9YUiDPU4mzpyupFSvOClAwbmQ==" + }, + "binary-extensions": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.1.0.tgz", + "integrity": "sha512-1Yj8h9Q+QDF5FzhMs/c9+6UntbD5MkRfRwac8DoEm9ZfUBZ7tZ55YcGVAzEe4bXsdQHEk+s9S5wsOKVdZrw0tQ==" + }, + "bindings": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz", + "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==", + "optional": true, + "requires": { + "file-uri-to-path": "1.0.0" + } + }, + "block-stream": { + "version": "0.0.9", + "resolved": "https://registry.npmjs.org/block-stream/-/block-stream-0.0.9.tgz", + "integrity": "sha1-E+v+d4oDIFz+A3UUgeu0szAMEmo=", + "requires": { + "inherits": "~2.0.0" + } + }, + "bluebird": { + "version": "3.7.2", + "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.7.2.tgz", + "integrity": "sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==" + }, + "bn.js": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.1.2.tgz", + "integrity": "sha512-40rZaf3bUNKTVYu9sIeeEGOg7g14Yvnj9kH7b50EiwX0Q7A6umbvfI5tvHaOERH0XigqKkfLkFQxzb4e6CIXnA==" + }, + "body-parser": { + "version": "1.19.0", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.0.tgz", + "integrity": "sha512-dhEPs72UPbDnAQJ9ZKMNTP6ptJaionhP5cBb541nXPlW60Jepo9RV/a4fX4XWW9CuFNK22krhrj1+rgzifNCsw==", + "requires": { + "bytes": "3.1.0", + "content-type": "~1.0.4", + "debug": "2.6.9", + "depd": "~1.1.2", + "http-errors": "1.7.2", + "iconv-lite": "0.4.24", + "on-finished": "~2.3.0", + "qs": "6.7.0", + "raw-body": "2.4.0", + "type-is": "~1.6.17" + }, + "dependencies": { + "bytes": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz", + "integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg==" + }, + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + }, + "qs": { + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.7.0.tgz", + "integrity": "sha512-VCdBRNFTX1fyE7Nb6FYoURo/SPe62QCaAyzJvUjwRaIsc+NePBEniHlvxFmmX56+HZphIGtV0XeCirBtpDrTyQ==" + } + } + }, + "bonjour": { + "version": "3.5.0", + "resolved": "https://registry.npmjs.org/bonjour/-/bonjour-3.5.0.tgz", + "integrity": "sha1-jokKGD2O6aI5OzhExpGkK897yfU=", + "requires": { + "array-flatten": "^2.1.0", + "deep-equal": "^1.0.1", + "dns-equal": "^1.0.0", + "dns-txt": "^2.0.2", + "multicast-dns": "^6.0.1", + "multicast-dns-service-types": "^1.1.0" + } + }, + "boolbase": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/boolbase/-/boolbase-1.0.0.tgz", + "integrity": "sha1-aN/1++YMUes3cl6p4+0xDcwed24=" + }, + "bootstrap": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.3.1.tgz", + "integrity": "sha512-rXqOmH1VilAt2DyPzluTi2blhk17bO7ef+zLLPlWvG494pDxcM234pJ8wTc/6R40UWizAIIMgxjvxZg5kmsbag==" + }, + "brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "braces": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-2.3.2.tgz", + "integrity": "sha512-aNdbnj9P8PjdXU4ybaWLK2IF3jc/EoDYbC7AazW6to3TRsfXxscC9UXOB5iDiEQrkyIbWp2SLQda4+QAa7nc3w==", + "requires": { + "arr-flatten": "^1.1.0", + "array-unique": "^0.3.2", + "extend-shallow": "^2.0.1", + "fill-range": "^4.0.0", + "isobject": "^3.0.1", + "repeat-element": "^1.1.2", + "snapdragon": "^0.8.1", + "snapdragon-node": "^2.0.1", + "split-string": "^3.0.2", + "to-regex": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "brorand": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/brorand/-/brorand-1.1.0.tgz", + "integrity": "sha1-EsJe/kCkXjwyPrhnWgoM5XsiNx8=" + }, + "browser-process-hrtime": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", + "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==" + }, + "browser-resolve": { + "version": "1.11.3", + "resolved": "https://registry.npmjs.org/browser-resolve/-/browser-resolve-1.11.3.tgz", + "integrity": "sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==", + "requires": { + "resolve": "1.1.7" + }, + "dependencies": { + "resolve": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.1.7.tgz", + "integrity": "sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs=" + } + } + }, + "browserify-aes": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/browserify-aes/-/browserify-aes-1.2.0.tgz", + "integrity": "sha512-+7CHXqGuspUn/Sl5aO7Ea0xWGAtETPXNSAjHo48JfLdPWcMng33Xe4znFvQweqc/uzk5zSOI3H52CYnjCfb5hA==", + "requires": { + "buffer-xor": "^1.0.3", + "cipher-base": "^1.0.0", + "create-hash": "^1.1.0", + "evp_bytestokey": "^1.0.3", + "inherits": "^2.0.1", + "safe-buffer": "^5.0.1" + } + }, + "browserify-cipher": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/browserify-cipher/-/browserify-cipher-1.0.1.tgz", + "integrity": "sha512-sPhkz0ARKbf4rRQt2hTpAHqn47X3llLkUGn+xEJzLjwY8LRs2p0v7ljvI5EyoRO/mexrNunNECisZs+gw2zz1w==", + "requires": { + "browserify-aes": "^1.0.4", + "browserify-des": "^1.0.0", + "evp_bytestokey": "^1.0.0" + } + }, + "browserify-des": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/browserify-des/-/browserify-des-1.0.2.tgz", + "integrity": "sha512-BioO1xf3hFwz4kc6iBhI3ieDFompMhrMlnDFC4/0/vd5MokpuAc3R+LYbwTA9A5Yc9pq9UYPqffKpW2ObuwX5A==", + "requires": { + "cipher-base": "^1.0.1", + "des.js": "^1.0.0", + "inherits": "^2.0.1", + "safe-buffer": "^5.1.2" + } + }, + "browserify-rsa": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.0.1.tgz", + "integrity": "sha1-IeCr+vbyApzy+vsTNWenAdQTVSQ=", + "requires": { + "bn.js": "^4.1.0", + "randombytes": "^2.0.1" + }, + "dependencies": { + "bn.js": { + "version": "4.11.9", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz", + "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==" + } + } + }, + "browserify-sign": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.0.tgz", + "integrity": "sha512-hEZC1KEeYuoHRqhGhTy6gWrpJA3ZDjFWv0DE61643ZnOXAKJb3u7yWcrU0mMc9SwAqK1n7myPGndkp0dFG7NFA==", + "requires": { + "bn.js": "^5.1.1", + "browserify-rsa": "^4.0.1", + "create-hash": "^1.2.0", + "create-hmac": "^1.1.7", + "elliptic": "^6.5.2", + "inherits": "^2.0.4", + "parse-asn1": "^5.1.5", + "readable-stream": "^3.6.0", + "safe-buffer": "^5.2.0" + }, + "dependencies": { + "readable-stream": { + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz", + "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==", + "requires": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + } + }, + "safe-buffer": { + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" + } + } + }, + "browserify-zlib": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/browserify-zlib/-/browserify-zlib-0.2.0.tgz", + "integrity": "sha512-Z942RysHXmJrhqk88FmKBVq/v5tqmSkDz7p54G/MGyjMnCFFnC79XWNbg+Vta8W6Wb2qtSZTSxIGkJrRpCFEiA==", + "requires": { + "pako": "~1.0.5" + } + }, + "browserslist": { + "version": "4.17.0", + "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.17.0.tgz", + "integrity": "sha512-g2BJ2a0nEYvEFQC208q8mVAhfNwpZ5Mu8BwgtCdZKO3qx98HChmeg448fPdUzld8aFmfLgVh7yymqV+q1lJZ5g==", + "requires": { + "caniuse-lite": "^1.0.30001254", + "colorette": "^1.3.0", + "electron-to-chromium": "^1.3.830", + "escalade": "^3.1.1", + "node-releases": "^1.1.75" + }, + "dependencies": { + "caniuse-lite": { + "version": "1.0.30001255", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001255.tgz", + "integrity": "sha512-F+A3N9jTZL882f/fg/WWVnKSu6IOo3ueLz4zwaOPbPYHNmM/ZaDUyzyJwS1mZhX7Ex5jqTyW599Gdelh5PDYLQ==" + }, + "colorette": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/colorette/-/colorette-1.4.0.tgz", + "integrity": "sha512-Y2oEozpomLn7Q3HFP7dpww7AtMJplbM9lGZP6RDfHqmbeRjiwRg4n6VM6j4KLmRke85uWEI7JqF17f3pqdRA0g==" + }, + "electron-to-chromium": { + "version": "1.3.833", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.833.tgz", + "integrity": "sha512-h+9aVaUHjyunLqtCjJF2jrJ73tYcJqo2cCGKtVAXH9WmnBsb8hiChRQ0P1uXjdxR6Wcfxibephy41c1YlZA/pA==" + }, + "escalade": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz", + "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==" + }, + "node-releases": { + "version": "1.1.75", + "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-1.1.75.tgz", + "integrity": "sha512-Qe5OUajvqrqDSy6wrWFmMwfJ0jVgwiw4T3KqmbTcZ62qW0gQkheXYhcFM1+lOVcGUoRxcEcfyvFMAnDgaF1VWw==" + } + } + }, + "bser": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "requires": { + "node-int64": "^0.4.0" + } + }, + "buffer": { + "version": "4.9.2", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-4.9.2.tgz", + "integrity": "sha512-xq+q3SRMOxGivLhBNaUdC64hDTQwejJ+H0T/NB1XMtTVEwNTrfFF3gAxiyW0Bu/xWEGhjVKgUcMhCrUy2+uCWg==", + "requires": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4", + "isarray": "^1.0.0" + } + }, + "buffer-from": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", + "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==" + }, + "buffer-indexof": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/buffer-indexof/-/buffer-indexof-1.1.1.tgz", + "integrity": "sha512-4/rOEg86jivtPTeOUUT61jJO1Ya1TrR/OkqCSZDyq84WJh3LuuiphBYJN+fm5xufIk4XAFcEwte/8WzC8If/1g==" + }, + "buffer-xor": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/buffer-xor/-/buffer-xor-1.0.3.tgz", + "integrity": "sha1-JuYe0UIvtw3ULm42cp7VHYVf6Nk=" + }, + "builtin-status-codes": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz", + "integrity": "sha1-hZgoeOIbmOHGZCXgPQF0eI9Wnug=" + }, + "bytes": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.0.0.tgz", + "integrity": "sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg=" + }, + "cacache": { + "version": "13.0.1", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-13.0.1.tgz", + "integrity": "sha512-5ZvAxd05HDDU+y9BVvcqYu2LLXmPnQ0hW62h32g4xBTgL/MppR4/04NHfj/ycM2y6lmTnbw6HVi+1eN0Psba6w==", + "requires": { + "chownr": "^1.1.2", + "figgy-pudding": "^3.5.1", + "fs-minipass": "^2.0.0", + "glob": "^7.1.4", + "graceful-fs": "^4.2.2", + "infer-owner": "^1.0.4", + "lru-cache": "^5.1.1", + "minipass": "^3.0.0", + "minipass-collect": "^1.0.2", + "minipass-flush": "^1.0.5", + "minipass-pipeline": "^1.2.2", + "mkdirp": "^0.5.1", + "move-concurrently": "^1.0.1", + "p-map": "^3.0.0", + "promise-inflight": "^1.0.1", + "rimraf": "^2.7.1", + "ssri": "^7.0.0", + "unique-filename": "^1.1.1" + }, + "dependencies": { + "lru-cache": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", + "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "requires": { + "yallist": "^3.0.2" + } + }, + "yallist": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", + "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + } + } + }, + "cache-base": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/cache-base/-/cache-base-1.0.1.tgz", + "integrity": "sha512-AKcdTnFSWATd5/GCPRxr2ChwIJ85CeyrEyjRHlKxQ56d4XJMGym0uAiKn0xbLOGOl3+yRpOTi484dVCEc5AUzQ==", + "requires": { + "collection-visit": "^1.0.0", + "component-emitter": "^1.2.1", + "get-value": "^2.0.6", + "has-value": "^1.0.0", + "isobject": "^3.0.1", + "set-value": "^2.0.0", + "to-object-path": "^0.3.0", + "union-value": "^1.0.0", + "unset-value": "^1.0.0" + } + }, + "call-bind": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.2.tgz", + "integrity": "sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==", + "requires": { + "function-bind": "^1.1.1", + "get-intrinsic": "^1.0.2" + } + }, + "call-me-maybe": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/call-me-maybe/-/call-me-maybe-1.0.1.tgz", + "integrity": "sha1-JtII6onje1y95gJQoV8DHBak1ms=" + }, + "caller-callsite": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/caller-callsite/-/caller-callsite-2.0.0.tgz", + "integrity": "sha1-hH4PzgoiN1CpoCfFSzNzGtMVQTQ=", + "requires": { + "callsites": "^2.0.0" + } + }, + "caller-path": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/caller-path/-/caller-path-2.0.0.tgz", + "integrity": "sha1-Ro+DBE42mrIBD6xfBs7uFbsssfQ=", + "requires": { + "caller-callsite": "^2.0.0" + } + }, + "callsites": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-2.0.0.tgz", + "integrity": "sha1-BuuE8A7qQT2oav/vrL/7Ngk7PFA=" + }, + "camel-case": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/camel-case/-/camel-case-4.1.1.tgz", + "integrity": "sha512-7fa2WcG4fYFkclIvEmxBbTvmibwF2/agfEBc6q3lOpVu0A13ltLsA+Hr/8Hp6kp5f+G7hKi6t8lys6XxP+1K6Q==", + "requires": { + "pascal-case": "^3.1.1", + "tslib": "^1.10.0" + } + }, + "camelcase": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.1.tgz", + "integrity": "sha1-fB0W1nmhu+WcoCys7PsBHiAfWh8=" + }, + "camelcase-keys": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/camelcase-keys/-/camelcase-keys-2.1.0.tgz", + "integrity": "sha1-MIvur/3ygRkFHvodkyITyRuPkuc=", + "requires": { + "camelcase": "^2.0.0", + "map-obj": "^1.0.0" + } + }, + "caniuse-api": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/caniuse-api/-/caniuse-api-3.0.0.tgz", + "integrity": "sha512-bsTwuIg/BZZK/vreVTYYbSWoe2F+71P7K5QGEX+pT250DZbfU1MQ5prOKpPR+LL6uWKK3KMwMCAS74QB3Um1uw==", + "requires": { + "browserslist": "^4.0.0", + "caniuse-lite": "^1.0.0", + "lodash.memoize": "^4.1.2", + "lodash.uniq": "^4.5.0" + } + }, + "caniuse-lite": { + "version": "1.0.30001109", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001109.tgz", + "integrity": "sha512-4JIXRodHzdS3HdK8nSgIqXYLExOvG+D2/EenSvcub2Kp3QEADjo2v2oUn5g0n0D+UNwG9BtwKOyGcSq2qvQXvQ==" + }, + "capture-exit": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/capture-exit/-/capture-exit-2.0.0.tgz", + "integrity": "sha512-PiT/hQmTonHhl/HFGN+Lx3JJUznrVYJ3+AQsnthneZbvW7x+f08Tk7yLJTLEOUvBTbduLeeBkxEaYXUOUrRq6g==", + "requires": { + "rsvp": "^4.8.4" + } + }, + "case-sensitive-paths-webpack-plugin": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/case-sensitive-paths-webpack-plugin/-/case-sensitive-paths-webpack-plugin-2.3.0.tgz", + "integrity": "sha512-/4YgnZS8y1UXXmC02xD5rRrBEu6T5ub+mQHLNRj0fzTRbgdBYhsNo2V5EqwgqrExjxsjtF/OpAKAMkKsxbD5XQ==" + }, + "caseless": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", + "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" + }, + "chalk": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", + "integrity": "sha1-qBFcVeSnAv5NFQq9OHKCKn4J/Jg=", + "requires": { + "ansi-styles": "^2.2.1", + "escape-string-regexp": "^1.0.2", + "has-ansi": "^2.0.0", + "strip-ansi": "^3.0.0", + "supports-color": "^2.0.0" + } + }, + "chardet": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz", + "integrity": "sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==" + }, + "chokidar": { + "version": "3.4.1", + "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.4.1.tgz", + "integrity": "sha512-TQTJyr2stihpC4Sya9hs2Xh+O2wf+igjL36Y75xx2WdHuiICcn/XJza46Jwt0eT5hVpQOzo3FpY3cj3RVYLX0g==", + "requires": { + "anymatch": "~3.1.1", + "braces": "~3.0.2", + "fsevents": "~2.1.2", + "glob-parent": "~5.1.0", + "is-binary-path": "~2.1.0", + "is-glob": "~4.0.1", + "normalize-path": "~3.0.0", + "readdirp": "~3.4.0" + }, + "dependencies": { + "anymatch": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.1.tgz", + "integrity": "sha512-mM8522psRCqzV+6LhomX5wgp25YVibjh8Wj23I5RPkPppSVSjyKD2A2mBJmWGa+KN7f2D6LNh9jkBCeyLktzjg==", + "requires": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + } + }, + "braces": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "requires": { + "fill-range": "^7.0.1" + } + }, + "fill-range": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "requires": { + "to-regex-range": "^5.0.1" + } + }, + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==" + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==" + }, + "to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "requires": { + "is-number": "^7.0.0" + } + } + } + }, + "chownr": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==" + }, + "chrome-trace-event": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/chrome-trace-event/-/chrome-trace-event-1.0.2.tgz", + "integrity": "sha512-9e/zx1jw7B4CO+c/RXoCsfg/x1AfUBioy4owYH0bJprEYAx5hRFLRhWBqHAG57D0ZM4H7vxbP7bPe0VwhQRYDQ==", + "requires": { + "tslib": "^1.9.0" + } + }, + "ci-info": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", + "integrity": "sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==" + }, + "cipher-base": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/cipher-base/-/cipher-base-1.0.4.tgz", + "integrity": "sha512-Kkht5ye6ZGmwv40uUDZztayT2ThLQGfnj/T71N/XzeZeo3nf8foyW7zGTsPYkEya3m5f3cAypH+qe7YOrM1U2Q==", + "requires": { + "inherits": "^2.0.1", + "safe-buffer": "^5.0.1" + } + }, + "class-utils": { + "version": "0.3.6", + "resolved": "https://registry.npmjs.org/class-utils/-/class-utils-0.3.6.tgz", + "integrity": "sha512-qOhPa/Fj7s6TY8H8esGu5QNpMMQxz79h+urzrNYN6mn+9BnxlDGf5QZ+XeCDsxSjPqsSR56XOZOJmpeurnLMeg==", + "requires": { + "arr-union": "^3.1.0", + "define-property": "^0.2.5", + "isobject": "^3.0.0", + "static-extend": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "classname": { + "version": "0.0.0", + "resolved": "https://registry.npmjs.org/classname/-/classname-0.0.0.tgz", + "integrity": "sha1-Q9FxtITjVMeik6W3gATfaFLbINY=" + }, + "classnames": { + "version": "2.2.6", + "resolved": "https://registry.npmjs.org/classnames/-/classnames-2.2.6.tgz", + "integrity": "sha512-JR/iSQOSt+LQIWwrwEzJ9uk0xfN3mTVYMwt1Ir5mUcSN6pU+V4zQFFaJsclJbPuAUQH+yfWef6tm7l1quW3C8Q==" + }, + "clean-css": { + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/clean-css/-/clean-css-4.2.3.tgz", + "integrity": "sha512-VcMWDN54ZN/DS+g58HYL5/n4Zrqe8vHJpGA8KdgUXFU4fuP/aHNw8eld9SyEIyabIMJX/0RaY/fplOo5hYLSFA==", + "requires": { + "source-map": "~0.6.0" + }, + "dependencies": { + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } + } + }, + "clean-stack": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz", + "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==" + }, + "cli-cursor": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz", + "integrity": "sha512-I/zHAwsKf9FqGoXM4WWRACob9+SNukZTd94DWF57E4toouRulbCxcUh6RKUEOQlYTHJnzkPMySvPNaaSLNfLZw==", + "requires": { + "restore-cursor": "^3.1.0" + } + }, + "cli-width": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/cli-width/-/cli-width-3.0.0.tgz", + "integrity": "sha512-FxqpkPPwu1HjuN93Omfm4h8uIanXofW0RxVEW3k5RKx+mJJYSthzNhp32Kzxxy3YAEZ/Dc/EWN1vZRY0+kOhbw==" + }, + "cliui": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-5.0.0.tgz", + "integrity": "sha512-PYeGSEmmHM6zvoef2w8TPzlrnNpXIjTipYK780YswmIP9vjxmd6Y2a3CB2Ks6/AU8NHjZugXvo8w3oWM2qnwXA==", + "requires": { + "string-width": "^3.1.0", + "strip-ansi": "^5.2.0", + "wrap-ansi": "^5.1.0" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" + }, + "is-fullwidth-code-point": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", + "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=" + }, + "string-width": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz", + "integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==", + "requires": { + "emoji-regex": "^7.0.1", + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^5.1.0" + } + }, + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "requires": { + "ansi-regex": "^4.1.0" + } + } + } + }, + "clone-deep": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/clone-deep/-/clone-deep-0.2.4.tgz", + "integrity": "sha1-TnPdCen7lxzDhnDF3O2cGJZIHMY=", + "requires": { + "for-own": "^0.1.3", + "is-plain-object": "^2.0.1", + "kind-of": "^3.0.2", + "lazy-cache": "^1.0.3", + "shallow-clone": "^0.1.2" + } + }, + "co": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=" + }, + "coa": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/coa/-/coa-2.0.2.tgz", + "integrity": "sha512-q5/jG+YQnSy4nRTV4F7lPepBJZ8qBNJJDBuJdoejDyLXgmL7IEo+Le2JDZudFTFt7mrCqIRaSjws4ygRCTCAXA==", + "requires": { + "@types/q": "^1.5.1", + "chalk": "^2.4.1", + "q": "^1.1.2" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "code-point-at": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz", + "integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c=" + }, + "codemirror": { + "version": "5.62.3", + "resolved": "https://registry.npmjs.org/codemirror/-/codemirror-5.62.3.tgz", + "integrity": "sha512-zZAyOfN8TU67ngqrxhOgtkSAGV9jSpN1snbl8elPtnh9Z5A11daR405+dhLzLnuXrwX0WCShWlybxPN3QC/9Pg==" + }, + "collection-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/collection-visit/-/collection-visit-1.0.0.tgz", + "integrity": "sha1-S8A3PBZLwykbTTaMgpzxqApZ3KA=", + "requires": { + "map-visit": "^1.0.0", + "object-visit": "^1.0.0" + } + }, + "color": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/color/-/color-3.1.2.tgz", + "integrity": "sha512-vXTJhHebByxZn3lDvDJYw4lR5+uB3vuoHsuYA5AKuxRVn5wzzIfQKGLBmgdVRHKTJYeK5rvJcHnrd0Li49CFpg==", + "requires": { + "color-convert": "^1.9.1", + "color-string": "^1.5.2" + } + }, + "color-convert": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "requires": { + "color-name": "1.1.3" + } + }, + "color-name": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=" + }, + "color-string": { + "version": "1.5.3", + "resolved": "https://registry.npmjs.org/color-string/-/color-string-1.5.3.tgz", + "integrity": "sha512-dC2C5qeWoYkxki5UAXapdjqO672AM4vZuPGRQfO8b5HKuKGBbKWpITyDYN7TOFKvRW7kOgAn3746clDBMDJyQw==", + "requires": { + "color-name": "^1.0.0", + "simple-swizzle": "^0.2.2" + } + }, + "colorette": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/colorette/-/colorette-1.2.1.tgz", + "integrity": "sha512-puCDz0CzydiSYOrnXpz/PKd69zRrribezjtE9yd4zvytoRc8+RY/KJPvtPFKZS3E3wP6neGyMe0vOTlHO5L3Pw==" + }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "requires": { + "delayed-stream": "~1.0.0" + } + }, + "commander": { + "version": "2.20.3", + "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz", + "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==" + }, + "common-tags": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/common-tags/-/common-tags-1.8.0.tgz", + "integrity": "sha512-6P6g0uetGpW/sdyUy/iQQCbFF0kWVMSIVSyYz7Zgjcgh8mgw8PQzDNZeyZ5DQ2gM7LBoZPHmnjz8rUthkBG5tw==" + }, + "commondir": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/commondir/-/commondir-1.0.1.tgz", + "integrity": "sha1-3dgA2gxmEnOTzKWVDqloo6rxJTs=" + }, + "component-emitter": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz", + "integrity": "sha512-Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg==" + }, + "compose-function": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/compose-function/-/compose-function-3.0.3.tgz", + "integrity": "sha1-ntZ18TzFRQHTCVCkhv9qe6OrGF8=", + "requires": { + "arity-n": "^1.0.4" + } + }, + "compressible": { + "version": "2.0.18", + "resolved": "https://registry.npmjs.org/compressible/-/compressible-2.0.18.tgz", + "integrity": "sha512-AF3r7P5dWxL8MxyITRMlORQNaOA2IkAFaTr4k7BUumjPtRpGDTZpl0Pb1XCO6JeDCBdp126Cgs9sMxqSjgYyRg==", + "requires": { + "mime-db": ">= 1.43.0 < 2" + } + }, + "compression": { + "version": "1.7.4", + "resolved": "https://registry.npmjs.org/compression/-/compression-1.7.4.tgz", + "integrity": "sha512-jaSIDzP9pZVS4ZfQ+TzvtiWhdpFhE2RDHz8QJkpX9SIpLq88VueF5jJw6t+6CUQcAoA6t+x89MLrWAqpfDE8iQ==", + "requires": { + "accepts": "~1.3.5", + "bytes": "3.0.0", + "compressible": "~2.0.16", + "debug": "2.6.9", + "on-headers": "~1.0.2", + "safe-buffer": "5.1.2", + "vary": "~1.1.2" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + } + } + }, + "concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" + }, + "concat-stream": { + "version": "1.6.2", + "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.2.tgz", + "integrity": "sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==", + "requires": { + "buffer-from": "^1.0.0", + "inherits": "^2.0.3", + "readable-stream": "^2.2.2", + "typedarray": "^0.0.6" + } + }, + "confusing-browser-globals": { + "version": "1.0.9", + "resolved": "https://registry.npmjs.org/confusing-browser-globals/-/confusing-browser-globals-1.0.9.tgz", + "integrity": "sha512-KbS1Y0jMtyPgIxjO7ZzMAuUpAKMt1SzCL9fsrKsX6b0zJPTaT0SiSPmewwVZg9UAO83HVIlEhZF84LIjZ0lmAw==" + }, + "connect-history-api-fallback": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/connect-history-api-fallback/-/connect-history-api-fallback-1.6.0.tgz", + "integrity": "sha512-e54B99q/OUoH64zYYRf3HBP5z24G38h5D3qXu23JGRoigpX5Ss4r9ZnDk3g0Z8uQC2x2lPaJ+UlWBc1ZWBWdLg==" + }, + "console-browserify": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/console-browserify/-/console-browserify-1.2.0.tgz", + "integrity": "sha512-ZMkYO/LkF17QvCPqM0gxw8yUzigAOZOSWSHg91FH6orS7vcEj5dVZTidN2fQ14yBSdg97RqhSNwLUXInd52OTA==" + }, + "console-control-strings": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz", + "integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4=" + }, + "constants-browserify": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/constants-browserify/-/constants-browserify-1.0.0.tgz", + "integrity": "sha1-wguW2MYXdIqvHBYCF2DNJ/y4y3U=" + }, + "contains-path": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/contains-path/-/contains-path-0.1.0.tgz", + "integrity": "sha1-/ozxhP9mcLa67wGp1IYaXL7EEgo=" + }, + "content-disposition": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.3.tgz", + "integrity": "sha512-ExO0774ikEObIAEV9kDo50o+79VCUdEB6n6lzKgGwupcVeRlhrj3qGAfwq8G6uBJjkqLrhT0qEYFcWng8z1z0g==", + "requires": { + "safe-buffer": "5.1.2" + } + }, + "content-type": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz", + "integrity": "sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==" + }, + "convert-source-map": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.7.0.tgz", + "integrity": "sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065UnMeR33oA==", + "requires": { + "safe-buffer": "~5.1.1" + } + }, + "cookie": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.0.tgz", + "integrity": "sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg==" + }, + "cookie-signature": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", + "integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw=" + }, + "copy-concurrently": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/copy-concurrently/-/copy-concurrently-1.0.5.tgz", + "integrity": "sha512-f2domd9fsVDFtaFcbaRZuYXwtdmnzqbADSwhSWYxYB/Q8zsdUUFMXVRwXGDMWmbEzAn1kdRrtI1T/KTFOL4X2A==", + "requires": { + "aproba": "^1.1.1", + "fs-write-stream-atomic": "^1.0.8", + "iferr": "^0.1.5", + "mkdirp": "^0.5.1", + "rimraf": "^2.5.4", + "run-queue": "^1.0.0" + } + }, + "copy-descriptor": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz", + "integrity": "sha1-Z29us8OZl8LuGsOpJP1hJHSPV40=" + }, + "core-js-compat": { + "version": "3.6.5", + "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.6.5.tgz", + "integrity": "sha512-7ItTKOhOZbznhXAQ2g/slGg1PJV5zDO/WdkTwi7UEOJmkvsE32PWvx6mKtDjiMpjnR2CNf6BAD6sSxIlv7ptng==", + "requires": { + "browserslist": "^4.8.5", + "semver": "7.0.0" + }, + "dependencies": { + "semver": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.0.0.tgz", + "integrity": "sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A==" + } + } + }, + "core-js-pure": { + "version": "3.6.5", + "resolved": "https://registry.npmjs.org/core-js-pure/-/core-js-pure-3.6.5.tgz", + "integrity": "sha512-lacdXOimsiD0QyNf9BC/mxivNJ/ybBGJXQFKzRekp1WTHoVUWsUHEn+2T8GJAzzIhyOuXA+gOxCVN3l+5PLPUA==" + }, + "core-util-is": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", + "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" + }, + "cosmiconfig": { + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-5.2.1.tgz", + "integrity": "sha512-H65gsXo1SKjf8zmrJ67eJk8aIRKV5ff2D4uKZIBZShbhGSpEmsQOPW/SKMKYhSTrqR7ufy6RP69rPogdaPh/kA==", + "requires": { + "import-fresh": "^2.0.0", + "is-directory": "^0.3.1", + "js-yaml": "^3.13.1", + "parse-json": "^4.0.0" + }, + "dependencies": { + "parse-json": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-4.0.0.tgz", + "integrity": "sha1-vjX1Qlvh9/bHRxhPmKeIy5lHfuA=", + "requires": { + "error-ex": "^1.3.1", + "json-parse-better-errors": "^1.0.1" + } + } + } + }, + "create-ecdh": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/create-ecdh/-/create-ecdh-4.0.3.tgz", + "integrity": "sha512-GbEHQPMOswGpKXM9kCWVrremUcBmjteUaQ01T9rkKCPDXfUHX0IoP9LpHYo2NPFampa4e+/pFDc3jQdxrxQLaw==", + "requires": { + "bn.js": "^4.1.0", + "elliptic": "^6.0.0" + }, + "dependencies": { + "bn.js": { + "version": "4.11.9", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz", + "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==" + } + } + }, + "create-hash": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/create-hash/-/create-hash-1.2.0.tgz", + "integrity": "sha512-z00bCGNHDG8mHAkP7CtT1qVu+bFQUPjYq/4Iv3C3kWjTFV10zIjfSoeqXo9Asws8gwSHDGj/hl2u4OGIjapeCg==", + "requires": { + "cipher-base": "^1.0.1", + "inherits": "^2.0.1", + "md5.js": "^1.3.4", + "ripemd160": "^2.0.1", + "sha.js": "^2.4.0" + } + }, + "create-hmac": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/create-hmac/-/create-hmac-1.1.7.tgz", + "integrity": "sha512-MJG9liiZ+ogc4TzUwuvbER1JRdgvUFSB5+VR/g5h82fGaIRWMWddtKBHi7/sVhfjQZ6SehlyhvQYrcYkaUIpLg==", + "requires": { + "cipher-base": "^1.0.3", + "create-hash": "^1.1.0", + "inherits": "^2.0.1", + "ripemd160": "^2.0.0", + "safe-buffer": "^5.0.1", + "sha.js": "^2.4.8" + } + }, + "create-react-class": { + "version": "15.7.0", + "resolved": "https://registry.npmjs.org/create-react-class/-/create-react-class-15.7.0.tgz", + "integrity": "sha512-QZv4sFWG9S5RUvkTYWbflxeZX+JG7Cz0Tn33rQBJ+WFQTqTfUTjMjiv9tnfXazjsO5r0KhPs+AqCjyrQX6h2ng==", + "requires": { + "loose-envify": "^1.3.1", + "object-assign": "^4.1.1" + } + }, + "cross-spawn": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-3.0.1.tgz", + "integrity": "sha1-ElYDfsufDF9549bvE14wdwGEuYI=", + "requires": { + "lru-cache": "^4.0.1", + "which": "^1.2.9" + } + }, + "crypto-browserify": { + "version": "3.12.0", + "resolved": "https://registry.npmjs.org/crypto-browserify/-/crypto-browserify-3.12.0.tgz", + "integrity": "sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==", + "requires": { + "browserify-cipher": "^1.0.0", + "browserify-sign": "^4.0.0", + "create-ecdh": "^4.0.0", + "create-hash": "^1.1.0", + "create-hmac": "^1.1.0", + "diffie-hellman": "^5.0.0", + "inherits": "^2.0.1", + "pbkdf2": "^3.0.3", + "public-encrypt": "^4.0.0", + "randombytes": "^2.0.0", + "randomfill": "^1.0.3" + } + }, + "css": { + "version": "2.2.4", + "resolved": "https://registry.npmjs.org/css/-/css-2.2.4.tgz", + "integrity": "sha512-oUnjmWpy0niI3x/mPL8dVEI1l7MnG3+HHyRPHf+YFSbK+svOhXpmSOcDURUh2aOCgl2grzrOPt1nHLuCVFULLw==", + "requires": { + "inherits": "^2.0.3", + "source-map": "^0.6.1", + "source-map-resolve": "^0.5.2", + "urix": "^0.1.0" + }, + "dependencies": { + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } + } + }, + "css-blank-pseudo": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/css-blank-pseudo/-/css-blank-pseudo-0.1.4.tgz", + "integrity": "sha512-LHz35Hr83dnFeipc7oqFDmsjHdljj3TQtxGGiNWSOsTLIAubSm4TEz8qCaKFpk7idaQ1GfWscF4E6mgpBysA1w==", + "requires": { + "postcss": "^7.0.5" + } + }, + "css-color-names": { + "version": "0.0.4", + "resolved": "https://registry.npmjs.org/css-color-names/-/css-color-names-0.0.4.tgz", + "integrity": "sha1-gIrcLnnPhHOAabZGyyDsJ762KeA=" + }, + "css-declaration-sorter": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/css-declaration-sorter/-/css-declaration-sorter-4.0.1.tgz", + "integrity": "sha512-BcxQSKTSEEQUftYpBVnsH4SF05NTuBokb19/sBt6asXGKZ/6VP7PLG1CBCkFDYOnhXhPh0jMhO6xZ71oYHXHBA==", + "requires": { + "postcss": "^7.0.1", + "timsort": "^0.3.0" + } + }, + "css-has-pseudo": { + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/css-has-pseudo/-/css-has-pseudo-0.10.0.tgz", + "integrity": "sha512-Z8hnfsZu4o/kt+AuFzeGpLVhFOGO9mluyHBaA2bA8aCGTwah5sT3WV/fTHH8UNZUytOIImuGPrl/prlb4oX4qQ==", + "requires": { + "postcss": "^7.0.6", + "postcss-selector-parser": "^5.0.0-rc.4" + }, + "dependencies": { + "cssesc": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/cssesc/-/cssesc-2.0.0.tgz", + "integrity": "sha512-MsCAG1z9lPdoO/IUMLSBWBSVxVtJ1395VGIQ+Fc2gNdkQ1hNDnQdw3YhA71WJCBW1vdwA0cAnk/DnW6bqoEUYg==" + }, + "postcss-selector-parser": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-5.0.0.tgz", + "integrity": "sha512-w+zLE5Jhg6Liz8+rQOWEAwtwkyqpfnmsinXjXg6cY7YIONZZtgvE0v2O0uhQBs0peNomOJwWRKt6JBfTdTd3OQ==", + "requires": { + "cssesc": "^2.0.0", + "indexes-of": "^1.0.1", + "uniq": "^1.0.1" + } + } + } + }, + "css-loader": { + "version": "3.4.2", + "resolved": "https://registry.npmjs.org/css-loader/-/css-loader-3.4.2.tgz", + "integrity": "sha512-jYq4zdZT0oS0Iykt+fqnzVLRIeiPWhka+7BqPn+oSIpWJAHak5tmB/WZrJ2a21JhCeFyNnnlroSl8c+MtVndzA==", + "requires": { + "camelcase": "^5.3.1", + "cssesc": "^3.0.0", + "icss-utils": "^4.1.1", + "loader-utils": "^1.2.3", + "normalize-path": "^3.0.0", + "postcss": "^7.0.23", + "postcss-modules-extract-imports": "^2.0.0", + "postcss-modules-local-by-default": "^3.0.2", + "postcss-modules-scope": "^2.1.1", + "postcss-modules-values": "^3.0.0", + "postcss-value-parser": "^4.0.2", + "schema-utils": "^2.6.0" + }, + "dependencies": { + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==" + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==" + } + } + }, + "css-prefers-color-scheme": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/css-prefers-color-scheme/-/css-prefers-color-scheme-3.1.1.tgz", + "integrity": "sha512-MTu6+tMs9S3EUqzmqLXEcgNRbNkkD/TGFvowpeoWJn5Vfq7FMgsmRQs9X5NXAURiOBmOxm/lLjsDNXDE6k9bhg==", + "requires": { + "postcss": "^7.0.5" + } + }, + "css-select": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/css-select/-/css-select-2.1.0.tgz", + "integrity": "sha512-Dqk7LQKpwLoH3VovzZnkzegqNSuAziQyNZUcrdDM401iY+R5NkGBXGmtO05/yaXQziALuPogeG0b7UAgjnTJTQ==", + "requires": { + "boolbase": "^1.0.0", + "css-what": "^3.2.1", + "domutils": "^1.7.0", + "nth-check": "^1.0.2" + } + }, + "css-select-base-adapter": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/css-select-base-adapter/-/css-select-base-adapter-0.1.1.tgz", + "integrity": "sha512-jQVeeRG70QI08vSTwf1jHxp74JoZsr2XSgETae8/xC8ovSnL2WF87GTLO86Sbwdt2lK4Umg4HnnwMO4YF3Ce7w==" + }, + "css-tree": { + "version": "1.0.0-alpha.37", + "resolved": "https://registry.npmjs.org/css-tree/-/css-tree-1.0.0-alpha.37.tgz", + "integrity": "sha512-DMxWJg0rnz7UgxKT0Q1HU/L9BeJI0M6ksor0OgqOnF+aRCDWg/N2641HmVyU9KVIu0OVVWOb2IpC9A+BJRnejg==", + "requires": { + "mdn-data": "2.0.4", + "source-map": "^0.6.1" + }, + "dependencies": { + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } + } + }, + "css-what": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/css-what/-/css-what-3.3.0.tgz", + "integrity": "sha512-pv9JPyatiPaQ6pf4OvD/dbfm0o5LviWmwxNWzblYf/1u9QZd0ihV+PMwy5jdQWQ3349kZmKEx9WXuSka2dM4cg==" + }, + "cssdb": { + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/cssdb/-/cssdb-4.4.0.tgz", + "integrity": "sha512-LsTAR1JPEM9TpGhl/0p3nQecC2LJ0kD8X5YARu1hk/9I1gril5vDtMZyNxcEpxxDj34YNck/ucjuoUd66K03oQ==" + }, + "cssesc": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/cssesc/-/cssesc-3.0.0.tgz", + "integrity": "sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg==" + }, + "cssnano": { + "version": "4.1.10", + "resolved": "https://registry.npmjs.org/cssnano/-/cssnano-4.1.10.tgz", + "integrity": "sha512-5wny+F6H4/8RgNlaqab4ktc3e0/blKutmq8yNlBFXA//nSFFAqAngjNVRzUvCgYROULmZZUoosL/KSoZo5aUaQ==", + "requires": { + "cosmiconfig": "^5.0.0", + "cssnano-preset-default": "^4.0.7", + "is-resolvable": "^1.0.0", + "postcss": "^7.0.0" + } + }, + "cssnano-preset-default": { + "version": "4.0.7", + "resolved": "https://registry.npmjs.org/cssnano-preset-default/-/cssnano-preset-default-4.0.7.tgz", + "integrity": "sha512-x0YHHx2h6p0fCl1zY9L9roD7rnlltugGu7zXSKQx6k2rYw0Hi3IqxcoAGF7u9Q5w1nt7vK0ulxV8Lo+EvllGsA==", + "requires": { + "css-declaration-sorter": "^4.0.1", + "cssnano-util-raw-cache": "^4.0.1", + "postcss": "^7.0.0", + "postcss-calc": "^7.0.1", + "postcss-colormin": "^4.0.3", + "postcss-convert-values": "^4.0.1", + "postcss-discard-comments": "^4.0.2", + "postcss-discard-duplicates": "^4.0.2", + "postcss-discard-empty": "^4.0.1", + "postcss-discard-overridden": "^4.0.1", + "postcss-merge-longhand": "^4.0.11", + "postcss-merge-rules": "^4.0.3", + "postcss-minify-font-values": "^4.0.2", + "postcss-minify-gradients": "^4.0.2", + "postcss-minify-params": "^4.0.2", + "postcss-minify-selectors": "^4.0.2", + "postcss-normalize-charset": "^4.0.1", + "postcss-normalize-display-values": "^4.0.2", + "postcss-normalize-positions": "^4.0.2", + "postcss-normalize-repeat-style": "^4.0.2", + "postcss-normalize-string": "^4.0.2", + "postcss-normalize-timing-functions": "^4.0.2", + "postcss-normalize-unicode": "^4.0.1", + "postcss-normalize-url": "^4.0.1", + "postcss-normalize-whitespace": "^4.0.2", + "postcss-ordered-values": "^4.1.2", + "postcss-reduce-initial": "^4.0.3", + "postcss-reduce-transforms": "^4.0.2", + "postcss-svgo": "^4.0.2", + "postcss-unique-selectors": "^4.0.1" + } + }, + "cssnano-util-get-arguments": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/cssnano-util-get-arguments/-/cssnano-util-get-arguments-4.0.0.tgz", + "integrity": "sha1-7ToIKZ8h11dBsg87gfGU7UnMFQ8=" + }, + "cssnano-util-get-match": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/cssnano-util-get-match/-/cssnano-util-get-match-4.0.0.tgz", + "integrity": "sha1-wOTKB/U4a7F+xeUiULT1lhNlFW0=" + }, + "cssnano-util-raw-cache": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/cssnano-util-raw-cache/-/cssnano-util-raw-cache-4.0.1.tgz", + "integrity": "sha512-qLuYtWK2b2Dy55I8ZX3ky1Z16WYsx544Q0UWViebptpwn/xDBmog2TLg4f+DBMg1rJ6JDWtn96WHbOKDWt1WQA==", + "requires": { + "postcss": "^7.0.0" + } + }, + "cssnano-util-same-parent": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/cssnano-util-same-parent/-/cssnano-util-same-parent-4.0.1.tgz", + "integrity": "sha512-WcKx5OY+KoSIAxBW6UBBRay1U6vkYheCdjyVNDm85zt5K9mHoGOfsOsqIszfAqrQQFIIKgjh2+FDgIj/zsl21Q==" + }, + "csso": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/csso/-/csso-4.0.3.tgz", + "integrity": "sha512-NL3spysxUkcrOgnpsT4Xdl2aiEiBG6bXswAABQVHcMrfjjBisFOKwLDOmf4wf32aPdcJws1zds2B0Rg+jqMyHQ==", + "requires": { + "css-tree": "1.0.0-alpha.39" + }, + "dependencies": { + "css-tree": { + "version": "1.0.0-alpha.39", + "resolved": "https://registry.npmjs.org/css-tree/-/css-tree-1.0.0-alpha.39.tgz", + "integrity": "sha512-7UvkEYgBAHRG9Nt980lYxjsTrCyHFN53ky3wVsDkiMdVqylqRt+Zc+jm5qw7/qyOvN2dHSYtX0e4MbCCExSvnA==", + "requires": { + "mdn-data": "2.0.6", + "source-map": "^0.6.1" + } + }, + "mdn-data": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/mdn-data/-/mdn-data-2.0.6.tgz", + "integrity": "sha512-rQvjv71olwNHgiTbfPZFkJtjNMciWgswYeciZhtvWLO8bmX3TnhyA62I6sTWOyZssWHJJjY6/KiWwqQsWWsqOA==" + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } + } + }, + "cssom": { + "version": "0.3.8", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", + "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==" + }, + "cssstyle": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-1.4.0.tgz", + "integrity": "sha512-GBrLZYZ4X4x6/QEoBnIrqb8B/f5l4+8me2dkom/j1Gtbxy0kBv6OGzKuAsGM75bkGwGAFkt56Iwg28S3XTZgSA==", + "requires": { + "cssom": "0.3.x" + } + }, + "currently-unhandled": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/currently-unhandled/-/currently-unhandled-0.4.1.tgz", + "integrity": "sha1-mI3zP+qxke95mmE2nddsF635V+o=", + "requires": { + "array-find-index": "^1.0.1" + } + }, + "cyclist": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/cyclist/-/cyclist-1.0.1.tgz", + "integrity": "sha1-WW6WmP0MgOEgOMK4LW6xs1tiJNk=" + }, + "d": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/d/-/d-1.0.1.tgz", + "integrity": "sha512-m62ShEObQ39CfralilEQRjH6oAMtNCV1xJyEx5LpRYUVN+EviphDgUc/F3hnYbADmkiNs67Y+3ylmlG7Lnu+FA==", + "requires": { + "es5-ext": "^0.10.50", + "type": "^1.0.1" + } + }, + "damerau-levenshtein": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/damerau-levenshtein/-/damerau-levenshtein-1.0.6.tgz", + "integrity": "sha512-JVrozIeElnj3QzfUIt8tB8YMluBJom4Vw9qTPpjGYQ9fYlB3D/rb6OordUxf3xeFB35LKWs0xqcO5U6ySvBtug==" + }, + "dashdash": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", + "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "requires": { + "assert-plus": "^1.0.0" + } + }, + "data-urls": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-1.1.0.tgz", + "integrity": "sha512-YTWYI9se1P55u58gL5GkQHW4P6VJBJ5iBT+B5a7i2Tjadhv52paJG0qHX4A0OR6/t52odI64KP2YvFpkDOi3eQ==", + "requires": { + "abab": "^2.0.0", + "whatwg-mimetype": "^2.2.0", + "whatwg-url": "^7.0.0" + }, + "dependencies": { + "whatwg-url": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-7.1.0.tgz", + "integrity": "sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==", + "requires": { + "lodash.sortby": "^4.7.0", + "tr46": "^1.0.1", + "webidl-conversions": "^4.0.2" + } + } + } + }, + "dayjs": { + "version": "1.11.4", + "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.4.tgz", + "integrity": "sha512-Zj/lPM5hOvQ1Bf7uAvewDaUcsJoI6JmNqmHhHl3nyumwe0XHwt8sWdOVAPACJzCebL8gQCi+K49w7iKWnGwX9g==" + }, + "debug": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", + "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", + "requires": { + "ms": "2.0.0" + } + }, + "decamelize": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", + "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=" + }, + "decode-uri-component": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.0.tgz", + "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=" + }, + "deep-equal": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/deep-equal/-/deep-equal-1.1.1.tgz", + "integrity": "sha512-yd9c5AdiqVcR+JjcwUQb9DkhJc8ngNr0MahEBGvDiJw8puWab2yZlh+nkasOnZP+EGTAP6rRp2JzJhJZzvNF8g==", + "requires": { + "is-arguments": "^1.0.4", + "is-date-object": "^1.0.1", + "is-regex": "^1.0.4", + "object-is": "^1.0.1", + "object-keys": "^1.1.1", + "regexp.prototype.flags": "^1.2.0" + } + }, + "deep-is": { + "version": "0.1.3", + "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", + "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=" + }, + "default-gateway": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/default-gateway/-/default-gateway-4.2.0.tgz", + "integrity": "sha512-h6sMrVB1VMWVrW13mSc6ia/DwYYw5MN6+exNu1OaJeFac5aSAvwM7lZ0NVfTABuSkQelr4h5oebg3KB1XPdjgA==", + "requires": { + "execa": "^1.0.0", + "ip-regex": "^2.1.0" + } + }, + "define-properties": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.3.tgz", + "integrity": "sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==", + "requires": { + "object-keys": "^1.0.12" + } + }, + "define-property": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz", + "integrity": "sha512-jwK2UV4cnPpbcG7+VRARKTZPUWowwXA8bzH5NP6ud0oeAxyYPuGZUAC7hMugpCdz4BeSZl2Dl9k66CHJ/46ZYQ==", + "requires": { + "is-descriptor": "^1.0.2", + "isobject": "^3.0.1" + }, + "dependencies": { + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + }, + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==" + } + } + }, + "del": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/del/-/del-4.1.1.tgz", + "integrity": "sha512-QwGuEUouP2kVwQenAsOof5Fv8K9t3D8Ca8NxcXKrIpEHjTXK5J2nXLdP+ALI1cgv8wj7KuwBhTwBkOZSJKM5XQ==", + "requires": { + "@types/glob": "^7.1.1", + "globby": "^6.1.0", + "is-path-cwd": "^2.0.0", + "is-path-in-cwd": "^2.0.0", + "p-map": "^2.0.0", + "pify": "^4.0.1", + "rimraf": "^2.6.3" + }, + "dependencies": { + "globby": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/globby/-/globby-6.1.0.tgz", + "integrity": "sha1-9abXDoOV4hyFj7BInWTfAkJNUGw=", + "requires": { + "array-union": "^1.0.1", + "glob": "^7.0.3", + "object-assign": "^4.0.1", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "dependencies": { + "pify": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw=" + } + } + }, + "p-map": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/p-map/-/p-map-2.1.0.tgz", + "integrity": "sha512-y3b8Kpd8OAN444hxfBbFfj1FY/RjtTd8tzYwhUqNYXx0fXx2iX4maP4Qr6qhIKbQXI02wTLAda4fYUbDagTUFw==" + }, + "pify": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pify/-/pify-4.0.1.tgz", + "integrity": "sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==" + } + } + }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" + }, + "delegates": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", + "integrity": "sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=" + }, + "depd": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", + "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=" + }, + "des.js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/des.js/-/des.js-1.0.1.tgz", + "integrity": "sha512-Q0I4pfFrv2VPd34/vfLrFOoRmlYj3OV50i7fskps1jZWK1kApMWWT9G6RRUeYedLcBDIhnSDaUvJMb3AhUlaEA==", + "requires": { + "inherits": "^2.0.1", + "minimalistic-assert": "^1.0.0" + } + }, + "destroy": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.0.4.tgz", + "integrity": "sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA=" + }, + "detect-newline": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-2.1.0.tgz", + "integrity": "sha1-9B8cEL5LAOh7XxPaaAdZ8sW/0+I=" + }, + "detect-node": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/detect-node/-/detect-node-2.0.5.tgz", + "integrity": "sha512-qi86tE6hRcFHy8jI1m2VG+LaPUR1LhqDa5G8tVjuUXmOrpuAgqsA1pN0+ldgr3aKUH+QLI9hCY/OcRYisERejw==" + }, + "detect-port-alt": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/detect-port-alt/-/detect-port-alt-1.1.6.tgz", + "integrity": "sha512-5tQykt+LqfJFBEYaDITx7S7cR7mJ/zQmLXZ2qt5w04ainYZw6tBf9dBunMjVeVOdYVRUzUOE4HkY5J7+uttb5Q==", + "requires": { + "address": "^1.0.1", + "debug": "^2.6.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + } + } + }, + "diff-sequences": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-24.9.0.tgz", + "integrity": "sha512-Dj6Wk3tWyTE+Fo1rW8v0Xhwk80um6yFYKbuAxc9c3EZxIHFDYwbi34Uk42u1CdnIiVorvt4RmlSDjIPyzGC2ew==" + }, + "diffie-hellman": { + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/diffie-hellman/-/diffie-hellman-5.0.3.tgz", + "integrity": "sha512-kqag/Nl+f3GwyK25fhUMYj81BUOrZ9IuJsjIcDE5icNM9FJHAVm3VcUDxdLPoQtTuUylWm6ZIknYJwwaPxsUzg==", + "requires": { + "bn.js": "^4.1.0", + "miller-rabin": "^4.0.0", + "randombytes": "^2.0.0" + }, + "dependencies": { + "bn.js": { + "version": "4.11.9", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz", + "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==" + } + } + }, + "dir-glob": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/dir-glob/-/dir-glob-2.0.0.tgz", + "integrity": "sha512-37qirFDz8cA5fimp9feo43fSuRo2gHwaIn6dXL8Ber1dGwUosDrGZeCCXq57WnIqE4aQ+u3eQZzsk1yOzhdwag==", + "requires": { + "arrify": "^1.0.1", + "path-type": "^3.0.0" + }, + "dependencies": { + "path-type": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/path-type/-/path-type-3.0.0.tgz", + "integrity": "sha512-T2ZUsdZFHgA3u4e5PfPbjd7HDDpxPnQb5jN0SrDsjNSuVXHJqtwTnWqG0B1jZrgmJ/7lj1EmVIByWt1gxGkWvg==", + "requires": { + "pify": "^3.0.0" + } + }, + "pify": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", + "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=" + } + } + }, + "dns-equal": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/dns-equal/-/dns-equal-1.0.0.tgz", + "integrity": "sha1-s55/HabrCnW6nBcySzR1PEfgZU0=" + }, + "dns-packet": { + "version": "1.3.4", + "resolved": "https://registry.npmjs.org/dns-packet/-/dns-packet-1.3.4.tgz", + "integrity": "sha512-BQ6F4vycLXBvdrJZ6S3gZewt6rcrks9KBgM9vrhW+knGRqc8uEdT7fuCwloc7nny5xNoMJ17HGH0R/6fpo8ECA==", + "requires": { + "ip": "^1.1.0", + "safe-buffer": "^5.0.1" + } + }, + "dns-txt": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/dns-txt/-/dns-txt-2.0.2.tgz", + "integrity": "sha1-uR2Ab10nGI5Ks+fRB9iBocxGQrY=", + "requires": { + "buffer-indexof": "^1.0.0" + } + }, + "doctrine": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", + "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==", + "requires": { + "esutils": "^2.0.2" + } + }, + "dom-converter": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/dom-converter/-/dom-converter-0.2.0.tgz", + "integrity": "sha512-gd3ypIPfOMr9h5jIKq8E3sHOTCjeirnl0WK5ZdS1AW0Odt0b1PaWaHdJ4Qk4klv+YB9aJBS7mESXjFoDQPu6DA==", + "requires": { + "utila": "~0.4" + } + }, + "dom-helpers": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/dom-helpers/-/dom-helpers-3.4.0.tgz", + "integrity": "sha512-LnuPJ+dwqKDIyotW1VzmOZ5TONUN7CwkCR5hrgawTUbkBGYdeoNLZo6nNfGkCrjtE1nXXaj7iMMpDa8/d9WoIA==", + "requires": { + "@babel/runtime": "^7.1.2" + } + }, + "dom-serializer": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-0.2.2.tgz", + "integrity": "sha512-2/xPb3ORsQ42nHYiSunXkDjPLBaEj/xTwUO4B7XCZQTRk7EBtTOPaygh10YAAh2OI1Qrp6NWfpAhzswj0ydt9g==", + "requires": { + "domelementtype": "^2.0.1", + "entities": "^2.0.0" + }, + "dependencies": { + "domelementtype": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.0.1.tgz", + "integrity": "sha512-5HOHUDsYZWV8FGWN0Njbr/Rn7f/eWSQi1v7+HsUVwXgn8nWWlL64zKDkS0n8ZmQ3mlWOMuXOnR+7Nx/5tMO5AQ==" + } + } + }, + "domain-browser": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/domain-browser/-/domain-browser-1.2.0.tgz", + "integrity": "sha512-jnjyiM6eRyZl2H+W8Q/zLMA481hzi0eszAaBUzIVnmYVDBbnLxVNnfu1HgEBvCbL+71FrxMl3E6lpKH7Ge3OXA==" + }, + "domelementtype": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-1.3.1.tgz", + "integrity": "sha512-BSKB+TSpMpFI/HOxCNr1O8aMOTZ8hT3pM3GQ0w/mWRmkhEDSFJkkyzz4XQsBV44BChwGkrDfMyjVD0eA2aFV3w==" + }, + "domexception": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/domexception/-/domexception-1.0.1.tgz", + "integrity": "sha512-raigMkn7CJNNo6Ihro1fzG7wr3fHuYVytzquZKX5n0yizGsTcYgzdIUwj1X9pK0VvjeihV+XiclP+DjwbsSKug==", + "requires": { + "webidl-conversions": "^4.0.2" + } + }, + "domhandler": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-2.4.2.tgz", + "integrity": "sha512-JiK04h0Ht5u/80fdLMCEmV4zkNh2BcoMFBmZ/91WtYZ8qVXSKjiw7fXMgFPnHcSZgOo3XdinHvmnDUeMf5R4wA==", + "requires": { + "domelementtype": "1" + } + }, + "domutils": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/domutils/-/domutils-1.7.0.tgz", + "integrity": "sha512-Lgd2XcJ/NjEw+7tFvfKxOzCYKZsdct5lczQ2ZaQY8Djz7pfAD3Gbp8ySJWtreII/vDlMVmxwa6pHmdxIYgttDg==", + "requires": { + "dom-serializer": "0", + "domelementtype": "1" + } + }, + "dot-case": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/dot-case/-/dot-case-3.0.3.tgz", + "integrity": "sha512-7hwEmg6RiSQfm/GwPL4AAWXKy3YNNZA3oFv2Pdiey0mwkRCPZ9x6SZbkLcn8Ma5PYeVokzoD4Twv2n7LKp5WeA==", + "requires": { + "no-case": "^3.0.3", + "tslib": "^1.10.0" + } + }, + "dot-prop": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-5.2.0.tgz", + "integrity": "sha512-uEUyaDKoSQ1M4Oq8l45hSE26SnTxL6snNnqvK/VWx5wJhmff5z0FUVJDKDanor/6w3kzE3i7XZOk+7wC0EXr1A==", + "requires": { + "is-obj": "^2.0.0" + } + }, + "dotenv": { + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.2.0.tgz", + "integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw==" + }, + "dotenv-expand": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/dotenv-expand/-/dotenv-expand-5.1.0.tgz", + "integrity": "sha512-YXQl1DSa4/PQyRfgrv6aoNjhasp/p4qs9FjJ4q4cQk+8m4r6k4ZSiEyytKG8f8W9gi8WsQtIObNmKd+tMzNTmA==" + }, + "duplexer": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/duplexer/-/duplexer-0.1.1.tgz", + "integrity": "sha1-rOb/gIwc5mtX0ev5eXessCM0z8E=" + }, + "duplexify": { + "version": "3.7.1", + "resolved": "https://registry.npmjs.org/duplexify/-/duplexify-3.7.1.tgz", + "integrity": "sha512-07z8uv2wMyS51kKhD1KsdXJg5WQ6t93RneqRxUHnskXVtlYYkLqM0gqStQZ3pj073g687jPCHrqNfCzawLYh5g==", + "requires": { + "end-of-stream": "^1.0.0", + "inherits": "^2.0.1", + "readable-stream": "^2.0.0", + "stream-shift": "^1.0.0" + } + }, + "ecc-jsbn": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", + "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "requires": { + "jsbn": "~0.1.0", + "safer-buffer": "^2.1.0" + } + }, + "ee-first": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", + "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=" + }, + "electron-to-chromium": { + "version": "1.3.518", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.518.tgz", + "integrity": "sha512-IspiwXYDKZMxo+qc3Vof4WtwbG9BMDbJfati8PYj7uS4DJmJ67pwjCKZxlTBSAuCZSMcbRnj2Xz2H14uiKT7bQ==" + }, + "elliptic": { + "version": "6.5.4", + "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.5.4.tgz", + "integrity": "sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==", + "requires": { + "bn.js": "^4.11.9", + "brorand": "^1.1.0", + "hash.js": "^1.0.0", + "hmac-drbg": "^1.0.1", + "inherits": "^2.0.4", + "minimalistic-assert": "^1.0.1", + "minimalistic-crypto-utils": "^1.0.1" + }, + "dependencies": { + "bn.js": { + "version": "4.11.9", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz", + "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==" + } + } + }, + "emoji-regex": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-7.0.3.tgz", + "integrity": "sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==" + }, + "emojis-list": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/emojis-list/-/emojis-list-3.0.0.tgz", + "integrity": "sha512-/kyM18EfinwXZbno9FyUGeFh87KC8HRQBQGildHZbEuRyWFOmv1U10o9BBp8XVZDVNNuQKyIGIu5ZYAAXJ0V2Q==" + }, + "encodeurl": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", + "integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=" + }, + "end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "requires": { + "once": "^1.4.0" + } + }, + "enhanced-resolve": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-4.3.0.tgz", + "integrity": "sha512-3e87LvavsdxyoCfGusJnrZ5G8SLPOFeHSNpZI/ATL9a5leXo2k0w6MKnbqhdBad9qTobSfB20Ld7UmgoNbAZkQ==", + "requires": { + "graceful-fs": "^4.1.2", + "memory-fs": "^0.5.0", + "tapable": "^1.0.0" + }, + "dependencies": { + "memory-fs": { + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/memory-fs/-/memory-fs-0.5.0.tgz", + "integrity": "sha512-jA0rdU5KoQMC0e6ppoNRtpp6vjFq6+NY7r8hywnC7V+1Xj/MtHwGIbB1QaK/dunyjWteJzmkpd7ooeWg10T7GA==", + "requires": { + "errno": "^0.1.3", + "readable-stream": "^2.0.1" + } + } + } + }, + "entities": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/entities/-/entities-2.0.3.tgz", + "integrity": "sha512-MyoZ0jgnLvB2X3Lg5HqpFmn1kybDiIfEQmKzTb5apr51Rb+T3KdmMiqa70T+bhGnyv7bQ6WMj2QMHpGMmlrUYQ==" + }, + "errno": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/errno/-/errno-0.1.7.tgz", + "integrity": "sha512-MfrRBDWzIWifgq6tJj60gkAwtLNb6sQPlcFrSOflcP1aFmmruKQ2wRnze/8V6kgyz7H3FF8Npzv78mZ7XLLflg==", + "requires": { + "prr": "~1.0.1" + } + }, + "error-ex": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "requires": { + "is-arrayish": "^0.2.1" + } + }, + "es-abstract": { + "version": "1.17.6", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.17.6.tgz", + "integrity": "sha512-Fr89bON3WFyUi5EvAeI48QTWX0AyekGgLA8H+c+7fbfCkJwRWRMLd8CQedNEyJuoYYhmtEqY92pgte1FAhBlhw==", + "requires": { + "es-to-primitive": "^1.2.1", + "function-bind": "^1.1.1", + "has": "^1.0.3", + "has-symbols": "^1.0.1", + "is-callable": "^1.2.0", + "is-regex": "^1.1.0", + "object-inspect": "^1.7.0", + "object-keys": "^1.1.1", + "object.assign": "^4.1.0", + "string.prototype.trimend": "^1.0.1", + "string.prototype.trimstart": "^1.0.1" + } + }, + "es-to-primitive": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/es-to-primitive/-/es-to-primitive-1.2.1.tgz", + "integrity": "sha512-QCOllgZJtaUo9miYBcLChTUaHNjJF3PYs1VidD7AwiEj1kYxKeQTctLAezAOH5ZKRH0g2IgPn6KwB4IT8iRpvA==", + "requires": { + "is-callable": "^1.1.4", + "is-date-object": "^1.0.1", + "is-symbol": "^1.0.2" + } + }, + "es5-ext": { + "version": "0.10.53", + "resolved": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.53.tgz", + "integrity": "sha512-Xs2Stw6NiNHWypzRTY1MtaG/uJlwCk8kH81920ma8mvN8Xq1gsfhZvpkImLQArw8AHnv8MT2I45J3c0R8slE+Q==", + "requires": { + "es6-iterator": "~2.0.3", + "es6-symbol": "~3.1.3", + "next-tick": "~1.0.0" + } + }, + "es6-iterator": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/es6-iterator/-/es6-iterator-2.0.3.tgz", + "integrity": "sha1-p96IkUGgWpSwhUQDstCg+/qY87c=", + "requires": { + "d": "1", + "es5-ext": "^0.10.35", + "es6-symbol": "^3.1.1" + } + }, + "es6-symbol": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/es6-symbol/-/es6-symbol-3.1.3.tgz", + "integrity": "sha512-NJ6Yn3FuDinBaBRWl/q5X/s4koRHBrgKAu+yGI6JCBeiu3qrcbJhwT2GeR/EXVfylRk8dpQVJoLEFhK+Mu31NA==", + "requires": { + "d": "^1.0.1", + "ext": "^1.1.2" + } + }, + "escape-html": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", + "integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg=" + }, + "escape-string-regexp": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=" + }, + "escodegen": { + "version": "1.14.3", + "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.14.3.tgz", + "integrity": "sha512-qFcX0XJkdg+PB3xjZZG/wKSuT1PnQWx57+TVSjIMmILd2yC/6ByYElPwJnslDsuWuSAp4AwJGumarAAmJch5Kw==", + "requires": { + "esprima": "^4.0.1", + "estraverse": "^4.2.0", + "esutils": "^2.0.2", + "optionator": "^0.8.1", + "source-map": "~0.6.1" + }, + "dependencies": { + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "optional": true + } + } + }, + "eslint": { + "version": "6.8.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-6.8.0.tgz", + "integrity": "sha512-K+Iayyo2LtyYhDSYwz5D5QdWw0hCacNzyq1Y821Xna2xSJj7cijoLLYmLxTQgcgZ9mC61nryMy9S7GRbYpI5Ig==", + "requires": { + "@babel/code-frame": "^7.0.0", + "ajv": "^6.10.0", + "chalk": "^2.1.0", + "cross-spawn": "^6.0.5", + "debug": "^4.0.1", + "doctrine": "^3.0.0", + "eslint-scope": "^5.0.0", + "eslint-utils": "^1.4.3", + "eslint-visitor-keys": "^1.1.0", + "espree": "^6.1.2", + "esquery": "^1.0.1", + "esutils": "^2.0.2", + "file-entry-cache": "^5.0.1", + "functional-red-black-tree": "^1.0.1", + "glob-parent": "^5.0.0", + "globals": "^12.1.0", + "ignore": "^4.0.6", + "import-fresh": "^3.0.0", + "imurmurhash": "^0.1.4", + "inquirer": "^7.0.0", + "is-glob": "^4.0.0", + "js-yaml": "^3.13.1", + "json-stable-stringify-without-jsonify": "^1.0.1", + "levn": "^0.3.0", + "lodash": "^4.17.14", + "minimatch": "^3.0.4", + "mkdirp": "^0.5.1", + "natural-compare": "^1.4.0", + "optionator": "^0.8.3", + "progress": "^2.0.0", + "regexpp": "^2.0.1", + "semver": "^6.1.2", + "strip-ansi": "^5.2.0", + "strip-json-comments": "^3.0.1", + "table": "^5.2.3", + "text-table": "^0.2.0", + "v8-compile-cache": "^2.0.3" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" + }, + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "cross-spawn": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", + "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", + "requires": { + "nice-try": "^1.0.4", + "path-key": "^2.0.1", + "semver": "^5.5.0", + "shebang-command": "^1.2.0", + "which": "^1.2.9" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==" + } + } + }, + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "requires": { + "ms": "^2.1.1" + } + }, + "eslint-utils": { + "version": "1.4.3", + "resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-1.4.3.tgz", + "integrity": "sha512-fbBN5W2xdY45KulGXmLHZ3c3FHfVYmKg0IrAKGOkT/464PQsx2UeIzfz1RmEci+KLm1bBaAzZAh8+/E+XAeZ8Q==", + "requires": { + "eslint-visitor-keys": "^1.1.0" + } + }, + "globals": { + "version": "12.4.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-12.4.0.tgz", + "integrity": "sha512-BWICuzzDvDoH54NHKCseDanAhE3CeDorgDL5MT6LMXXj2WCnd9UC2szdk4AWLfjdgNBCXLUanXYcpBBKOSWGwg==", + "requires": { + "type-fest": "^0.8.1" + } + }, + "import-fresh": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.2.1.tgz", + "integrity": "sha512-6e1q1cnWP2RXD9/keSkxHScg508CdXqXWgWBaETNhyuBFz+kUZlKboh+ISK+bU++DmbHimVBrOz/zzPe0sZ3sQ==", + "requires": { + "parent-module": "^1.0.0", + "resolve-from": "^4.0.0" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "regexpp": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-2.0.1.tgz", + "integrity": "sha512-lv0M6+TkDVniA3aD1Eg0DVpfU/booSu7Eev3TDO/mZKHBfVjgCGTV4t4buppESEYDtkArYFOxTJWv6S5C+iaNw==" + }, + "resolve-from": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", + "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==" + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + }, + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "requires": { + "ansi-regex": "^4.1.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "eslint-config-react-app": { + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/eslint-config-react-app/-/eslint-config-react-app-5.2.1.tgz", + "integrity": "sha512-pGIZ8t0mFLcV+6ZirRgYK6RVqUIKRIi9MmgzUEmrIknsn3AdO0I32asO86dJgloHq+9ZPl8UIg8mYrvgP5u2wQ==", + "requires": { + "confusing-browser-globals": "^1.0.9" + } + }, + "eslint-import-resolver-node": { + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/eslint-import-resolver-node/-/eslint-import-resolver-node-0.3.4.tgz", + "integrity": "sha512-ogtf+5AB/O+nM6DIeBUNr2fuT7ot9Qg/1harBfBtaP13ekEWFQEEMP94BCB7zaNW3gyY+8SHYF00rnqYwXKWOA==", + "requires": { + "debug": "^2.6.9", + "resolve": "^1.13.1" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + } + } + }, + "eslint-loader": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/eslint-loader/-/eslint-loader-3.0.3.tgz", + "integrity": "sha512-+YRqB95PnNvxNp1HEjQmvf9KNvCin5HXYYseOXVC2U0KEcw4IkQ2IQEBG46j7+gW39bMzeu0GsUhVbBY3Votpw==", + "requires": { + "fs-extra": "^8.1.0", + "loader-fs-cache": "^1.0.2", + "loader-utils": "^1.2.3", + "object-hash": "^2.0.1", + "schema-utils": "^2.6.1" + } + }, + "eslint-module-utils": { + "version": "2.6.0", + "resolved": "https://registry.npmjs.org/eslint-module-utils/-/eslint-module-utils-2.6.0.tgz", + "integrity": "sha512-6j9xxegbqe8/kZY8cYpcp0xhbK0EgJlg3g9mib3/miLaExuuwc3n5UEfSnU6hWMbT0FAYVvDbL9RrRgpUeQIvA==", + "requires": { + "debug": "^2.6.9", + "pkg-dir": "^2.0.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + }, + "find-up": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-2.1.0.tgz", + "integrity": "sha1-RdG35QbHF93UgndaK3eSCjwMV6c=", + "requires": { + "locate-path": "^2.0.0" + } + }, + "locate-path": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-2.0.0.tgz", + "integrity": "sha1-K1aLJl7slExtnA3pw9u7ygNUzY4=", + "requires": { + "p-locate": "^2.0.0", + "path-exists": "^3.0.0" + } + }, + "p-limit": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-1.3.0.tgz", + "integrity": "sha512-vvcXsLAJ9Dr5rQOPk7toZQZJApBl2K4J6dANSsEuh6QI41JYcsS/qhTGa9ErIUUgK3WNQoJYvylxvjqmiqEA9Q==", + "requires": { + "p-try": "^1.0.0" + } + }, + "p-locate": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-2.0.0.tgz", + "integrity": "sha1-IKAQOyIqcMj9OcwuWAaA893l7EM=", + "requires": { + "p-limit": "^1.1.0" + } + }, + "p-try": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-1.0.0.tgz", + "integrity": "sha1-y8ec26+P1CKOE/Yh8rGiN8GyB7M=" + }, + "path-exists": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz", + "integrity": "sha1-zg6+ql94yxiSXqfYENe1mwEP1RU=" + }, + "pkg-dir": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-2.0.0.tgz", + "integrity": "sha1-9tXREJ4Z1j7fQo4L1X4Sd3YVM0s=", + "requires": { + "find-up": "^2.1.0" + } + } + } + }, + "eslint-plugin-flowtype": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-flowtype/-/eslint-plugin-flowtype-4.6.0.tgz", + "integrity": "sha512-W5hLjpFfZyZsXfo5anlu7HM970JBDqbEshAJUkeczP6BFCIfJXuiIBQXyberLRtOStT0OGPF8efeTbxlHk4LpQ==", + "requires": { + "lodash": "^4.17.15" + } + }, + "eslint-plugin-import": { + "version": "2.20.1", + "resolved": "https://registry.npmjs.org/eslint-plugin-import/-/eslint-plugin-import-2.20.1.tgz", + "integrity": "sha512-qQHgFOTjguR+LnYRoToeZWT62XM55MBVXObHM6SKFd1VzDcX/vqT1kAz8ssqigh5eMj8qXcRoXXGZpPP6RfdCw==", + "requires": { + "array-includes": "^3.0.3", + "array.prototype.flat": "^1.2.1", + "contains-path": "^0.1.0", + "debug": "^2.6.9", + "doctrine": "1.5.0", + "eslint-import-resolver-node": "^0.3.2", + "eslint-module-utils": "^2.4.1", + "has": "^1.0.3", + "minimatch": "^3.0.4", + "object.values": "^1.1.0", + "read-pkg-up": "^2.0.0", + "resolve": "^1.12.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + }, + "doctrine": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-1.5.0.tgz", + "integrity": "sha1-N53Ocw9hZvds76TmcHoVmwLFpvo=", + "requires": { + "esutils": "^2.0.2", + "isarray": "^1.0.0" + } + }, + "find-up": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-2.1.0.tgz", + "integrity": "sha1-RdG35QbHF93UgndaK3eSCjwMV6c=", + "requires": { + "locate-path": "^2.0.0" + } + }, + "load-json-file": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-2.0.0.tgz", + "integrity": "sha1-eUfkIUmvgNaWy/eXvKq8/h/inKg=", + "requires": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "strip-bom": "^3.0.0" + } + }, + "locate-path": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-2.0.0.tgz", + "integrity": "sha1-K1aLJl7slExtnA3pw9u7ygNUzY4=", + "requires": { + "p-locate": "^2.0.0", + "path-exists": "^3.0.0" + } + }, + "p-limit": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-1.3.0.tgz", + "integrity": "sha512-vvcXsLAJ9Dr5rQOPk7toZQZJApBl2K4J6dANSsEuh6QI41JYcsS/qhTGa9ErIUUgK3WNQoJYvylxvjqmiqEA9Q==", + "requires": { + "p-try": "^1.0.0" + } + }, + "p-locate": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-2.0.0.tgz", + "integrity": "sha1-IKAQOyIqcMj9OcwuWAaA893l7EM=", + "requires": { + "p-limit": "^1.1.0" + } + }, + "p-try": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-1.0.0.tgz", + "integrity": "sha1-y8ec26+P1CKOE/Yh8rGiN8GyB7M=" + }, + "path-exists": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz", + "integrity": "sha1-zg6+ql94yxiSXqfYENe1mwEP1RU=" + }, + "path-type": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/path-type/-/path-type-2.0.0.tgz", + "integrity": "sha1-8BLMuEFbcJb8LaoQVMPXI4lZTHM=", + "requires": { + "pify": "^2.0.0" + } + }, + "read-pkg": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-2.0.0.tgz", + "integrity": "sha1-jvHAYjxqbbDcZxPEv6xGMysjaPg=", + "requires": { + "load-json-file": "^2.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^2.0.0" + } + }, + "read-pkg-up": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-2.0.0.tgz", + "integrity": "sha1-a3KoBImE4MQeeVEP1en6mbO1Sb4=", + "requires": { + "find-up": "^2.0.0", + "read-pkg": "^2.0.0" + } + }, + "strip-bom": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz", + "integrity": "sha1-IzTBjpx1n3vdVv3vfprj1YjmjtM=" + } + } + }, + "eslint-plugin-jsx-a11y": { + "version": "6.2.3", + "resolved": "https://registry.npmjs.org/eslint-plugin-jsx-a11y/-/eslint-plugin-jsx-a11y-6.2.3.tgz", + "integrity": "sha512-CawzfGt9w83tyuVekn0GDPU9ytYtxyxyFZ3aSWROmnRRFQFT2BiPJd7jvRdzNDi6oLWaS2asMeYSNMjWTV4eNg==", + "requires": { + "@babel/runtime": "^7.4.5", + "aria-query": "^3.0.0", + "array-includes": "^3.0.3", + "ast-types-flow": "^0.0.7", + "axobject-query": "^2.0.2", + "damerau-levenshtein": "^1.0.4", + "emoji-regex": "^7.0.2", + "has": "^1.0.3", + "jsx-ast-utils": "^2.2.1" + } + }, + "eslint-plugin-react": { + "version": "7.19.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-react/-/eslint-plugin-react-7.19.0.tgz", + "integrity": "sha512-SPT8j72CGuAP+JFbT0sJHOB80TX/pu44gQ4vXH/cq+hQTiY2PuZ6IHkqXJV6x1b28GDdo1lbInjKUrrdUf0LOQ==", + "requires": { + "array-includes": "^3.1.1", + "doctrine": "^2.1.0", + "has": "^1.0.3", + "jsx-ast-utils": "^2.2.3", + "object.entries": "^1.1.1", + "object.fromentries": "^2.0.2", + "object.values": "^1.1.1", + "prop-types": "^15.7.2", + "resolve": "^1.15.1", + "semver": "^6.3.0", + "string.prototype.matchall": "^4.0.2", + "xregexp": "^4.3.0" + }, + "dependencies": { + "doctrine": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-2.1.0.tgz", + "integrity": "sha512-35mSku4ZXK0vfCuHEDAwt55dg2jNajHZ1odvF+8SSr82EsZY4QmXfuWso8oEd8zRhVObSN18aM0CjSdoBX7zIw==", + "requires": { + "esutils": "^2.0.2" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + } + } + }, + "eslint-plugin-react-hooks": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-react-hooks/-/eslint-plugin-react-hooks-1.7.0.tgz", + "integrity": "sha512-iXTCFcOmlWvw4+TOE8CLWj6yX1GwzT0Y6cUfHHZqWnSk144VmVIRcVGtUAzrLES7C798lmvnt02C7rxaOX1HNA==" + }, + "eslint-scope": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.0.tgz", + "integrity": "sha512-iiGRvtxWqgtx5m8EyQUJihBloE4EnYeGE/bz1wSPwJE6tZuJUtHlhqDM4Xj2ukE8Dyy1+HCZ4hE0fzIVMzb58w==", + "requires": { + "esrecurse": "^4.1.0", + "estraverse": "^4.1.1" + } + }, + "eslint-utils": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "integrity": "sha512-w94dQYoauyvlDc43XnGB8lU3Zt713vNChgt4EWwhXAP2XkBvndfxF0AgIqKOOasjPIPzj9JqgwkwbCYD0/V3Zg==", + "requires": { + "eslint-visitor-keys": "^1.1.0" + } + }, + "eslint-visitor-keys": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "integrity": "sha512-6J72N8UNa462wa/KFODt/PJ3IU60SDpC3QXC1Hjc1BXXpfL2C9R5+AU7jhe0F6GREqVMh4Juu+NY7xn+6dipUQ==" + }, + "espree": { + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/espree/-/espree-6.2.1.tgz", + "integrity": "sha512-ysCxRQY3WaXJz9tdbWOwuWr5Y/XrPTGX9Kiz3yoUXwW0VZ4w30HTkQLaGx/+ttFjF8i+ACbArnB4ce68a9m5hw==", + "requires": { + "acorn": "^7.1.1", + "acorn-jsx": "^5.2.0", + "eslint-visitor-keys": "^1.1.0" + } + }, + "esprima": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==" + }, + "esquery": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.3.1.tgz", + "integrity": "sha512-olpvt9QG0vniUBZspVRN6lwB7hOZoTRtT+jzR+tS4ffYx2mzbw+z0XCOk44aaLYKApNX5nMm+E+P6o25ip/DHQ==", + "requires": { + "estraverse": "^5.1.0" + }, + "dependencies": { + "estraverse": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.1.0.tgz", + "integrity": "sha512-FyohXK+R0vE+y1nHLoBM7ZTyqRpqAlhdZHCWIWEviFLiGB8b04H6bQs8G+XTthacvT8VuwvteiP7RJSxMs8UEw==" + } + } + }, + "esrecurse": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.2.1.tgz", + "integrity": "sha512-64RBB++fIOAXPw3P9cy89qfMlvZEXZkqqJkjqqXIvzP5ezRZjW+lPWjw35UX/3EhUPFYbg5ER4JYgDw4007/DQ==", + "requires": { + "estraverse": "^4.1.0" + } + }, + "estraverse": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==" + }, + "esutils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==" + }, + "etag": { + "version": "1.8.1", + "resolved": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz", + "integrity": "sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=" + }, + "eventemitter3": { + "version": "4.0.7", + "resolved": "https://registry.npmjs.org/eventemitter3/-/eventemitter3-4.0.7.tgz", + "integrity": "sha512-8guHBZCwKnFhYdHr2ysuRWErTwhoN2X8XELRlrRwpmfeY2jjuUN4taQMsULKUVo1K4DvZl+0pgfyoysHxvmvEw==" + }, + "events": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/events/-/events-3.2.0.tgz", + "integrity": "sha512-/46HWwbfCX2xTawVfkKLGxMifJYQBWMwY1mjywRtb4c9x8l5NP3KoJtnIOiL1hfdRkIuYhETxQlo62IF8tcnlg==" + }, + "eventsource": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/eventsource/-/eventsource-1.1.0.tgz", + "integrity": "sha512-VSJjT5oCNrFvCS6igjzPAt5hBzQ2qPBFIbJ03zLI9SE0mxwZpMw6BfJrbFHm1a141AavMEB8JHmBhWAd66PfCg==", + "requires": { + "original": "^1.0.0" + } + }, + "evp_bytestokey": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/evp_bytestokey/-/evp_bytestokey-1.0.3.tgz", + "integrity": "sha512-/f2Go4TognH/KvCISP7OUsHn85hT9nUkxxA9BEWxFn+Oj9o8ZNLm/40hdlgSLyuOimsrTKLUMEorQexp/aPQeA==", + "requires": { + "md5.js": "^1.3.4", + "safe-buffer": "^5.1.1" + } + }, + "exec-sh": { + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/exec-sh/-/exec-sh-0.3.4.tgz", + "integrity": "sha512-sEFIkc61v75sWeOe72qyrqg2Qg0OuLESziUDk/O/z2qgS15y2gWVFrI6f2Qn/qw/0/NCfCEsmNA4zOjkwEZT1A==" + }, + "execa": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz", + "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==", + "requires": { + "cross-spawn": "^6.0.0", + "get-stream": "^4.0.0", + "is-stream": "^1.1.0", + "npm-run-path": "^2.0.0", + "p-finally": "^1.0.0", + "signal-exit": "^3.0.0", + "strip-eof": "^1.0.0" + }, + "dependencies": { + "cross-spawn": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", + "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", + "requires": { + "nice-try": "^1.0.4", + "path-key": "^2.0.1", + "semver": "^5.5.0", + "shebang-command": "^1.2.0", + "which": "^1.2.9" + } + } + } + }, + "exit": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=" + }, + "expand-brackets": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/expand-brackets/-/expand-brackets-2.1.4.tgz", + "integrity": "sha1-t3c14xXOMPa27/D4OwQVGiJEliI=", + "requires": { + "debug": "^2.3.3", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "posix-character-classes": "^0.1.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "expect": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/expect/-/expect-24.9.0.tgz", + "integrity": "sha512-wvVAx8XIol3Z5m9zvZXiyZOQ+sRJqNTIm6sGjdWlaZIeupQGO3WbYI+15D/AmEwZywL6wtJkbAbJtzkOfBuR0Q==", + "requires": { + "@jest/types": "^24.9.0", + "ansi-styles": "^3.2.0", + "jest-get-type": "^24.9.0", + "jest-matcher-utils": "^24.9.0", + "jest-message-util": "^24.9.0", + "jest-regex-util": "^24.9.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + } + } + }, + "express": { + "version": "4.17.1", + "resolved": "https://registry.npmjs.org/express/-/express-4.17.1.tgz", + "integrity": "sha512-mHJ9O79RqluphRrcw2X/GTh3k9tVv8YcoyY4Kkh4WDMUYKRZUq0h1o0w2rrrxBqM7VoeUVqgb27xlEMXTnYt4g==", + "requires": { + "accepts": "~1.3.7", + "array-flatten": "1.1.1", + "body-parser": "1.19.0", + "content-disposition": "0.5.3", + "content-type": "~1.0.4", + "cookie": "0.4.0", + "cookie-signature": "1.0.6", + "debug": "2.6.9", + "depd": "~1.1.2", + "encodeurl": "~1.0.2", + "escape-html": "~1.0.3", + "etag": "~1.8.1", + "finalhandler": "~1.1.2", + "fresh": "0.5.2", + "merge-descriptors": "1.0.1", + "methods": "~1.1.2", + "on-finished": "~2.3.0", + "parseurl": "~1.3.3", + "path-to-regexp": "0.1.7", + "proxy-addr": "~2.0.5", + "qs": "6.7.0", + "range-parser": "~1.2.1", + "safe-buffer": "5.1.2", + "send": "0.17.1", + "serve-static": "1.14.1", + "setprototypeof": "1.1.1", + "statuses": "~1.5.0", + "type-is": "~1.6.18", + "utils-merge": "1.0.1", + "vary": "~1.1.2" + }, + "dependencies": { + "array-flatten": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", + "integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI=" + }, + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + }, + "path-to-regexp": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", + "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=" + }, + "qs": { + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.7.0.tgz", + "integrity": "sha512-VCdBRNFTX1fyE7Nb6FYoURo/SPe62QCaAyzJvUjwRaIsc+NePBEniHlvxFmmX56+HZphIGtV0XeCirBtpDrTyQ==" + } + } + }, + "ext": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/ext/-/ext-1.4.0.tgz", + "integrity": "sha512-Key5NIsUxdqKg3vIsdw9dSuXpPCQ297y6wBjL30edxwPgt2E44WcWBZey/ZvUc6sERLTxKdyCu4gZFmUbk1Q7A==", + "requires": { + "type": "^2.0.0" + }, + "dependencies": { + "type": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/type/-/type-2.5.0.tgz", + "integrity": "sha512-180WMDQaIMm3+7hGXWf12GtdniDEy7nYcyFMKJn/eZz/6tSLXrUN9V0wKSbMjej0I1WHWbpREDEKHtqPQa9NNw==" + } + } + }, + "extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" + }, + "extend-shallow": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz", + "integrity": "sha1-Jqcarwc7OfshJxcnRhMcJwQCjbg=", + "requires": { + "assign-symbols": "^1.0.0", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "external-editor": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/external-editor/-/external-editor-3.1.0.tgz", + "integrity": "sha512-hMQ4CX1p1izmuLYyZqLMO/qGNw10wSv9QDCPfzXfyFrOaCSSoRfqE1Kf1s5an66J5JZC62NewG+mK49jOCtQew==", + "requires": { + "chardet": "^0.7.0", + "iconv-lite": "^0.4.24", + "tmp": "^0.0.33" + } + }, + "extglob": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/extglob/-/extglob-2.0.4.tgz", + "integrity": "sha512-Nmb6QXkELsuBr24CJSkilo6UHHgbekK5UiZgfE6UHD3Eb27YC6oD+bhcT+tJ6cl8dmsgdQxnWlcry8ksBIBLpw==", + "requires": { + "array-unique": "^0.3.2", + "define-property": "^1.0.0", + "expand-brackets": "^2.1.4", + "extend-shallow": "^2.0.1", + "fragment-cache": "^0.2.1", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "requires": { + "is-extendable": "^0.1.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + }, + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==" + } + } + }, + "extsprintf": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", + "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" + }, + "fast-deep-equal": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", + "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" + }, + "fast-glob": { + "version": "2.2.7", + "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-2.2.7.tgz", + "integrity": "sha512-g1KuQwHOZAmOZMuBtHdxDtju+T2RT8jgCC9aANsbpdiDDTSnjgfuVsIBNKbUeJI3oKMRExcfNDtJl4OhbffMsw==", + "requires": { + "@mrmlnc/readdir-enhanced": "^2.2.1", + "@nodelib/fs.stat": "^1.1.2", + "glob-parent": "^3.1.0", + "is-glob": "^4.0.0", + "merge2": "^1.2.3", + "micromatch": "^3.1.10" + }, + "dependencies": { + "glob-parent": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz", + "integrity": "sha1-nmr2KZ2NO9K9QEMIMr0RPfkGxa4=", + "requires": { + "is-glob": "^3.1.0", + "path-dirname": "^1.0.0" + }, + "dependencies": { + "is-glob": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-3.1.0.tgz", + "integrity": "sha1-e6WuJCF4BKxwcHuWkiVnSGzD6Eo=", + "requires": { + "is-extglob": "^2.1.0" + } + } + } + } + } + }, + "fast-json-stable-stringify": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + }, + "fast-levenshtein": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=" + }, + "faye-websocket": { + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/faye-websocket/-/faye-websocket-0.10.0.tgz", + "integrity": "sha1-TkkvjQTftviQA1B/btvy1QHnxvQ=", + "requires": { + "websocket-driver": ">=0.5.1" + } + }, + "fb-watchman": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", + "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", + "requires": { + "bser": "2.1.1" + } + }, + "figgy-pudding": { + "version": "3.5.2", + "resolved": "https://registry.npmjs.org/figgy-pudding/-/figgy-pudding-3.5.2.tgz", + "integrity": "sha512-0btnI/H8f2pavGMN8w40mlSKOfTK2SVJmBfBeVIj3kNw0swwgzyRq0d5TJVOwodFmtvpPeWPN/MCcfuWF0Ezbw==" + }, + "figures": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/figures/-/figures-3.2.0.tgz", + "integrity": "sha512-yaduQFRKLXYOGgEn6AZau90j3ggSOyiqXU0F9JZfeXYhNa+Jk4X+s45A2zg5jns87GAFa34BBm2kXw4XpNcbdg==", + "requires": { + "escape-string-regexp": "^1.0.5" + } + }, + "file-entry-cache": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-5.0.1.tgz", + "integrity": "sha512-bCg29ictuBaKUwwArK4ouCaqDgLZcysCFLmM/Yn/FDoqndh/9vNuQfXRDvTuXKLxfD/JtZQGKFT8MGcJBK644g==", + "requires": { + "flat-cache": "^2.0.1" + } + }, + "file-loader": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/file-loader/-/file-loader-4.3.0.tgz", + "integrity": "sha512-aKrYPYjF1yG3oX0kWRrqrSMfgftm7oJW5M+m4owoldH5C51C0RkIwB++JbRvEW3IU6/ZG5n8UvEcdgwOt2UOWA==", + "requires": { + "loader-utils": "^1.2.3", + "schema-utils": "^2.5.0" + } + }, + "file-uri-to-path": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz", + "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==", + "optional": true + }, + "filesize": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/filesize/-/filesize-6.0.1.tgz", + "integrity": "sha512-u4AYWPgbI5GBhs6id1KdImZWn5yfyFrrQ8OWZdN7ZMfA8Bf4HcO0BGo9bmUIEV8yrp8I1xVfJ/dn90GtFNNJcg==" + }, + "fill-range": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz", + "integrity": "sha1-1USBHUKPmOsGpj3EAtJAPDKMOPc=", + "requires": { + "extend-shallow": "^2.0.1", + "is-number": "^3.0.0", + "repeat-string": "^1.6.1", + "to-regex-range": "^2.1.0" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "finalhandler": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.2.tgz", + "integrity": "sha512-aAWcW57uxVNrQZqFXjITpW3sIUQmHGG3qSb9mUah9MgMC4NeWhNOlNjXEYq3HjRAvL6arUviZGGJsBg6z0zsWA==", + "requires": { + "debug": "2.6.9", + "encodeurl": "~1.0.2", + "escape-html": "~1.0.3", + "on-finished": "~2.3.0", + "parseurl": "~1.3.3", + "statuses": "~1.5.0", + "unpipe": "~1.0.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + } + } + }, + "find-cache-dir": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/find-cache-dir/-/find-cache-dir-2.1.0.tgz", + "integrity": "sha512-Tq6PixE0w/VMFfCgbONnkiQIVol/JJL7nRMi20fqzA4NRs9AfeqMGeRdPi3wIhYkxjeBaWh2rxwapn5Tu3IqOQ==", + "requires": { + "commondir": "^1.0.1", + "make-dir": "^2.0.0", + "pkg-dir": "^3.0.0" + } + }, + "find-up": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.2.tgz", + "integrity": "sha1-ay6YIrGizgpgq2TWEOzK1TyyTQ8=", + "requires": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + } + }, + "flat-cache": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-2.0.1.tgz", + "integrity": "sha512-LoQe6yDuUMDzQAEH8sgmh4Md6oZnc/7PjtwjNFSzveXqSHt6ka9fPBuso7IGf9Rz4uqnSnWiFH2B/zj24a5ReA==", + "requires": { + "flatted": "^2.0.0", + "rimraf": "2.6.3", + "write": "1.0.3" + }, + "dependencies": { + "rimraf": { + "version": "2.6.3", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz", + "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==", + "requires": { + "glob": "^7.1.3" + } + } + } + }, + "flatted": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-2.0.2.tgz", + "integrity": "sha512-r5wGx7YeOwNWNlCA0wQ86zKyDLMQr+/RB8xy74M4hTphfmjlijTSSXGuH8rnvKZnfT9i+75zmd8jcKdMR4O6jA==" + }, + "flatten": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/flatten/-/flatten-1.0.3.tgz", + "integrity": "sha512-dVsPA/UwQ8+2uoFe5GHtiBMu48dWLTdsuEd7CKGlZlD78r1TTWBvDuFaFGKCo/ZfEr95Uk56vZoX86OsHkUeIg==" + }, + "flush-write-stream": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/flush-write-stream/-/flush-write-stream-1.1.1.tgz", + "integrity": "sha512-3Z4XhFZ3992uIq0XOqb9AreonueSYphE6oYbpt5+3u06JWklbsPkNv3ZKkP9Bz/r+1MWCaMoSQ28P85+1Yc77w==", + "requires": { + "inherits": "^2.0.3", + "readable-stream": "^2.3.6" + } + }, + "follow-redirects": { + "version": "1.5.10", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz", + "integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==", + "requires": { + "debug": "=3.1.0" + } + }, + "for-in": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz", + "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA=" + }, + "for-own": { + "version": "0.1.5", + "resolved": "https://registry.npmjs.org/for-own/-/for-own-0.1.5.tgz", + "integrity": "sha1-UmXGgaTylNq78XyVCbZ2OqhFEM4=", + "requires": { + "for-in": "^1.0.1" + } + }, + "forever-agent": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", + "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" + }, + "fork-ts-checker-webpack-plugin": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/fork-ts-checker-webpack-plugin/-/fork-ts-checker-webpack-plugin-3.1.1.tgz", + "integrity": "sha512-DuVkPNrM12jR41KM2e+N+styka0EgLkTnXmNcXdgOM37vtGeY+oCBK/Jx0hzSeEU6memFCtWb4htrHPMDfwwUQ==", + "requires": { + "babel-code-frame": "^6.22.0", + "chalk": "^2.4.1", + "chokidar": "^3.3.0", + "micromatch": "^3.1.10", + "minimatch": "^3.0.4", + "semver": "^5.6.0", + "tapable": "^1.0.0", + "worker-rpc": "^0.1.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "form-data": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", + "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.6", + "mime-types": "^2.1.12" + } + }, + "forwarded": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz", + "integrity": "sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ=" + }, + "fragment-cache": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/fragment-cache/-/fragment-cache-0.2.1.tgz", + "integrity": "sha1-QpD60n8T6Jvn8zeZxrxaCr//DRk=", + "requires": { + "map-cache": "^0.2.2" + } + }, + "fresh": { + "version": "0.5.2", + "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", + "integrity": "sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac=" + }, + "from2": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/from2/-/from2-2.3.0.tgz", + "integrity": "sha1-i/tVAr3kpNNs/e6gB/zKIdfjgq8=", + "requires": { + "inherits": "^2.0.1", + "readable-stream": "^2.0.0" + } + }, + "fs-extra": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz", + "integrity": "sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==", + "requires": { + "graceful-fs": "^4.2.0", + "jsonfile": "^4.0.0", + "universalify": "^0.1.0" + } + }, + "fs-minipass": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", + "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", + "requires": { + "minipass": "^3.0.0" + } + }, + "fs-write-stream-atomic": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/fs-write-stream-atomic/-/fs-write-stream-atomic-1.0.10.tgz", + "integrity": "sha1-tH31NJPvkR33VzHnCp3tAYnbQMk=", + "requires": { + "graceful-fs": "^4.1.2", + "iferr": "^0.1.5", + "imurmurhash": "^0.1.4", + "readable-stream": "1 || 2" + } + }, + "fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" + }, + "fsevents": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.1.2.tgz", + "integrity": "sha512-R4wDiBwZ0KzpgOWetKDug1FZcYhqYnUYKtfZYt4mD5SBz76q0KR4Q9o7GIPamsVPGmW3EYPPJ0dOOjvx32ldZA==", + "optional": true + }, + "fstream": { + "version": "1.0.12", + "resolved": "https://registry.npmjs.org/fstream/-/fstream-1.0.12.tgz", + "integrity": "sha512-WvJ193OHa0GHPEL+AycEJgxvBEwyfRkN1vhjca23OaPVMCaLCXTd5qAu82AjTcgP1UJmytkOKb63Ypde7raDIg==", + "requires": { + "graceful-fs": "^4.1.2", + "inherits": "~2.0.0", + "mkdirp": ">=0.5 0", + "rimraf": "2" + } + }, + "function-bind": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", + "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" + }, + "functional-red-black-tree": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", + "integrity": "sha1-GwqzvVU7Kg1jmdKcDj6gslIHgyc=" + }, + "gauge": { + "version": "2.7.4", + "resolved": "https://registry.npmjs.org/gauge/-/gauge-2.7.4.tgz", + "integrity": "sha1-LANAXHU4w51+s3sxcCLjJfsBi/c=", + "requires": { + "aproba": "^1.0.3", + "console-control-strings": "^1.0.0", + "has-unicode": "^2.0.0", + "object-assign": "^4.1.0", + "signal-exit": "^3.0.0", + "string-width": "^1.0.1", + "strip-ansi": "^3.0.1", + "wide-align": "^1.1.0" + } + }, + "gaze": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/gaze/-/gaze-1.1.3.tgz", + "integrity": "sha512-BRdNm8hbWzFzWHERTrejLqwHDfS4GibPoq5wjTPIoJHoBtKGPg3xAFfxmM+9ztbXelxcf2hwQcaz1PtmFeue8g==", + "requires": { + "globule": "^1.0.0" + } + }, + "gensync": { + "version": "1.0.0-beta.1", + "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.1.tgz", + "integrity": "sha512-r8EC6NO1sngH/zdD9fiRDLdcgnbayXah+mLgManTaIZJqEC1MZstmnox8KpnI2/fxQwrp5OpCOYWLp4rBl4Jcg==" + }, + "get-caller-file": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==" + }, + "get-intrinsic": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.1.1.tgz", + "integrity": "sha512-kWZrnVM42QCiEA2Ig1bG8zjoIMOgxWwYCEeNdwY6Tv/cOSeGpcoX4pXHfKUxNKVoArnrEr2e9srnAxxGIraS9Q==", + "requires": { + "function-bind": "^1.1.1", + "has": "^1.0.3", + "has-symbols": "^1.0.1" + } + }, + "get-own-enumerable-property-symbols": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/get-own-enumerable-property-symbols/-/get-own-enumerable-property-symbols-3.0.2.tgz", + "integrity": "sha512-I0UBV/XOz1XkIJHEUDMZAbzCThU/H8DxmSfmdGcKPnVhu2VfFqr34jr9777IyaTYvxjedWhqVIilEDsCdP5G6g==" + }, + "get-stdin": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/get-stdin/-/get-stdin-4.0.1.tgz", + "integrity": "sha1-uWjGsKBDhDJJAui/Gl3zJXmkUP4=" + }, + "get-stream": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz", + "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==", + "requires": { + "pump": "^3.0.0" + } + }, + "get-value": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/get-value/-/get-value-2.0.6.tgz", + "integrity": "sha1-3BXKHGcjh8p2vTesCjlbogQqLCg=" + }, + "getpass": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", + "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "requires": { + "assert-plus": "^1.0.0" + } + }, + "glob": { + "version": "7.1.6", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", + "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "glob-parent": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", + "requires": { + "is-glob": "^4.0.1" + } + }, + "glob-to-regexp": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/glob-to-regexp/-/glob-to-regexp-0.3.0.tgz", + "integrity": "sha1-jFoUlNIGbFcMw7/kSWF1rMTVAqs=" + }, + "global-modules": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/global-modules/-/global-modules-2.0.0.tgz", + "integrity": "sha512-NGbfmJBp9x8IxyJSd1P+otYK8vonoJactOogrVfFRIAEY1ukil8RSKDz2Yo7wh1oihl51l/r6W4epkeKJHqL8A==", + "requires": { + "global-prefix": "^3.0.0" + } + }, + "global-prefix": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/global-prefix/-/global-prefix-3.0.0.tgz", + "integrity": "sha512-awConJSVCHVGND6x3tmMaKcQvwXLhjdkmomy2W+Goaui8YPgYgXJZewhg3fWC+DlfqqQuWg8AwqjGTD2nAPVWg==", + "requires": { + "ini": "^1.3.5", + "kind-of": "^6.0.2", + "which": "^1.3.1" + }, + "dependencies": { + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==" + } + } + }, + "globals": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==" + }, + "globby": { + "version": "8.0.2", + "resolved": "https://registry.npmjs.org/globby/-/globby-8.0.2.tgz", + "integrity": "sha512-yTzMmKygLp8RUpG1Ymu2VXPSJQZjNAZPD4ywgYEaG7e4tBJeUQBO8OpXrf1RCNcEs5alsoJYPAMiIHP0cmeC7w==", + "requires": { + "array-union": "^1.0.1", + "dir-glob": "2.0.0", + "fast-glob": "^2.0.2", + "glob": "^7.1.2", + "ignore": "^3.3.5", + "pify": "^3.0.0", + "slash": "^1.0.0" + }, + "dependencies": { + "ignore": { + "version": "3.3.10", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-3.3.10.tgz", + "integrity": "sha512-Pgs951kaMm5GXP7MOvxERINe3gsaVjUWFm+UZPSq9xYriQAksyhg0csnS0KXSNRD5NmNdapXEpjxG49+AKh/ug==" + }, + "pify": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", + "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=" + }, + "slash": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-1.0.0.tgz", + "integrity": "sha1-xB8vbDn8FtHNF61LXYlhFK5HDVU=" + } + } + }, + "globule": { + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/globule/-/globule-1.3.3.tgz", + "integrity": "sha512-mb1aYtDbIjTu4ShMB85m3UzjX9BVKe9WCzsnfMSZk+K5GpIbBOexgg4PPCt5eHDEG5/ZQAUX2Kct02zfiPLsKg==", + "requires": { + "glob": "~7.1.1", + "lodash": "~4.17.10", + "minimatch": "~3.0.2" + } + }, + "graceful-fs": { + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz", + "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==" + }, + "growly": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/growly/-/growly-1.3.0.tgz", + "integrity": "sha1-8QdIy+dq+WS3yWyTxrzCivEgwIE=" + }, + "gud": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/gud/-/gud-1.0.0.tgz", + "integrity": "sha512-zGEOVKFM5sVPPrYs7J5/hYEw2Pof8KCyOwyhG8sAF26mCAeUFAcYPu1mwB7hhpIP29zOIBaDqwuHdLp0jvZXjw==" + }, + "gzip-size": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/gzip-size/-/gzip-size-5.1.1.tgz", + "integrity": "sha512-FNHi6mmoHvs1mxZAds4PpdCS6QG8B4C1krxJsMutgxl5t3+GlRTzzI3NEkifXx2pVsOvJdOGSmIgDhQ55FwdPA==", + "requires": { + "duplexer": "^0.1.1", + "pify": "^4.0.1" + }, + "dependencies": { + "pify": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pify/-/pify-4.0.1.tgz", + "integrity": "sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==" + } + } + }, + "handle-thing": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/handle-thing/-/handle-thing-2.0.1.tgz", + "integrity": "sha512-9Qn4yBxelxoh2Ow62nP+Ka/kMnOXRi8BXnRaUwezLNhqelnN49xKz4F/dPP8OYLxLxq6JDtZb2i9XznUQbNPTg==" + }, + "har-schema": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", + "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" + }, + "har-validator": { + "version": "5.1.5", + "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", + "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", + "requires": { + "ajv": "^6.12.3", + "har-schema": "^2.0.0" + } + }, + "harmony-reflect": { + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/harmony-reflect/-/harmony-reflect-1.6.1.tgz", + "integrity": "sha512-WJTeyp0JzGtHcuMsi7rw2VwtkvLa+JyfEKJCFyfcS0+CDkjQ5lHPu7zEhFZP+PDSRrEgXa5Ah0l1MbgbE41XjA==" + }, + "has": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", + "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", + "requires": { + "function-bind": "^1.1.1" + } + }, + "has-ansi": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz", + "integrity": "sha1-NPUEnOHs3ysGSa8+8k5F7TVBbZE=", + "requires": { + "ansi-regex": "^2.0.0" + } + }, + "has-flag": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=" + }, + "has-symbols": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.1.tgz", + "integrity": "sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg==" + }, + "has-unicode": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/has-unicode/-/has-unicode-2.0.1.tgz", + "integrity": "sha1-4Ob+aijPUROIVeCG0Wkedx3iqLk=" + }, + "has-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz", + "integrity": "sha1-GLKB2lhbHFxR3vJMkw7SmgvmsXc=", + "requires": { + "get-value": "^2.0.6", + "has-values": "^1.0.0", + "isobject": "^3.0.0" + } + }, + "has-values": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-1.0.0.tgz", + "integrity": "sha1-lbC2P+whRmGab+V/51Yo1aOe/k8=", + "requires": { + "is-number": "^3.0.0", + "kind-of": "^4.0.0" + }, + "dependencies": { + "is-buffer": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==" + }, + "kind-of": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-4.0.0.tgz", + "integrity": "sha1-IIE989cSkosgc3hpGkUGb65y3Vc=", + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "hash-base": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/hash-base/-/hash-base-3.1.0.tgz", + "integrity": "sha512-1nmYp/rhMDiE7AYkDw+lLwlAzz0AntGIe51F3RfFfEqyQ3feY2eI/NcwC6umIQVOASPMsWJLJScWKSSvzL9IVA==", + "requires": { + "inherits": "^2.0.4", + "readable-stream": "^3.6.0", + "safe-buffer": "^5.2.0" + }, + "dependencies": { + "readable-stream": { + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz", + "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==", + "requires": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + } + }, + "safe-buffer": { + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" + } + } + }, + "hash.js": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.7.tgz", + "integrity": "sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==", + "requires": { + "inherits": "^2.0.3", + "minimalistic-assert": "^1.0.1" + } + }, + "he": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", + "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==" + }, + "hex-color-regex": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/hex-color-regex/-/hex-color-regex-1.1.0.tgz", + "integrity": "sha512-l9sfDFsuqtOqKDsQdqrMRk0U85RZc0RtOR9yPI7mRVOa4FsR/BVnZ0shmQRM96Ji99kYZP/7hn1cedc1+ApsTQ==" + }, + "history": { + "version": "4.10.1", + "resolved": "https://registry.npmjs.org/history/-/history-4.10.1.tgz", + "integrity": "sha512-36nwAD620w12kuzPAsyINPWJqlNbij+hpK1k9XRloDtym8mxzGYl2c17LnV6IAGB2Dmg4tEa7G7DlawS0+qjew==", + "requires": { + "@babel/runtime": "^7.1.2", + "loose-envify": "^1.2.0", + "resolve-pathname": "^3.0.0", + "tiny-invariant": "^1.0.2", + "tiny-warning": "^1.0.0", + "value-equal": "^1.0.1" + } + }, + "hmac-drbg": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/hmac-drbg/-/hmac-drbg-1.0.1.tgz", + "integrity": "sha1-0nRXAQJabHdabFRXk+1QL8DGSaE=", + "requires": { + "hash.js": "^1.0.3", + "minimalistic-assert": "^1.0.0", + "minimalistic-crypto-utils": "^1.0.1" + } + }, + "hoist-non-react-statics": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/hoist-non-react-statics/-/hoist-non-react-statics-3.3.0.tgz", + "integrity": "sha512-0XsbTXxgiaCDYDIWFcwkmerZPSwywfUqYmwT4jzewKTQSWoE6FCMoUVOeBJWK3E/CrWbxRG3m5GzY4lnIwGRBA==", + "requires": { + "react-is": "^16.7.0" + } + }, + "hosted-git-info": { + "version": "2.8.9", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz", + "integrity": "sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw==" + }, + "hpack.js": { + "version": "2.1.6", + "resolved": "https://registry.npmjs.org/hpack.js/-/hpack.js-2.1.6.tgz", + "integrity": "sha1-h3dMCUnlE/QuhFdbPEVoH63ioLI=", + "requires": { + "inherits": "^2.0.1", + "obuf": "^1.0.0", + "readable-stream": "^2.0.1", + "wbuf": "^1.1.0" + } + }, + "hsl-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/hsl-regex/-/hsl-regex-1.0.0.tgz", + "integrity": "sha1-1JMwx4ntgZ4nakwNJy3/owsY/m4=" + }, + "hsla-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/hsla-regex/-/hsla-regex-1.0.0.tgz", + "integrity": "sha1-wc56MWjIxmFAM6S194d/OyJfnDg=" + }, + "html-comment-regex": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/html-comment-regex/-/html-comment-regex-1.1.2.tgz", + "integrity": "sha512-P+M65QY2JQ5Y0G9KKdlDpo0zK+/OHptU5AaBwUfAIDJZk1MYf32Frm84EcOytfJE0t5JvkAnKlmjsXDnWzCJmQ==" + }, + "html-encoding-sniffer": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-1.0.2.tgz", + "integrity": "sha512-71lZziiDnsuabfdYiUeWdCVyKuqwWi23L8YeIgV9jSSZHCtb6wB1BKWooH7L3tn4/FuZJMVWyNaIDr4RGmaSYw==", + "requires": { + "whatwg-encoding": "^1.0.1" + } + }, + "html-entities": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/html-entities/-/html-entities-1.4.0.tgz", + "integrity": "sha512-8nxjcBcd8wovbeKx7h3wTji4e6+rhaVuPNpMqwWgnHh+N9ToqsCs6XztWRBPQ+UtzsoMAdKZtUENoVzU/EMtZA==" + }, + "html-escaper": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==" + }, + "html-minifier-terser": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/html-minifier-terser/-/html-minifier-terser-5.1.1.tgz", + "integrity": "sha512-ZPr5MNObqnV/T9akshPKbVgyOqLmy+Bxo7juKCfTfnjNniTAMdy4hz21YQqoofMBJD2kdREaqPPdThoR78Tgxg==", + "requires": { + "camel-case": "^4.1.1", + "clean-css": "^4.2.3", + "commander": "^4.1.1", + "he": "^1.2.0", + "param-case": "^3.0.3", + "relateurl": "^0.2.7", + "terser": "^4.6.3" + }, + "dependencies": { + "commander": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/commander/-/commander-4.1.1.tgz", + "integrity": "sha512-NOKm8xhkzAjzFx8B2v5OAHT+u5pRQc2UCa2Vq9jYL/31o2wi9mxBA7LIFs3sV5VSC49z6pEhfbMULvShKj26WA==" + } + } + }, + "html-webpack-plugin": { + "version": "4.0.0-beta.11", + "resolved": "https://registry.npmjs.org/html-webpack-plugin/-/html-webpack-plugin-4.0.0-beta.11.tgz", + "integrity": "sha512-4Xzepf0qWxf8CGg7/WQM5qBB2Lc/NFI7MhU59eUDTkuQp3skZczH4UA1d6oQyDEIoMDgERVhRyTdtUPZ5s5HBg==", + "requires": { + "html-minifier-terser": "^5.0.1", + "loader-utils": "^1.2.3", + "lodash": "^4.17.15", + "pretty-error": "^2.1.1", + "tapable": "^1.1.3", + "util.promisify": "1.0.0" + }, + "dependencies": { + "util.promisify": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/util.promisify/-/util.promisify-1.0.0.tgz", + "integrity": "sha512-i+6qA2MPhvoKLuxnJNpXAGhg7HphQOSUq2LKMZD0m15EiskXUkMvKdF4Uui0WYeCUGea+o2cw/ZuwehtfsrNkA==", + "requires": { + "define-properties": "^1.1.2", + "object.getownpropertydescriptors": "^2.0.3" + } + } + } + }, + "htmlparser2": { + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-3.10.1.tgz", + "integrity": "sha512-IgieNijUMbkDovyoKObU1DUhm1iwNYE/fuifEoEHfd1oZKZDaONBSkal7Y01shxsM49R4XaMdGez3WnF9UfiCQ==", + "requires": { + "domelementtype": "^1.3.1", + "domhandler": "^2.3.0", + "domutils": "^1.5.1", + "entities": "^1.1.1", + "inherits": "^2.0.1", + "readable-stream": "^3.1.1" + }, + "dependencies": { + "entities": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/entities/-/entities-1.1.2.tgz", + "integrity": "sha512-f2LZMYl1Fzu7YSBKg+RoROelpOaNrcGmE9AZubeDfrCEia483oW4MI4VyFd5VNHIgQ/7qm1I0wUHK1eJnn2y2w==" + }, + "readable-stream": { + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz", + "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==", + "requires": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + } + } + } + }, + "http-deceiver": { + "version": "1.2.7", + "resolved": "https://registry.npmjs.org/http-deceiver/-/http-deceiver-1.2.7.tgz", + "integrity": "sha1-+nFolEq5pRnTN8sL7HKE3D5yPYc=" + }, + "http-errors": { + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.2.tgz", + "integrity": "sha512-uUQBt3H/cSIVfch6i1EuPNy/YsRSOUBXTVfZ+yR7Zjez3qjBz6i9+i4zjNaoqcoFVI4lQJ5plg63TvGfRSDCRg==", + "requires": { + "depd": "~1.1.2", + "inherits": "2.0.3", + "setprototypeof": "1.1.1", + "statuses": ">= 1.5.0 < 2", + "toidentifier": "1.0.0" + }, + "dependencies": { + "inherits": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", + "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=" + } + } + }, + "http-proxy": { + "version": "1.18.1", + "resolved": "https://registry.npmjs.org/http-proxy/-/http-proxy-1.18.1.tgz", + "integrity": "sha512-7mz/721AbnJwIVbnaSv1Cz3Am0ZLT/UBwkC92VlxhXv/k/BBQfM2fXElQNC27BVGr0uwUpplYPQM9LnaBMR5NQ==", + "requires": { + "eventemitter3": "^4.0.0", + "follow-redirects": "^1.0.0", + "requires-port": "^1.0.0" + } + }, + "http-proxy-middleware": { + "version": "0.19.1", + "resolved": "https://registry.npmjs.org/http-proxy-middleware/-/http-proxy-middleware-0.19.1.tgz", + "integrity": "sha512-yHYTgWMQO8VvwNS22eLLloAkvungsKdKTLO8AJlftYIKNfJr3GK3zK0ZCfzDDGUBttdGc8xFy1mCitvNKQtC3Q==", + "requires": { + "http-proxy": "^1.17.0", + "is-glob": "^4.0.0", + "lodash": "^4.17.11", + "micromatch": "^3.1.10" + } + }, + "http-signature": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", + "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "requires": { + "assert-plus": "^1.0.0", + "jsprim": "^1.2.2", + "sshpk": "^1.7.0" + } + }, + "https-browserify": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/https-browserify/-/https-browserify-1.0.0.tgz", + "integrity": "sha1-7AbBDgo0wPL68Zn3/X/Hj//QPHM=" + }, + "iconv-lite": { + "version": "0.4.24", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "requires": { + "safer-buffer": ">= 2.1.2 < 3" + } + }, + "icss-utils": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/icss-utils/-/icss-utils-4.1.1.tgz", + "integrity": "sha512-4aFq7wvWyMHKgxsH8QQtGpvbASCf+eM3wPRLI6R+MgAnTCZ6STYsRvttLvRWK0Nfif5piF394St3HeJDaljGPA==", + "requires": { + "postcss": "^7.0.14" + } + }, + "identity-obj-proxy": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/identity-obj-proxy/-/identity-obj-proxy-3.0.0.tgz", + "integrity": "sha1-lNK9qWCERT7zb7xarsN+D3nx/BQ=", + "requires": { + "harmony-reflect": "^1.4.6" + } + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "integrity": "sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==" + }, + "iferr": { + "version": "0.1.5", + "resolved": "https://registry.npmjs.org/iferr/-/iferr-0.1.5.tgz", + "integrity": "sha1-xg7taebY/bazEEofy8ocGS3FtQE=" + }, + "ignore": { + "version": "4.0.6", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "integrity": "sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==" + }, + "immer": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/immer/-/immer-1.10.0.tgz", + "integrity": "sha512-O3sR1/opvCDGLEVcvrGTMtLac8GJ5IwZC4puPrLuRj3l7ICKvkmA0vGuU9OW8mV9WIBRnaxp5GJh9IEAaNOoYg==" + }, + "import-cwd": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/import-cwd/-/import-cwd-2.1.0.tgz", + "integrity": "sha1-qmzzbnInYShcs3HsZRn1PiQ1sKk=", + "requires": { + "import-from": "^2.1.0" + } + }, + "import-fresh": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-2.0.0.tgz", + "integrity": "sha1-2BNVwVYS04bGH53dOSLUMEgipUY=", + "requires": { + "caller-path": "^2.0.0", + "resolve-from": "^3.0.0" + } + }, + "import-from": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/import-from/-/import-from-2.1.0.tgz", + "integrity": "sha1-M1238qev/VOqpHHUuAId7ja387E=", + "requires": { + "resolve-from": "^3.0.0" + } + }, + "import-local": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/import-local/-/import-local-2.0.0.tgz", + "integrity": "sha512-b6s04m3O+s3CGSbqDIyP4R6aAwAeYlVq9+WUWep6iHa8ETRf9yei1U48C5MmfJmV9AiLYYBKPMq/W+/WRpQmCQ==", + "requires": { + "pkg-dir": "^3.0.0", + "resolve-cwd": "^2.0.0" + } + }, + "imurmurhash": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=" + }, + "in-publish": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/in-publish/-/in-publish-2.0.1.tgz", + "integrity": "sha512-oDM0kUSNFC31ShNxHKUyfZKy8ZeXZBWMjMdZHKLOk13uvT27VTL/QzRGfRUcevJhpkZAvlhPYuXkF7eNWrtyxQ==" + }, + "indent-string": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-2.1.0.tgz", + "integrity": "sha1-ji1INIdCEhtKghi3oTfppSBJ3IA=", + "requires": { + "repeating": "^2.0.0" + } + }, + "indexes-of": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/indexes-of/-/indexes-of-1.0.1.tgz", + "integrity": "sha1-8w9xbI4r00bHtn0985FVZqfAVgc=" + }, + "infer-owner": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/infer-owner/-/infer-owner-1.0.4.tgz", + "integrity": "sha512-IClj+Xz94+d7irH5qRyfJonOdfTzuDaifE6ZPWfx0N0+/ATZCbuTPq2prFl526urkQd90WyUKIh1DfBQ2hMz9A==" + }, + "inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "requires": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" + }, + "ini": { + "version": "1.3.8", + "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", + "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==" + }, + "inquirer": { + "version": "7.3.3", + "resolved": "https://registry.npmjs.org/inquirer/-/inquirer-7.3.3.tgz", + "integrity": "sha512-JG3eIAj5V9CwcGvuOmoo6LB9kbAYT8HXffUl6memuszlwDC/qvFAJw49XJ5NROSFNPxp3iQg1GqkFhaY/CR0IA==", + "requires": { + "ansi-escapes": "^4.2.1", + "chalk": "^4.1.0", + "cli-cursor": "^3.1.0", + "cli-width": "^3.0.0", + "external-editor": "^3.0.3", + "figures": "^3.0.0", + "lodash": "^4.17.19", + "mute-stream": "0.0.8", + "run-async": "^2.4.0", + "rxjs": "^6.6.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0", + "through": "^2.3.6" + }, + "dependencies": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==" + }, + "ansi-styles": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.2.1.tgz", + "integrity": "sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA==", + "requires": { + "@types/color-name": "^1.1.1", + "color-convert": "^2.0.1" + } + }, + "chalk": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.0.tgz", + "integrity": "sha512-qwx12AxXe2Q5xQ43Ac//I6v5aXTipYrSESdOgzrN+9XjgEpyjpKuvSGaN4qE93f7TQTlerQQ8S+EQ0EyDoVL1A==", + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } + }, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "requires": { + "color-name": "~1.1.4" + } + }, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + }, + "emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + }, + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" + }, + "is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" + }, + "string-width": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz", + "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==", + "requires": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "strip-ansi": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", + "requires": { + "ansi-regex": "^5.0.0" + } + }, + "supports-color": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", + "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "requires": { + "has-flag": "^4.0.0" + } + } + } + }, + "internal-ip": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/internal-ip/-/internal-ip-4.3.0.tgz", + "integrity": "sha512-S1zBo1D6zcsyuC6PMmY5+55YMILQ9av8lotMx447Bq6SAgo/sDK6y6uUKmuYhW7eacnIhFfsPmCNYdDzsnnDCg==", + "requires": { + "default-gateway": "^4.2.0", + "ipaddr.js": "^1.9.0" + } + }, + "internal-slot": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/internal-slot/-/internal-slot-1.0.2.tgz", + "integrity": "sha512-2cQNfwhAfJIkU4KZPkDI+Gj5yNNnbqi40W9Gge6dfnk4TocEVm00B3bdiL+JINrbGJil2TeHvM4rETGzk/f/0g==", + "requires": { + "es-abstract": "^1.17.0-next.1", + "has": "^1.0.3", + "side-channel": "^1.0.2" + } + }, + "invariant": { + "version": "2.2.4", + "resolved": "https://registry.npmjs.org/invariant/-/invariant-2.2.4.tgz", + "integrity": "sha512-phJfQVBuaJM5raOpJjSfkiD6BpbCE4Ns//LaXl6wGYtUBY83nWS6Rf9tXm2e8VaK60JEjYldbPif/A2B1C2gNA==", + "requires": { + "loose-envify": "^1.0.0" + } + }, + "ip": { + "version": "1.1.5", + "resolved": "https://registry.npmjs.org/ip/-/ip-1.1.5.tgz", + "integrity": "sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo=" + }, + "ip-regex": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-2.1.0.tgz", + "integrity": "sha1-+ni/XS5pE8kRzp+BnuUUa7bYROk=" + }, + "ipaddr.js": { + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", + "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==" + }, + "is-absolute-url": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-absolute-url/-/is-absolute-url-2.1.0.tgz", + "integrity": "sha1-UFMN+4T8yap9vnhS6Do3uTufKqY=" + }, + "is-accessor-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz", + "integrity": "sha1-qeEss66Nh2cn7u84Q/igiXtcmNY=", + "requires": { + "kind-of": "^3.0.2" + } + }, + "is-arguments": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-arguments/-/is-arguments-1.1.0.tgz", + "integrity": "sha512-1Ij4lOMPl/xB5kBDn7I+b2ttPMKa8szhEIrXDuXQD/oe3HJLTLhqhgGspwgyGd6MOywBUqVvYicF72lkgDnIHg==", + "requires": { + "call-bind": "^1.0.0" + } + }, + "is-arrayish": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=" + }, + "is-binary-path": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz", + "integrity": "sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==", + "requires": { + "binary-extensions": "^2.0.0" + } + }, + "is-callable": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/is-callable/-/is-callable-1.2.0.tgz", + "integrity": "sha512-pyVD9AaGLxtg6srb2Ng6ynWJqkHU9bEM087AKck0w8QwDarTfNcpIYoU8x8Hv2Icm8u6kFJM18Dag8lyqGkviw==" + }, + "is-ci": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-2.0.0.tgz", + "integrity": "sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w==", + "requires": { + "ci-info": "^2.0.0" + } + }, + "is-color-stop": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-color-stop/-/is-color-stop-1.1.0.tgz", + "integrity": "sha1-z/9HGu5N1cnhWFmPvhKWe1za00U=", + "requires": { + "css-color-names": "^0.0.4", + "hex-color-regex": "^1.1.0", + "hsl-regex": "^1.0.0", + "hsla-regex": "^1.0.0", + "rgb-regex": "^1.0.1", + "rgba-regex": "^1.0.0" + } + }, + "is-data-descriptor": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-0.1.4.tgz", + "integrity": "sha1-C17mSDiOLIYCgueT8YVv7D8wG1Y=", + "requires": { + "kind-of": "^3.0.2" + } + }, + "is-date-object": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-date-object/-/is-date-object-1.0.2.tgz", + "integrity": "sha512-USlDT524woQ08aoZFzh3/Z6ch9Y/EWXEHQ/AaRN0SkKq4t2Jw2R2339tSXmwuVoY7LLlBCbOIlx2myP/L5zk0g==" + }, + "is-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-0.1.6.tgz", + "integrity": "sha512-avDYr0SB3DwO9zsMov0gKCESFYqCnE4hq/4z3TdUlukEy5t9C0YRq7HLrsN52NAcqXKaepeCD0n+B0arnVG3Hg==", + "requires": { + "is-accessor-descriptor": "^0.1.6", + "is-data-descriptor": "^0.1.4", + "kind-of": "^5.0.0" + }, + "dependencies": { + "kind-of": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-5.1.0.tgz", + "integrity": "sha512-NGEErnH6F2vUuXDh+OlbcKW7/wOcfdRHaZ7VWtqCztfHri/++YKmP51OdWeGPuqCOba6kk2OTe5d02VmTB80Pw==" + } + } + }, + "is-directory": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/is-directory/-/is-directory-0.3.1.tgz", + "integrity": "sha1-YTObbyR1/Hcv2cnYP1yFddwVSuE=" + }, + "is-docker": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.1.0.tgz", + "integrity": "sha512-mB2WygGsSeoXtLKpSYzP6sa0Z9DyU9ZyKlnvuZWxCociaI0qsF8u12sR72DFTX236g1u6oWSWYFuUk09nGQEjg==" + }, + "is-extendable": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", + "integrity": "sha1-YrEQ4omkcUGOPsNqYX1HLjAd/Ik=" + }, + "is-extglob": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", + "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=" + }, + "is-finite": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-finite/-/is-finite-1.1.0.tgz", + "integrity": "sha512-cdyMtqX/BOqqNBBiKlIVkytNHm49MtMlYyn1zxzvJKWmFMlGzm+ry5BBfYyeY9YmNKbRSo/o7OX9w9ale0wg3w==" + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=", + "requires": { + "number-is-nan": "^1.0.0" + } + }, + "is-generator-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==" + }, + "is-glob": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.1.tgz", + "integrity": "sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg==", + "requires": { + "is-extglob": "^2.1.1" + } + }, + "is-number": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", + "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", + "requires": { + "kind-of": "^3.0.2" + } + }, + "is-obj": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-2.0.0.tgz", + "integrity": "sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==" + }, + "is-path-cwd": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/is-path-cwd/-/is-path-cwd-2.2.0.tgz", + "integrity": "sha512-w942bTcih8fdJPJmQHFzkS76NEP8Kzzvmw92cXsazb8intwLqPibPPdXf4ANdKV3rYMuuQYGIWtvz9JilB3NFQ==" + }, + "is-path-in-cwd": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-path-in-cwd/-/is-path-in-cwd-2.1.0.tgz", + "integrity": "sha512-rNocXHgipO+rvnP6dk3zI20RpOtrAM/kzbB258Uw5BWr3TpXi861yzjo16Dn4hUox07iw5AyeMLHWsujkjzvRQ==", + "requires": { + "is-path-inside": "^2.1.0" + } + }, + "is-path-inside": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-2.1.0.tgz", + "integrity": "sha512-wiyhTzfDWsvwAW53OBWF5zuvaOGlZ6PwYxAbPVDhpm+gM09xKQGjBq/8uYN12aDvMxnAnq3dxTyoSoRNmg5YFg==", + "requires": { + "path-is-inside": "^1.0.2" + } + }, + "is-plain-obj": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-1.1.0.tgz", + "integrity": "sha1-caUMhCnfync8kqOQpKA7OfzVHT4=" + }, + "is-plain-object": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", + "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==", + "requires": { + "isobject": "^3.0.1" + } + }, + "is-regex": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.1.1.tgz", + "integrity": "sha512-1+QkEcxiLlB7VEyFtyBg94e08OAsvq7FUBgApTq/w2ymCLyKJgDPsybBENVtA7XCQEgEXxKPonG+mvYRxh/LIg==", + "requires": { + "has-symbols": "^1.0.1" + } + }, + "is-regexp": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-regexp/-/is-regexp-1.0.0.tgz", + "integrity": "sha1-/S2INUXEa6xaYz57mgnof6LLUGk=" + }, + "is-resolvable": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-resolvable/-/is-resolvable-1.1.0.tgz", + "integrity": "sha512-qgDYXFSR5WvEfuS5dMj6oTMEbrrSaM0CrFk2Yiq/gXnBvD9pMa2jGXxyhGLfvhZpuMZe18CJpFxAt3CRs42NMg==" + }, + "is-root": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-root/-/is-root-2.1.0.tgz", + "integrity": "sha512-AGOriNp96vNBd3HtU+RzFEc75FfR5ymiYv8E553I71SCeXBiMsVDUtdio1OEFvrPyLIQ9tVR5RxXIFe5PUFjMg==" + }, + "is-stream": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", + "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=" + }, + "is-string": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/is-string/-/is-string-1.0.5.tgz", + "integrity": "sha512-buY6VNRjhQMiF1qWDouloZlQbRhDPCebwxSjxMjxgemYT46YMd2NR0/H+fBhEfWX4A/w9TBJ+ol+okqJKFE6vQ==" + }, + "is-svg": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-3.0.0.tgz", + "integrity": "sha512-gi4iHK53LR2ujhLVVj+37Ykh9GLqYHX6JOVXbLAucaG/Cqw9xwdFOjDM2qeifLs1sF1npXXFvDu0r5HNgCMrzQ==", + "requires": { + "html-comment-regex": "^1.1.0" + } + }, + "is-symbol": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/is-symbol/-/is-symbol-1.0.3.tgz", + "integrity": "sha512-OwijhaRSgqvhm/0ZdAcXNZt9lYdKFpcRDT5ULUuYXPoT794UNOdU+gpT6Rzo7b4V2HUl/op6GqY894AZwv9faQ==", + "requires": { + "has-symbols": "^1.0.1" + } + }, + "is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" + }, + "is-utf8": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "integrity": "sha1-Sw2hRCEE0bM2NA6AeX6GXPOffXI=" + }, + "is-windows": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", + "integrity": "sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==" + }, + "is-wsl": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-1.1.0.tgz", + "integrity": "sha1-HxbkqiKwTRM2tmGIpmrzxgDDpm0=" + }, + "isarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" + }, + "isexe": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" + }, + "isobject": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz", + "integrity": "sha1-TkMekrEalzFjaqH5yNHMvP2reN8=" + }, + "isstream": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", + "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" + }, + "istanbul-lib-coverage": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.5.tgz", + "integrity": "sha512-8aXznuEPCJvGnMSRft4udDRDtb1V3pkQkMMI5LI+6HuQz5oQ4J2UFn1H82raA3qJtyOLkkwVqICBQkjnGtn5mA==" + }, + "istanbul-lib-instrument": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-3.3.0.tgz", + "integrity": "sha512-5nnIN4vo5xQZHdXno/YDXJ0G+I3dAm4XgzfSVTPLQpj/zAV2dV6Juy0yaf10/zrJOJeHoN3fraFe+XRq2bFVZA==", + "requires": { + "@babel/generator": "^7.4.0", + "@babel/parser": "^7.4.3", + "@babel/template": "^7.4.0", + "@babel/traverse": "^7.4.3", + "@babel/types": "^7.4.0", + "istanbul-lib-coverage": "^2.0.5", + "semver": "^6.0.0" + }, + "dependencies": { + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + } + } + }, + "istanbul-lib-report": { + "version": "2.0.8", + "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-2.0.8.tgz", + "integrity": "sha512-fHBeG573EIihhAblwgxrSenp0Dby6tJMFR/HvlerBsrCTD5bkUuoNtn3gVh29ZCS824cGGBPn7Sg7cNk+2xUsQ==", + "requires": { + "istanbul-lib-coverage": "^2.0.5", + "make-dir": "^2.1.0", + "supports-color": "^6.1.0" + }, + "dependencies": { + "supports-color": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-6.1.0.tgz", + "integrity": "sha512-qe1jfm1Mg7Nq/NSh6XE24gPXROEVsWHxC1LIx//XNlD9iw7YZQGjZNjYN7xGaEG6iKdA8EtNFW6R0gjnVXp+wQ==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "istanbul-lib-source-maps": { + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-3.0.6.tgz", + "integrity": "sha512-R47KzMtDJH6X4/YW9XTx+jrLnZnscW4VpNN+1PViSYTejLVPWv7oov+Duf8YQSPyVRUvueQqz1TcsC6mooZTXw==", + "requires": { + "debug": "^4.1.1", + "istanbul-lib-coverage": "^2.0.5", + "make-dir": "^2.1.0", + "rimraf": "^2.6.3", + "source-map": "^0.6.1" + }, + "dependencies": { + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "requires": { + "ms": "^2.1.1" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } + } + }, + "istanbul-reports": { + "version": "2.2.7", + "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-2.2.7.tgz", + "integrity": "sha512-uu1F/L1o5Y6LzPVSVZXNOoD/KXpJue9aeLRd0sM9uMXfZvzomB0WxVamWb5ue8kA2vVWEmW7EG+A5n3f1kqHKg==", + "requires": { + "html-escaper": "^2.0.0" + } + }, + "jest": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest/-/jest-24.9.0.tgz", + "integrity": "sha512-YvkBL1Zm7d2B1+h5fHEOdyjCG+sGMz4f8D86/0HiqJ6MB4MnDc8FgP5vdWsGnemOQro7lnYo8UakZ3+5A0jxGw==", + "requires": { + "import-local": "^2.0.0", + "jest-cli": "^24.9.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "jest-cli": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-24.9.0.tgz", + "integrity": "sha512-+VLRKyitT3BWoMeSUIHRxV/2g8y9gw91Jh5z2UmXZzkZKpbC08CSehVxgHUwTpy+HwGcns/tqafQDJW7imYvGg==", + "requires": { + "@jest/core": "^24.9.0", + "@jest/test-result": "^24.9.0", + "@jest/types": "^24.9.0", + "chalk": "^2.0.1", + "exit": "^0.1.2", + "import-local": "^2.0.0", + "is-ci": "^2.0.0", + "jest-config": "^24.9.0", + "jest-util": "^24.9.0", + "jest-validate": "^24.9.0", + "prompts": "^2.0.1", + "realpath-native": "^1.1.0", + "yargs": "^13.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-changed-files": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-24.9.0.tgz", + "integrity": "sha512-6aTWpe2mHF0DhL28WjdkO8LyGjs3zItPET4bMSeXU6T3ub4FPMw+mcOcbdGXQOAfmLcxofD23/5Bl9Z4AkFwqg==", + "requires": { + "@jest/types": "^24.9.0", + "execa": "^1.0.0", + "throat": "^4.0.0" + } + }, + "jest-config": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-24.9.0.tgz", + "integrity": "sha512-RATtQJtVYQrp7fvWg6f5y3pEFj9I+H8sWw4aKxnDZ96mob5i5SD6ZEGWgMLXQ4LE8UurrjbdlLWdUeo+28QpfQ==", + "requires": { + "@babel/core": "^7.1.0", + "@jest/test-sequencer": "^24.9.0", + "@jest/types": "^24.9.0", + "babel-jest": "^24.9.0", + "chalk": "^2.0.1", + "glob": "^7.1.1", + "jest-environment-jsdom": "^24.9.0", + "jest-environment-node": "^24.9.0", + "jest-get-type": "^24.9.0", + "jest-jasmine2": "^24.9.0", + "jest-regex-util": "^24.3.0", + "jest-resolve": "^24.9.0", + "jest-util": "^24.9.0", + "jest-validate": "^24.9.0", + "micromatch": "^3.1.10", + "pretty-format": "^24.9.0", + "realpath-native": "^1.1.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-diff": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-24.9.0.tgz", + "integrity": "sha512-qMfrTs8AdJE2iqrTp0hzh7kTd2PQWrsFyj9tORoKmu32xjPjeE4NyjVRDz8ybYwqS2ik8N4hsIpiVTyFeo2lBQ==", + "requires": { + "chalk": "^2.0.1", + "diff-sequences": "^24.9.0", + "jest-get-type": "^24.9.0", + "pretty-format": "^24.9.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-docblock": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-24.9.0.tgz", + "integrity": "sha512-F1DjdpDMJMA1cN6He0FNYNZlo3yYmOtRUnktrT9Q37njYzC5WEaDdmbynIgy0L/IvXvvgsG8OsqhLPXTpfmZAA==", + "requires": { + "detect-newline": "^2.1.0" + } + }, + "jest-each": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-24.9.0.tgz", + "integrity": "sha512-ONi0R4BvW45cw8s2Lrx8YgbeXL1oCQ/wIDwmsM3CqM/nlblNCPmnC3IPQlMbRFZu3wKdQ2U8BqM6lh3LJ5Bsog==", + "requires": { + "@jest/types": "^24.9.0", + "chalk": "^2.0.1", + "jest-get-type": "^24.9.0", + "jest-util": "^24.9.0", + "pretty-format": "^24.9.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-environment-jsdom": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-24.9.0.tgz", + "integrity": "sha512-Zv9FV9NBRzLuALXjvRijO2351DRQeLYXtpD4xNvfoVFw21IOKNhZAEUKcbiEtjTkm2GsJ3boMVgkaR7rN8qetA==", + "requires": { + "@jest/environment": "^24.9.0", + "@jest/fake-timers": "^24.9.0", + "@jest/types": "^24.9.0", + "jest-mock": "^24.9.0", + "jest-util": "^24.9.0", + "jsdom": "^11.5.1" + } + }, + "jest-environment-jsdom-fourteen": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/jest-environment-jsdom-fourteen/-/jest-environment-jsdom-fourteen-1.0.1.tgz", + "integrity": "sha512-DojMX1sY+at5Ep+O9yME34CdidZnO3/zfPh8UW+918C5fIZET5vCjfkegixmsi7AtdYfkr4bPlIzmWnlvQkP7Q==", + "requires": { + "@jest/environment": "^24.3.0", + "@jest/fake-timers": "^24.3.0", + "@jest/types": "^24.3.0", + "jest-mock": "^24.0.0", + "jest-util": "^24.0.0", + "jsdom": "^14.1.0" + }, + "dependencies": { + "acorn": { + "version": "6.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", + "integrity": "sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==" + }, + "jsdom": { + "version": "14.1.0", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-14.1.0.tgz", + "integrity": "sha512-O901mfJSuTdwU2w3Sn+74T+RnDVP+FuV5fH8tcPWyqrseRAb0s5xOtPgCFiPOtLcyK7CLIJwPyD83ZqQWvA5ng==", + "requires": { + "abab": "^2.0.0", + "acorn": "^6.0.4", + "acorn-globals": "^4.3.0", + "array-equal": "^1.0.0", + "cssom": "^0.3.4", + "cssstyle": "^1.1.1", + "data-urls": "^1.1.0", + "domexception": "^1.0.1", + "escodegen": "^1.11.0", + "html-encoding-sniffer": "^1.0.2", + "nwsapi": "^2.1.3", + "parse5": "5.1.0", + "pn": "^1.1.0", + "request": "^2.88.0", + "request-promise-native": "^1.0.5", + "saxes": "^3.1.9", + "symbol-tree": "^3.2.2", + "tough-cookie": "^2.5.0", + "w3c-hr-time": "^1.0.1", + "w3c-xmlserializer": "^1.1.2", + "webidl-conversions": "^4.0.2", + "whatwg-encoding": "^1.0.5", + "whatwg-mimetype": "^2.3.0", + "whatwg-url": "^7.0.0", + "ws": "^6.1.2", + "xml-name-validator": "^3.0.0" + } + }, + "parse5": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/parse5/-/parse5-5.1.0.tgz", + "integrity": "sha512-fxNG2sQjHvlVAYmzBZS9YlDp6PTSSDwa98vkD4QgVDDCAo84z5X1t5XyJQ62ImdLXx5NdIIfihey6xpum9/gRQ==" + }, + "whatwg-url": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-7.1.0.tgz", + "integrity": "sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==", + "requires": { + "lodash.sortby": "^4.7.0", + "tr46": "^1.0.1", + "webidl-conversions": "^4.0.2" + } + }, + "ws": { + "version": "6.2.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-6.2.2.tgz", + "integrity": "sha512-zmhltoSR8u1cnDsD43TX59mzoMZsLKqUweyYBAIvTngR3shc0W6aOZylZmq/7hqyVxPdi+5Ud2QInblgyE72fw==", + "requires": { + "async-limiter": "~1.0.0" + } + } + } + }, + "jest-environment-node": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-24.9.0.tgz", + "integrity": "sha512-6d4V2f4nxzIzwendo27Tr0aFm+IXWa0XEUnaH6nU0FMaozxovt+sfRvh4J47wL1OvF83I3SSTu0XK+i4Bqe7uA==", + "requires": { + "@jest/environment": "^24.9.0", + "@jest/fake-timers": "^24.9.0", + "@jest/types": "^24.9.0", + "jest-mock": "^24.9.0", + "jest-util": "^24.9.0" + } + }, + "jest-get-type": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-24.9.0.tgz", + "integrity": "sha512-lUseMzAley4LhIcpSP9Jf+fTrQ4a1yHQwLNeeVa2cEmbCGeoZAtYPOIv8JaxLD/sUpKxetKGP+gsHl8f8TSj8Q==" + }, + "jest-haste-map": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-24.9.0.tgz", + "integrity": "sha512-kfVFmsuWui2Sj1Rp1AJ4D9HqJwE4uwTlS/vO+eRUaMmd54BFpli2XhMQnPC2k4cHFVbB2Q2C+jtI1AGLgEnCjQ==", + "requires": { + "@jest/types": "^24.9.0", + "anymatch": "^2.0.0", + "fb-watchman": "^2.0.0", + "fsevents": "^1.2.7", + "graceful-fs": "^4.1.15", + "invariant": "^2.2.4", + "jest-serializer": "^24.9.0", + "jest-util": "^24.9.0", + "jest-worker": "^24.9.0", + "micromatch": "^3.1.10", + "sane": "^4.0.3", + "walker": "^1.0.7" + }, + "dependencies": { + "fsevents": { + "version": "1.2.13", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-1.2.13.tgz", + "integrity": "sha512-oWb1Z6mkHIskLzEJ/XWX0srkpkTQ7vaopMQkyaEIoq0fmtFVxOthb8cCxeT+p3ynTdkk/RZwbgG4brR5BeWECw==", + "optional": true, + "requires": { + "bindings": "^1.5.0", + "nan": "^2.12.1" + } + } + } + }, + "jest-jasmine2": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-24.9.0.tgz", + "integrity": "sha512-Cq7vkAgaYKp+PsX+2/JbTarrk0DmNhsEtqBXNwUHkdlbrTBLtMJINADf2mf5FkowNsq8evbPc07/qFO0AdKTzw==", + "requires": { + "@babel/traverse": "^7.1.0", + "@jest/environment": "^24.9.0", + "@jest/test-result": "^24.9.0", + "@jest/types": "^24.9.0", + "chalk": "^2.0.1", + "co": "^4.6.0", + "expect": "^24.9.0", + "is-generator-fn": "^2.0.0", + "jest-each": "^24.9.0", + "jest-matcher-utils": "^24.9.0", + "jest-message-util": "^24.9.0", + "jest-runtime": "^24.9.0", + "jest-snapshot": "^24.9.0", + "jest-util": "^24.9.0", + "pretty-format": "^24.9.0", + "throat": "^4.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-leak-detector": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-24.9.0.tgz", + "integrity": "sha512-tYkFIDsiKTGwb2FG1w8hX9V0aUb2ot8zY/2nFg087dUageonw1zrLMP4W6zsRO59dPkTSKie+D4rhMuP9nRmrA==", + "requires": { + "jest-get-type": "^24.9.0", + "pretty-format": "^24.9.0" + } + }, + "jest-matcher-utils": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-24.9.0.tgz", + "integrity": "sha512-OZz2IXsu6eaiMAwe67c1T+5tUAtQyQx27/EMEkbFAGiw52tB9em+uGbzpcgYVpA8wl0hlxKPZxrly4CXU/GjHA==", + "requires": { + "chalk": "^2.0.1", + "jest-diff": "^24.9.0", + "jest-get-type": "^24.9.0", + "pretty-format": "^24.9.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-message-util": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-24.9.0.tgz", + "integrity": "sha512-oCj8FiZ3U0hTP4aSui87P4L4jC37BtQwUMqk+zk/b11FR19BJDeZsZAvIHutWnmtw7r85UmR3CEWZ0HWU2mAlw==", + "requires": { + "@babel/code-frame": "^7.0.0", + "@jest/test-result": "^24.9.0", + "@jest/types": "^24.9.0", + "@types/stack-utils": "^1.0.1", + "chalk": "^2.0.1", + "micromatch": "^3.1.10", + "slash": "^2.0.0", + "stack-utils": "^1.0.1" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-mock": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-24.9.0.tgz", + "integrity": "sha512-3BEYN5WbSq9wd+SyLDES7AHnjH9A/ROBwmz7l2y+ol+NtSFO8DYiEBzoO1CeFc9a8DYy10EO4dDFVv/wN3zl1w==", + "requires": { + "@jest/types": "^24.9.0" + } + }, + "jest-pnp-resolver": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.2.tgz", + "integrity": "sha512-olV41bKSMm8BdnuMsewT4jqlZ8+3TCARAXjZGT9jcoSnrfUnRCqnMoF9XEeoWjbzObpqF9dRhHQj0Xb9QdF6/w==" + }, + "jest-regex-util": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-24.9.0.tgz", + "integrity": "sha512-05Cmb6CuxaA+Ys6fjr3PhvV3bGQmO+2p2La4hFbU+W5uOc479f7FdLXUWXw4pYMAhhSZIuKHwSXSu6CsSBAXQA==" + }, + "jest-resolve": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-24.9.0.tgz", + "integrity": "sha512-TaLeLVL1l08YFZAt3zaPtjiVvyy4oSA6CRe+0AFPPVX3Q/VI0giIWWoAvoS5L96vj9Dqxj4fB5p2qrHCmTU/MQ==", + "requires": { + "@jest/types": "^24.9.0", + "browser-resolve": "^1.11.3", + "chalk": "^2.0.1", + "jest-pnp-resolver": "^1.2.1", + "realpath-native": "^1.1.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-resolve-dependencies": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-24.9.0.tgz", + "integrity": "sha512-Fm7b6AlWnYhT0BXy4hXpactHIqER7erNgIsIozDXWl5dVm+k8XdGVe1oTg1JyaFnOxarMEbax3wyRJqGP2Pq+g==", + "requires": { + "@jest/types": "^24.9.0", + "jest-regex-util": "^24.3.0", + "jest-snapshot": "^24.9.0" + } + }, + "jest-runner": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-24.9.0.tgz", + "integrity": "sha512-KksJQyI3/0mhcfspnxxEOBueGrd5E4vV7ADQLT9ESaCzz02WnbdbKWIf5Mkaucoaj7obQckYPVX6JJhgUcoWWg==", + "requires": { + "@jest/console": "^24.7.1", + "@jest/environment": "^24.9.0", + "@jest/test-result": "^24.9.0", + "@jest/types": "^24.9.0", + "chalk": "^2.4.2", + "exit": "^0.1.2", + "graceful-fs": "^4.1.15", + "jest-config": "^24.9.0", + "jest-docblock": "^24.3.0", + "jest-haste-map": "^24.9.0", + "jest-jasmine2": "^24.9.0", + "jest-leak-detector": "^24.9.0", + "jest-message-util": "^24.9.0", + "jest-resolve": "^24.9.0", + "jest-runtime": "^24.9.0", + "jest-util": "^24.9.0", + "jest-worker": "^24.6.0", + "source-map-support": "^0.5.6", + "throat": "^4.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-runtime": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-24.9.0.tgz", + "integrity": "sha512-8oNqgnmF3v2J6PVRM2Jfuj8oX3syKmaynlDMMKQ4iyzbQzIG6th5ub/lM2bCMTmoTKM3ykcUYI2Pw9xwNtjMnw==", + "requires": { + "@jest/console": "^24.7.1", + "@jest/environment": "^24.9.0", + "@jest/source-map": "^24.3.0", + "@jest/transform": "^24.9.0", + "@jest/types": "^24.9.0", + "@types/yargs": "^13.0.0", + "chalk": "^2.0.1", + "exit": "^0.1.2", + "glob": "^7.1.3", + "graceful-fs": "^4.1.15", + "jest-config": "^24.9.0", + "jest-haste-map": "^24.9.0", + "jest-message-util": "^24.9.0", + "jest-mock": "^24.9.0", + "jest-regex-util": "^24.3.0", + "jest-resolve": "^24.9.0", + "jest-snapshot": "^24.9.0", + "jest-util": "^24.9.0", + "jest-validate": "^24.9.0", + "realpath-native": "^1.1.0", + "slash": "^2.0.0", + "strip-bom": "^3.0.0", + "yargs": "^13.3.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "strip-bom": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz", + "integrity": "sha1-IzTBjpx1n3vdVv3vfprj1YjmjtM=" + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-serializer": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-24.9.0.tgz", + "integrity": "sha512-DxYipDr8OvfrKH3Kel6NdED3OXxjvxXZ1uIY2I9OFbGg+vUkkg7AGvi65qbhbWNPvDckXmzMPbK3u3HaDO49bQ==" + }, + "jest-snapshot": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-24.9.0.tgz", + "integrity": "sha512-uI/rszGSs73xCM0l+up7O7a40o90cnrk429LOiK3aeTvfC0HHmldbd81/B7Ix81KSFe1lwkbl7GnBGG4UfuDew==", + "requires": { + "@babel/types": "^7.0.0", + "@jest/types": "^24.9.0", + "chalk": "^2.0.1", + "expect": "^24.9.0", + "jest-diff": "^24.9.0", + "jest-get-type": "^24.9.0", + "jest-matcher-utils": "^24.9.0", + "jest-message-util": "^24.9.0", + "jest-resolve": "^24.9.0", + "mkdirp": "^0.5.1", + "natural-compare": "^1.4.0", + "pretty-format": "^24.9.0", + "semver": "^6.2.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-util": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-24.9.0.tgz", + "integrity": "sha512-x+cZU8VRmOJxbA1K5oDBdxQmdq0OIdADarLxk0Mq+3XS4jgvhG/oKGWcIDCtPG0HgjxOYvF+ilPJQsAyXfbNOg==", + "requires": { + "@jest/console": "^24.9.0", + "@jest/fake-timers": "^24.9.0", + "@jest/source-map": "^24.9.0", + "@jest/test-result": "^24.9.0", + "@jest/types": "^24.9.0", + "callsites": "^3.0.0", + "chalk": "^2.0.1", + "graceful-fs": "^4.1.15", + "is-ci": "^2.0.0", + "mkdirp": "^0.5.1", + "slash": "^2.0.0", + "source-map": "^0.6.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==" + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-validate": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-24.9.0.tgz", + "integrity": "sha512-HPIt6C5ACwiqSiwi+OfSSHbK8sG7akG8eATl+IPKaeIjtPOeBUd/g3J7DghugzxrGjI93qS/+RPKe1H6PqvhRQ==", + "requires": { + "@jest/types": "^24.9.0", + "camelcase": "^5.3.1", + "chalk": "^2.0.1", + "jest-get-type": "^24.9.0", + "leven": "^3.1.0", + "pretty-format": "^24.9.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==" + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-watch-typeahead": { + "version": "0.4.2", + "resolved": "https://registry.npmjs.org/jest-watch-typeahead/-/jest-watch-typeahead-0.4.2.tgz", + "integrity": "sha512-f7VpLebTdaXs81rg/oj4Vg/ObZy2QtGzAmGLNsqUS5G5KtSN68tFcIsbvNODfNyQxU78g7D8x77o3bgfBTR+2Q==", + "requires": { + "ansi-escapes": "^4.2.1", + "chalk": "^2.4.1", + "jest-regex-util": "^24.9.0", + "jest-watcher": "^24.3.0", + "slash": "^3.0.0", + "string-length": "^3.1.0", + "strip-ansi": "^5.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" + }, + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==" + }, + "string-length": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-length/-/string-length-3.1.0.tgz", + "integrity": "sha512-Ttp5YvkGm5v9Ijagtaz1BnN+k9ObpvS0eIBblPMp2YWL8FBmi9qblQ9fexc2k/CXFgrTIteU3jAw3payCnwSTA==", + "requires": { + "astral-regex": "^1.0.0", + "strip-ansi": "^5.2.0" + } + }, + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "requires": { + "ansi-regex": "^4.1.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-watcher": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-24.9.0.tgz", + "integrity": "sha512-+/fLOfKPXXYJDYlks62/4R4GoT+GU1tYZed99JSCOsmzkkF7727RqKrjNAxtfO4YpGv11wybgRvCjR73lK2GZw==", + "requires": { + "@jest/test-result": "^24.9.0", + "@jest/types": "^24.9.0", + "@types/yargs": "^13.0.0", + "ansi-escapes": "^3.0.0", + "chalk": "^2.0.1", + "jest-util": "^24.9.0", + "string-length": "^2.0.0" + }, + "dependencies": { + "ansi-escapes": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-3.2.0.tgz", + "integrity": "sha512-cBhpre4ma+U0T1oM5fXg7Dy1Jw7zzwv7lt/GoCpr+hDQJoYnKVPLL4dCvSEFMmQurOQvSrwT7SL/DAlhBI97RQ==" + }, + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jest-worker": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-24.9.0.tgz", + "integrity": "sha512-51PE4haMSXcHohnSMdM42anbvZANYTqMrr52tVKPqqsPJMzoP6FYYDVqahX/HrAoKEKz3uUPzSvKs9A3qR4iVw==", + "requires": { + "merge-stream": "^2.0.0", + "supports-color": "^6.1.0" + }, + "dependencies": { + "supports-color": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-6.1.0.tgz", + "integrity": "sha512-qe1jfm1Mg7Nq/NSh6XE24gPXROEVsWHxC1LIx//XNlD9iw7YZQGjZNjYN7xGaEG6iKdA8EtNFW6R0gjnVXp+wQ==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "jquery": { + "version": "3.5.1", + "resolved": "https://registry.npmjs.org/jquery/-/jquery-3.5.1.tgz", + "integrity": "sha512-XwIBPqcMn57FxfT+Go5pzySnm4KWkT1Tv7gjrpT1srtf8Weynl6R273VJ5GjkRb51IzMp5nbaPjJXMWeju2MKg==" + }, + "js-base64": { + "version": "2.6.4", + "resolved": "https://registry.npmjs.org/js-base64/-/js-base64-2.6.4.tgz", + "integrity": "sha512-pZe//GGmwJndub7ZghVHz7vjb2LgC1m8B07Au3eYqeqv9emhESByMXxaEgkUkEqJe87oBbSniGYoQNIBklc7IQ==" + }, + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==" + }, + "js-yaml": { + "version": "3.14.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.0.tgz", + "integrity": "sha512-/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A==", + "requires": { + "argparse": "^1.0.7", + "esprima": "^4.0.0" + } + }, + "jsbn": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", + "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + }, + "jsdom": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-11.12.0.tgz", + "integrity": "sha512-y8Px43oyiBM13Zc1z780FrfNLJCXTL40EWlty/LXUtcjykRBNgLlCjWXpfSPBl2iv+N7koQN+dvqszHZgT/Fjw==", + "requires": { + "abab": "^2.0.0", + "acorn": "^5.5.3", + "acorn-globals": "^4.1.0", + "array-equal": "^1.0.0", + "cssom": ">= 0.3.2 < 0.4.0", + "cssstyle": "^1.0.0", + "data-urls": "^1.0.0", + "domexception": "^1.0.1", + "escodegen": "^1.9.1", + "html-encoding-sniffer": "^1.0.2", + "left-pad": "^1.3.0", + "nwsapi": "^2.0.7", + "parse5": "4.0.0", + "pn": "^1.1.0", + "request": "^2.87.0", + "request-promise-native": "^1.0.5", + "sax": "^1.2.4", + "symbol-tree": "^3.2.2", + "tough-cookie": "^2.3.4", + "w3c-hr-time": "^1.0.1", + "webidl-conversions": "^4.0.2", + "whatwg-encoding": "^1.0.3", + "whatwg-mimetype": "^2.1.0", + "whatwg-url": "^6.4.1", + "ws": "^5.2.0", + "xml-name-validator": "^3.0.0" + }, + "dependencies": { + "acorn": { + "version": "5.7.4", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-5.7.4.tgz", + "integrity": "sha512-1D++VG7BhrtvQpNbBzovKNc1FLGGEE/oGe7b9xJm/RFHMBeUaUGpluV9RLjZa47YFdPcDAenEYuq9pQPcMdLJg==" + } + } + }, + "jsesc": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==" + }, + "json-parse-better-errors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "integrity": "sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==" + }, + "json-schema": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", + "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=" + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" + }, + "json-stable-stringify": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/json-stable-stringify/-/json-stable-stringify-1.0.1.tgz", + "integrity": "sha1-mnWdOcXy/1A/1TAGRu1EX4jE+a8=", + "requires": { + "jsonify": "~0.0.0" + } + }, + "json-stable-stringify-without-jsonify": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", + "integrity": "sha1-nbe1lJatPzz+8wp1FC0tkwrXJlE=" + }, + "json-stringify-safe": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" + }, + "json3": { + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/json3/-/json3-3.3.3.tgz", + "integrity": "sha512-c7/8mbUsKigAbLkD5B010BK4D9LZm7A1pNItkEwiUZRpIN66exu/e7YQWysGun+TRKaJp8MhemM+VkfWv42aCA==" + }, + "json5": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.1.3.tgz", + "integrity": "sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtExn5hfMkOA==", + "requires": { + "minimist": "^1.2.5" + } + }, + "jsonfile": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz", + "integrity": "sha1-h3Gq4HmbZAdrdmQPygWPnBDjPss=", + "requires": { + "graceful-fs": "^4.1.6" + } + }, + "jsonify": { + "version": "0.0.0", + "resolved": "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz", + "integrity": "sha1-LHS27kHZPKUbe1qu6PUDYx0lKnM=" + }, + "jsprim": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", + "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", + "requires": { + "assert-plus": "1.0.0", + "extsprintf": "1.3.0", + "json-schema": "0.2.3", + "verror": "1.10.0" + } + }, + "jsx-ast-utils": { + "version": "2.4.1", + "resolved": "https://registry.npmjs.org/jsx-ast-utils/-/jsx-ast-utils-2.4.1.tgz", + "integrity": "sha512-z1xSldJ6imESSzOjd3NNkieVJKRlKYSOtMG8SFyCj2FIrvSaSuli/WjpBkEzCBoR9bYYYFgqJw61Xhu7Lcgk+w==", + "requires": { + "array-includes": "^3.1.1", + "object.assign": "^4.1.0" + } + }, + "killable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/killable/-/killable-1.0.1.tgz", + "integrity": "sha512-LzqtLKlUwirEUyl/nicirVmNiPvYs7l5n8wOPP7fyJVpUPkvCnW/vuiXGpylGUlnPDnB7311rARzAt3Mhswpjg==" + }, + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "requires": { + "is-buffer": "^1.1.5" + }, + "dependencies": { + "is-buffer": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==" + } + } + }, + "kleur": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==" + }, + "last-call-webpack-plugin": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/last-call-webpack-plugin/-/last-call-webpack-plugin-3.0.0.tgz", + "integrity": "sha512-7KI2l2GIZa9p2spzPIVZBYyNKkN+e/SQPpnjlTiPhdbDW3F86tdKKELxKpzJ5sgU19wQWsACULZmpTPYHeWO5w==", + "requires": { + "lodash": "^4.17.5", + "webpack-sources": "^1.1.0" + } + }, + "lazy-cache": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-1.0.4.tgz", + "integrity": "sha1-odePw6UEdMuAhF07O24dpJpEbo4=" + }, + "left-pad": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/left-pad/-/left-pad-1.3.0.tgz", + "integrity": "sha512-XI5MPzVNApjAyhQzphX8BkmKsKUxD4LdyK24iZeQGinBN9yTQT3bFlCBy/aVx2HrNcqQGsdot8ghrjyrvMCoEA==" + }, + "leven": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==" + }, + "levenary": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/levenary/-/levenary-1.1.1.tgz", + "integrity": "sha512-mkAdOIt79FD6irqjYSs4rdbnlT5vRonMEvBVPVb3XmevfS8kgRXwfes0dhPdEtzTWD/1eNE/Bm/G1iRt6DcnQQ==", + "requires": { + "leven": "^3.1.0" + } + }, + "levn": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", + "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", + "requires": { + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2" + } + }, + "lines-and-columns": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", + "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=" + }, + "load-json-file": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "integrity": "sha1-lWkFcI1YtLq0wiYbBPWfMcmTdMA=", + "requires": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + } + }, + "loader-fs-cache": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/loader-fs-cache/-/loader-fs-cache-1.0.3.tgz", + "integrity": "sha512-ldcgZpjNJj71n+2Mf6yetz+c9bM4xpKtNds4LbqXzU/PTdeAX0g3ytnU1AJMEcTk2Lex4Smpe3Q/eCTsvUBxbA==", + "requires": { + "find-cache-dir": "^0.1.1", + "mkdirp": "^0.5.1" + }, + "dependencies": { + "find-cache-dir": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/find-cache-dir/-/find-cache-dir-0.1.1.tgz", + "integrity": "sha1-yN765XyKUqinhPnjHFfHQumToLk=", + "requires": { + "commondir": "^1.0.1", + "mkdirp": "^0.5.1", + "pkg-dir": "^1.0.0" + } + }, + "pkg-dir": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-1.0.0.tgz", + "integrity": "sha1-ektQio1bstYp1EcFb/TpyTFM89Q=", + "requires": { + "find-up": "^1.0.0" + } + } + } + }, + "loader-runner": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/loader-runner/-/loader-runner-2.4.0.tgz", + "integrity": "sha512-Jsmr89RcXGIwivFY21FcRrisYZfvLMTWx5kOLc+JTxtpBOG6xML0vzbc6SEQG2FO9/4Fc3wW4LVcB5DmGflaRw==" + }, + "loader-utils": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/loader-utils/-/loader-utils-1.4.0.tgz", + "integrity": "sha512-qH0WSMBtn/oHuwjy/NucEgbx5dbxxnxup9s4PVXJUDHZBQY+s0NWA9rJf53RBnQZxfch7euUui7hpoAPvALZdA==", + "requires": { + "big.js": "^5.2.2", + "emojis-list": "^3.0.0", + "json5": "^1.0.1" + }, + "dependencies": { + "json5": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", + "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "requires": { + "minimist": "^1.2.0" + } + } + } + }, + "locate-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-3.0.0.tgz", + "integrity": "sha512-7AO748wWnIhNqAuaty2ZWHkQHRSNfPVIsPIfwEOWO22AmaoVrWavlOcMR5nzTLNYvp36X220/maaRsrec1G65A==", + "requires": { + "p-locate": "^3.0.0", + "path-exists": "^3.0.0" + }, + "dependencies": { + "path-exists": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz", + "integrity": "sha1-zg6+ql94yxiSXqfYENe1mwEP1RU=" + } + } + }, + "lodash": { + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + }, + "lodash._reinterpolate": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz", + "integrity": "sha1-DM8tiRZq8Ds2Y8eWU4t1rG4RTZ0=" + }, + "lodash.debounce": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/lodash.debounce/-/lodash.debounce-4.0.8.tgz", + "integrity": "sha1-gteb/zCmfEAF/9XiUVMArZyk168=" + }, + "lodash.isequal": { + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/lodash.isequal/-/lodash.isequal-4.5.0.tgz", + "integrity": "sha1-QVxEePK8wwEgwizhDtMib30+GOA=" + }, + "lodash.memoize": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", + "integrity": "sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4=" + }, + "lodash.sortby": { + "version": "4.7.0", + "resolved": "https://registry.npmjs.org/lodash.sortby/-/lodash.sortby-4.7.0.tgz", + "integrity": "sha1-7dFMgk4sycHgsKG0K7UhBRakJDg=" + }, + "lodash.template": { + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/lodash.template/-/lodash.template-4.5.0.tgz", + "integrity": "sha512-84vYFxIkmidUiFxidA/KjjH9pAycqW+h980j7Fuz5qxRtO9pgB7MDFTdys1N7A5mcucRiDyEq4fusljItR1T/A==", + "requires": { + "lodash._reinterpolate": "^3.0.0", + "lodash.templatesettings": "^4.0.0" + } + }, + "lodash.templatesettings": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/lodash.templatesettings/-/lodash.templatesettings-4.2.0.tgz", + "integrity": "sha512-stgLz+i3Aa9mZgnjr/O+v9ruKZsPsndy7qPZOchbqk2cnTU1ZaldKK+v7m54WoKIyxiuMZTKT2H81F8BeAc3ZQ==", + "requires": { + "lodash._reinterpolate": "^3.0.0" + } + }, + "lodash.uniq": { + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz", + "integrity": "sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=" + }, + "loglevel": { + "version": "1.7.1", + "resolved": "https://registry.npmjs.org/loglevel/-/loglevel-1.7.1.tgz", + "integrity": "sha512-Hesni4s5UkWkwCGJMQGAh71PaLUmKFM60dHvq0zi/vDhhrzuk+4GgNbTXJ12YYQJn6ZKBDNIjYcuQGKudvqrIw==" + }, + "loose-envify": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz", + "integrity": "sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==", + "requires": { + "js-tokens": "^3.0.0 || ^4.0.0" + } + }, + "loud-rejection": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/loud-rejection/-/loud-rejection-1.6.0.tgz", + "integrity": "sha1-W0b4AUft7leIcPCG0Eghz5mOVR8=", + "requires": { + "currently-unhandled": "^0.4.1", + "signal-exit": "^3.0.0" + } + }, + "lower-case": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/lower-case/-/lower-case-2.0.1.tgz", + "integrity": "sha512-LiWgfDLLb1dwbFQZsSglpRj+1ctGnayXz3Uv0/WO8n558JycT5fg6zkNcnW0G68Nn0aEldTFeEfmjCfmqry/rQ==", + "requires": { + "tslib": "^1.10.0" + } + }, + "lru-cache": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.5.tgz", + "integrity": "sha512-sWZlbEP2OsHNkXrMl5GYk/jKk70MBng6UU4YI/qGDYbgf6YbP4EvmqISbXCoJiRKs+1bSpFHVgQxvJ17F2li5g==", + "requires": { + "pseudomap": "^1.0.2", + "yallist": "^2.1.2" + } + }, + "make-dir": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-2.1.0.tgz", + "integrity": "sha512-LS9X+dc8KLxXCb8dni79fLIIUA5VyZoyjSMCwTluaXA0o27cCK0bhXkpgw+sTXVpPy/lSO57ilRixqk0vDmtRA==", + "requires": { + "pify": "^4.0.1", + "semver": "^5.6.0" + }, + "dependencies": { + "pify": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pify/-/pify-4.0.1.tgz", + "integrity": "sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==" + } + } + }, + "makeerror": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.11.tgz", + "integrity": "sha1-4BpckQnyr3lmDk6LlYd5AYT1qWw=", + "requires": { + "tmpl": "1.0.x" + } + }, + "mamacro": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/mamacro/-/mamacro-0.0.3.tgz", + "integrity": "sha512-qMEwh+UujcQ+kbz3T6V+wAmO2U8veoq2w+3wY8MquqwVA3jChfwY+Tk52GZKDfACEPjuZ7r2oJLejwpt8jtwTA==" + }, + "map-cache": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz", + "integrity": "sha1-wyq9C9ZSXZsFFkW7TyasXcmKDb8=" + }, + "map-obj": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/map-obj/-/map-obj-1.0.1.tgz", + "integrity": "sha1-2TPOuSBdgr3PSIb2dCvcK03qFG0=" + }, + "map-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/map-visit/-/map-visit-1.0.0.tgz", + "integrity": "sha1-7Nyo8TFE5mDxtb1B8S80edmN+48=", + "requires": { + "object-visit": "^1.0.0" + } + }, + "md5.js": { + "version": "1.3.5", + "resolved": "https://registry.npmjs.org/md5.js/-/md5.js-1.3.5.tgz", + "integrity": "sha512-xitP+WxNPcTTOgnTJcrhM0xvdPepipPSf3I8EIpGKeFLjt3PlJLIDG3u8EX53ZIubkb+5U2+3rELYpEhHhzdkg==", + "requires": { + "hash-base": "^3.0.0", + "inherits": "^2.0.1", + "safe-buffer": "^5.1.2" + } + }, + "mdn-data": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/mdn-data/-/mdn-data-2.0.4.tgz", + "integrity": "sha512-iV3XNKw06j5Q7mi6h+9vbx23Tv7JkjEVgKHW4pimwyDGWm0OIQntJJ+u1C6mg6mK1EaTv42XQ7w76yuzH7M2cA==" + }, + "media-typer": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", + "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=" + }, + "memory-fs": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/memory-fs/-/memory-fs-0.4.1.tgz", + "integrity": "sha1-OpoguEYlI+RHz7x+i7gO1me/xVI=", + "requires": { + "errno": "^0.1.3", + "readable-stream": "^2.0.1" + } + }, + "meow": { + "version": "3.7.0", + "resolved": "https://registry.npmjs.org/meow/-/meow-3.7.0.tgz", + "integrity": "sha1-cstmi0JSKCkKu/qFaJJYcwioAfs=", + "requires": { + "camelcase-keys": "^2.0.0", + "decamelize": "^1.1.2", + "loud-rejection": "^1.0.0", + "map-obj": "^1.0.1", + "minimist": "^1.1.3", + "normalize-package-data": "^2.3.4", + "object-assign": "^4.0.1", + "read-pkg-up": "^1.0.1", + "redent": "^1.0.0", + "trim-newlines": "^1.0.0" + } + }, + "merge-deep": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/merge-deep/-/merge-deep-3.0.3.tgz", + "integrity": "sha512-qtmzAS6t6grwEkNrunqTBdn0qKwFgNWvlxUbAV8es9M7Ot1EbyApytCnvE0jALPa46ZpKDUo527kKiaWplmlFA==", + "requires": { + "arr-union": "^3.1.0", + "clone-deep": "^0.2.4", + "kind-of": "^3.0.2" + } + }, + "merge-descriptors": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", + "integrity": "sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E=" + }, + "merge-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==" + }, + "merge2": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz", + "integrity": "sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==" + }, + "methods": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", + "integrity": "sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4=" + }, + "microevent.ts": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/microevent.ts/-/microevent.ts-0.1.1.tgz", + "integrity": "sha512-jo1OfR4TaEwd5HOrt5+tAZ9mqT4jmpNAusXtyfNzqVm9uiSYFZlKM1wYL4oU7azZW/PxQW53wM0S6OR1JHNa2g==" + }, + "micromatch": { + "version": "3.1.10", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-3.1.10.tgz", + "integrity": "sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg==", + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "braces": "^2.3.1", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "extglob": "^2.0.4", + "fragment-cache": "^0.2.1", + "kind-of": "^6.0.2", + "nanomatch": "^1.2.9", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==" + } + } + }, + "miller-rabin": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/miller-rabin/-/miller-rabin-4.0.1.tgz", + "integrity": "sha512-115fLhvZVqWwHPbClyntxEVfVDfl9DLLTuJvq3g2O/Oxi8AiNouAHvDSzHS0viUJc+V5vm3eq91Xwqn9dp4jRA==", + "requires": { + "bn.js": "^4.0.0", + "brorand": "^1.0.1" + }, + "dependencies": { + "bn.js": { + "version": "4.11.9", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz", + "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==" + } + } + }, + "mime": { + "version": "2.4.6", + "resolved": "https://registry.npmjs.org/mime/-/mime-2.4.6.tgz", + "integrity": "sha512-RZKhC3EmpBchfTGBVb8fb+RL2cWyw/32lshnsETttkBAyAUXSGHxbEJWWRXc751DrIxG1q04b8QwMbAwkRPpUA==" + }, + "mime-db": { + "version": "1.44.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz", + "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==" + }, + "mime-types": { + "version": "2.1.27", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz", + "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==", + "requires": { + "mime-db": "1.44.0" + } + }, + "mimic-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==" + }, + "mini-create-react-context": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/mini-create-react-context/-/mini-create-react-context-0.3.2.tgz", + "integrity": "sha512-2v+OeetEyliMt5VHMXsBhABoJ0/M4RCe7fatd/fBy6SMiKazUSEt3gxxypfnk2SHMkdBYvorHRoQxuGoiwbzAw==", + "requires": { + "@babel/runtime": "^7.4.0", + "gud": "^1.0.0", + "tiny-warning": "^1.0.2" + } + }, + "mini-css-extract-plugin": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/mini-css-extract-plugin/-/mini-css-extract-plugin-0.9.0.tgz", + "integrity": "sha512-lp3GeY7ygcgAmVIcRPBVhIkf8Us7FZjA+ILpal44qLdSu11wmjKQ3d9k15lfD7pO4esu9eUIAW7qiYIBppv40A==", + "requires": { + "loader-utils": "^1.1.0", + "normalize-url": "1.9.1", + "schema-utils": "^1.0.0", + "webpack-sources": "^1.1.0" + }, + "dependencies": { + "schema-utils": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-1.0.0.tgz", + "integrity": "sha512-i27Mic4KovM/lnGsy8whRCHhc7VicJajAjTrYg11K9zfZXnYIt4k5F+kZkwjnrhKzLic/HLU4j11mjsz2G/75g==", + "requires": { + "ajv": "^6.1.0", + "ajv-errors": "^1.0.0", + "ajv-keywords": "^3.1.0" + } + } + } + }, + "minimalistic-assert": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz", + "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==" + }, + "minimalistic-crypto-utils": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz", + "integrity": "sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo=" + }, + "minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + }, + "minipass": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.3.tgz", + "integrity": "sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg==", + "requires": { + "yallist": "^4.0.0" + }, + "dependencies": { + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } + }, + "minipass-collect": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/minipass-collect/-/minipass-collect-1.0.2.tgz", + "integrity": "sha512-6T6lH0H8OG9kITm/Jm6tdooIbogG9e0tLgpY6mphXSm/A9u8Nq1ryBG+Qspiub9LjWlBPsPS3tWQ/Botq4FdxA==", + "requires": { + "minipass": "^3.0.0" + } + }, + "minipass-flush": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/minipass-flush/-/minipass-flush-1.0.5.tgz", + "integrity": "sha512-JmQSYYpPUqX5Jyn1mXaRwOda1uQ8HP5KAT/oDSLCzt1BYRhQU0/hDtsB1ufZfEEzMZ9aAVmsBw8+FWsIXlClWw==", + "requires": { + "minipass": "^3.0.0" + } + }, + "minipass-pipeline": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/minipass-pipeline/-/minipass-pipeline-1.2.4.tgz", + "integrity": "sha512-xuIq7cIOt09RPRJ19gdi4b+RiNvDFYe5JH+ggNvBqGqpQXcru3PcRmOZuHBKWK1Txf9+cQ+HMVN4d6z46LZP7A==", + "requires": { + "minipass": "^3.0.0" + } + }, + "mississippi": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/mississippi/-/mississippi-3.0.0.tgz", + "integrity": "sha512-x471SsVjUtBRtcvd4BzKE9kFC+/2TeWgKCgw0bZcw1b9l2X3QX5vCWgF+KaZaYm87Ss//rHnWryupDrgLvmSkA==", + "requires": { + "concat-stream": "^1.5.0", + "duplexify": "^3.4.2", + "end-of-stream": "^1.1.0", + "flush-write-stream": "^1.0.0", + "from2": "^2.1.0", + "parallel-transform": "^1.1.0", + "pump": "^3.0.0", + "pumpify": "^1.3.3", + "stream-each": "^1.1.0", + "through2": "^2.0.0" + } + }, + "mixin-deep": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz", + "integrity": "sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==", + "requires": { + "for-in": "^1.0.2", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "mixin-object": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/mixin-object/-/mixin-object-2.0.1.tgz", + "integrity": "sha1-T7lJRB2rGCVA8f4DW6YOGUel5X4=", + "requires": { + "for-in": "^0.1.3", + "is-extendable": "^0.1.1" + }, + "dependencies": { + "for-in": { + "version": "0.1.8", + "resolved": "https://registry.npmjs.org/for-in/-/for-in-0.1.8.tgz", + "integrity": "sha1-2Hc5COMSVhCZUrH9ubP6hn0ndeE=" + } + } + }, + "mkdirp": { + "version": "0.5.5", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.5.tgz", + "integrity": "sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==", + "requires": { + "minimist": "^1.2.5" + } + }, + "move-concurrently": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/move-concurrently/-/move-concurrently-1.0.1.tgz", + "integrity": "sha1-viwAX9oy4LKa8fBdfEszIUxwH5I=", + "requires": { + "aproba": "^1.1.1", + "copy-concurrently": "^1.0.0", + "fs-write-stream-atomic": "^1.0.8", + "mkdirp": "^0.5.1", + "rimraf": "^2.5.4", + "run-queue": "^1.0.3" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + }, + "multicast-dns": { + "version": "6.2.3", + "resolved": "https://registry.npmjs.org/multicast-dns/-/multicast-dns-6.2.3.tgz", + "integrity": "sha512-ji6J5enbMyGRHIAkAOu3WdV8nggqviKCEKtXcOqfphZZtQrmHKycfynJ2V7eVPUA4NhJ6V7Wf4TmGbTwKE9B6g==", + "requires": { + "dns-packet": "^1.3.1", + "thunky": "^1.0.2" + } + }, + "multicast-dns-service-types": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/multicast-dns-service-types/-/multicast-dns-service-types-1.1.0.tgz", + "integrity": "sha1-iZ8R2WhuXgXLkbNdXw5jt3PPyQE=" + }, + "mute-stream": { + "version": "0.0.8", + "resolved": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.8.tgz", + "integrity": "sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA==" + }, + "nan": { + "version": "2.14.1", + "resolved": "https://registry.npmjs.org/nan/-/nan-2.14.1.tgz", + "integrity": "sha512-isWHgVjnFjh2x2yuJ/tj3JbwoHu3UC2dX5G/88Cm24yB6YopVgxvBObDY7n5xW6ExmFhJpSEQqFPvq9zaXc8Jw==" + }, + "nanomatch": { + "version": "1.2.13", + "resolved": "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.13.tgz", + "integrity": "sha512-fpoe2T0RbHwBTBUOftAfBPaDEi06ufaUai0mE6Yn1kacc3SnTErfb/h+X94VXzI64rKFHYImXSvdwGGCmwOqCA==", + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "fragment-cache": "^0.2.1", + "is-windows": "^1.0.2", + "kind-of": "^6.0.2", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==" + } + } + }, + "natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=" + }, + "negotiator": { + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.2.tgz", + "integrity": "sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==" + }, + "neo-async": { + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.2.tgz", + "integrity": "sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==" + }, + "next-tick": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/next-tick/-/next-tick-1.0.0.tgz", + "integrity": "sha1-yobR/ogoFpsBICCOPchCS524NCw=" + }, + "nice-try": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", + "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==" + }, + "no-case": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/no-case/-/no-case-3.0.3.tgz", + "integrity": "sha512-ehY/mVQCf9BL0gKfsJBvFJen+1V//U+0HQMPrWct40ixE4jnv0bfvxDbWtAHL9EcaPEOJHVVYKoQn1TlZUB8Tw==", + "requires": { + "lower-case": "^2.0.1", + "tslib": "^1.10.0" + } + }, + "node-forge": { + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.10.0.tgz", + "integrity": "sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA==" + }, + "node-gyp": { + "version": "3.8.0", + "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-3.8.0.tgz", + "integrity": "sha512-3g8lYefrRRzvGeSowdJKAKyks8oUpLEd/DyPV4eMhVlhJ0aNaZqIrNUIPuEWWTAoPqyFkfGrM67MC69baqn6vA==", + "requires": { + "fstream": "^1.0.0", + "glob": "^7.0.3", + "graceful-fs": "^4.1.2", + "mkdirp": "^0.5.0", + "nopt": "2 || 3", + "npmlog": "0 || 1 || 2 || 3 || 4", + "osenv": "0", + "request": "^2.87.0", + "rimraf": "2", + "semver": "~5.3.0", + "tar": "^2.0.0", + "which": "1" + }, + "dependencies": { + "semver": { + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.3.0.tgz", + "integrity": "sha1-myzl094C0XxgEq0yaqa00M9U+U8=" + } + } + }, + "node-int64": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=" + }, + "node-libs-browser": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/node-libs-browser/-/node-libs-browser-2.2.1.tgz", + "integrity": "sha512-h/zcD8H9kaDZ9ALUWwlBUDo6TKF8a7qBSCSEGfjTVIYeqsioSKaAX+BN7NgiMGp6iSIXZ3PxgCu8KS3b71YK5Q==", + "requires": { + "assert": "^1.1.1", + "browserify-zlib": "^0.2.0", + "buffer": "^4.3.0", + "console-browserify": "^1.1.0", + "constants-browserify": "^1.0.0", + "crypto-browserify": "^3.11.0", + "domain-browser": "^1.1.1", + "events": "^3.0.0", + "https-browserify": "^1.0.0", + "os-browserify": "^0.3.0", + "path-browserify": "0.0.1", + "process": "^0.11.10", + "punycode": "^1.2.4", + "querystring-es3": "^0.2.0", + "readable-stream": "^2.3.3", + "stream-browserify": "^2.0.1", + "stream-http": "^2.7.2", + "string_decoder": "^1.0.0", + "timers-browserify": "^2.0.4", + "tty-browserify": "0.0.0", + "url": "^0.11.0", + "util": "^0.11.0", + "vm-browserify": "^1.0.1" + }, + "dependencies": { + "inherits": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", + "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=" + }, + "punycode": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz", + "integrity": "sha1-wNWmOycYgArY4esPpSachN1BhF4=" + }, + "util": { + "version": "0.11.1", + "resolved": "https://registry.npmjs.org/util/-/util-0.11.1.tgz", + "integrity": "sha512-HShAsny+zS2TZfaXxD9tYj4HQGlBezXZMZuM/S5PKLLoZkShZiGk9o5CzukI1LVHZvjdvZ2Sj1aW/Ndn2NB/HQ==", + "requires": { + "inherits": "2.0.3" + } + } + } + }, + "node-modules-regexp": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", + "integrity": "sha1-jZ2+KJZKSsVxLpExZCEHxx6Q7EA=" + }, + "node-notifier": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/node-notifier/-/node-notifier-5.4.3.tgz", + "integrity": "sha512-M4UBGcs4jeOK9CjTsYwkvH6/MzuUmGCyTW+kCY7uO+1ZVr0+FHGdPdIf5CCLqAaxnRrWidyoQlNkMIIVwbKB8Q==", + "requires": { + "growly": "^1.3.0", + "is-wsl": "^1.1.0", + "semver": "^5.5.0", + "shellwords": "^0.1.1", + "which": "^1.3.0" + } + }, + "node-releases": { + "version": "1.1.60", + "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-1.1.60.tgz", + "integrity": "sha512-gsO4vjEdQaTusZAEebUWp2a5d7dF5DYoIpDG7WySnk7BuZDW+GPpHXoXXuYawRBr/9t5q54tirPz79kFIWg4dA==" + }, + "node-sass": { + "version": "4.14.1", + "resolved": "https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz", + "integrity": "sha512-sjCuOlvGyCJS40R8BscF5vhVlQjNN069NtQ1gSxyK1u9iqvn6tf7O1R4GNowVZfiZUCRt5MmMs1xd+4V/7Yr0g==", + "requires": { + "async-foreach": "^0.1.3", + "chalk": "^1.1.1", + "cross-spawn": "^3.0.0", + "gaze": "^1.0.0", + "get-stdin": "^4.0.1", + "glob": "^7.0.3", + "in-publish": "^2.0.0", + "lodash": "^4.17.15", + "meow": "^3.7.0", + "mkdirp": "^0.5.1", + "nan": "^2.13.2", + "node-gyp": "^3.8.0", + "npmlog": "^4.0.0", + "request": "^2.88.0", + "sass-graph": "2.2.5", + "stdout-stream": "^1.4.0", + "true-case-path": "^1.0.2" + } + }, + "nopt": { + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/nopt/-/nopt-3.0.6.tgz", + "integrity": "sha1-xkZdvwirzU2zWTF/eaxopkayj/k=", + "requires": { + "abbrev": "1" + } + }, + "normalize-package-data": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==", + "requires": { + "hosted-git-info": "^2.1.4", + "resolve": "^1.10.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + } + }, + "normalize-path": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.1.1.tgz", + "integrity": "sha1-GrKLVW4Zg2Oowab35vogE3/mrtk=", + "requires": { + "remove-trailing-separator": "^1.0.1" + } + }, + "normalize-range": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/normalize-range/-/normalize-range-0.1.2.tgz", + "integrity": "sha1-LRDAa9/TEuqXd2laTShDlFa3WUI=" + }, + "normalize-url": { + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-1.9.1.tgz", + "integrity": "sha1-LMDWazHqIwNkWENuNiDYWVTGbDw=", + "requires": { + "object-assign": "^4.0.1", + "prepend-http": "^1.0.0", + "query-string": "^4.1.0", + "sort-keys": "^1.0.0" + } + }, + "npm-run-path": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz", + "integrity": "sha1-NakjLfo11wZ7TLLd8jV7GHFTbF8=", + "requires": { + "path-key": "^2.0.0" + } + }, + "npmlog": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-4.1.2.tgz", + "integrity": "sha512-2uUqazuKlTaSI/dC8AzicUck7+IrEaOnN/e0jd3Xtt1KcGpwx30v50mL7oPyr/h9bL3E4aZccVwpwP+5W9Vjkg==", + "requires": { + "are-we-there-yet": "~1.1.2", + "console-control-strings": "~1.1.0", + "gauge": "~2.7.3", + "set-blocking": "~2.0.0" + } + }, + "nth-check": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/nth-check/-/nth-check-1.0.2.tgz", + "integrity": "sha512-WeBOdju8SnzPN5vTUJYxYUxLeXpCaVP5i5e0LF8fg7WORF2Wd7wFX/pk0tYZk7s8T+J7VLy0Da6J1+wCT0AtHg==", + "requires": { + "boolbase": "~1.0.0" + } + }, + "num2fraction": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/num2fraction/-/num2fraction-1.2.2.tgz", + "integrity": "sha1-b2gragJ6Tp3fpFZM0lidHU5mnt4=" + }, + "number-is-nan": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz", + "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=" + }, + "nwsapi": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", + "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==" + }, + "oauth-sign": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", + "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" + }, + "object-assign": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", + "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=" + }, + "object-copy": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz", + "integrity": "sha1-fn2Fi3gb18mRpBupde04EnVOmYw=", + "requires": { + "copy-descriptor": "^0.1.0", + "define-property": "^0.2.5", + "kind-of": "^3.0.3" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "object-hash": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.0.3.tgz", + "integrity": "sha512-JPKn0GMu+Fa3zt3Bmr66JhokJU5BaNBIh4ZeTlaCBzrBsOeXzwcKKAK1tbLiPKgvwmPXsDvvLHoWh5Bm7ofIYg==" + }, + "object-inspect": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.8.0.tgz", + "integrity": "sha512-jLdtEOB112fORuypAyl/50VRVIBIdVQOSUUGQHzJ4xBSbit81zRarz7GThkEFZy1RceYrWYcPcBFPQwHyAc1gA==" + }, + "object-is": { + "version": "1.1.5", + "resolved": "https://registry.npmjs.org/object-is/-/object-is-1.1.5.tgz", + "integrity": "sha512-3cyDsyHgtmi7I7DfSSI2LDp6SK2lwvtbg0p0R1e0RvTqF5ceGx+K2dfSjm1bKDMVCFEDAQvy+o8c6a7VujOddw==", + "requires": { + "call-bind": "^1.0.2", + "define-properties": "^1.1.3" + } + }, + "object-keys": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz", + "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==" + }, + "object-visit": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/object-visit/-/object-visit-1.0.1.tgz", + "integrity": "sha1-95xEk68MU3e1n+OdOV5BBC3QRbs=", + "requires": { + "isobject": "^3.0.0" + } + }, + "object.assign": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/object.assign/-/object.assign-4.1.0.tgz", + "integrity": "sha512-exHJeq6kBKj58mqGyTQ9DFvrZC/eR6OwxzoM9YRoGBqrXYonaFyGiFMuc9VZrXf7DarreEwMpurG3dd+CNyW5w==", + "requires": { + "define-properties": "^1.1.2", + "function-bind": "^1.1.1", + "has-symbols": "^1.0.0", + "object-keys": "^1.0.11" + } + }, + "object.entries": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/object.entries/-/object.entries-1.1.2.tgz", + "integrity": "sha512-BQdB9qKmb/HyNdMNWVr7O3+z5MUIx3aiegEIJqjMBbBf0YT9RRxTJSim4mzFqtyr7PDAHigq0N9dO0m0tRakQA==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.5", + "has": "^1.0.3" + } + }, + "object.fromentries": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/object.fromentries/-/object.fromentries-2.0.2.tgz", + "integrity": "sha512-r3ZiBH7MQppDJVLx6fhD618GKNG40CZYH9wgwdhKxBDDbQgjeWGGd4AtkZad84d291YxvWe7bJGuE65Anh0dxQ==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.0-next.1", + "function-bind": "^1.1.1", + "has": "^1.0.3" + } + }, + "object.getownpropertydescriptors": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/object.getownpropertydescriptors/-/object.getownpropertydescriptors-2.1.0.tgz", + "integrity": "sha512-Z53Oah9A3TdLoblT7VKJaTDdXdT+lQO+cNpKVnya5JDe9uLvzu1YyY1yFDFrcxrlRgWrEFH0jJtD/IbuwjcEVg==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.0-next.1" + } + }, + "object.pick": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz", + "integrity": "sha1-h6EKxMFpS9Lhy/U1kaZhQftd10c=", + "requires": { + "isobject": "^3.0.1" + } + }, + "object.values": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/object.values/-/object.values-1.1.1.tgz", + "integrity": "sha512-WTa54g2K8iu0kmS/us18jEmdv1a4Wi//BZ/DTVYEcH0XhLM5NYdpDHja3gt57VrZLcNAO2WGA+KpWsDBaHt6eA==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.0-next.1", + "function-bind": "^1.1.1", + "has": "^1.0.3" + } + }, + "obuf": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/obuf/-/obuf-1.1.2.tgz", + "integrity": "sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg==" + }, + "on-finished": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz", + "integrity": "sha1-IPEzZIGwg811M3mSoWlxqi2QaUc=", + "requires": { + "ee-first": "1.1.1" + } + }, + "on-headers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz", + "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==" + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "requires": { + "wrappy": "1" + } + }, + "onetime": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.1.tgz", + "integrity": "sha512-ZpZpjcJeugQfWsfyQlshVoowIIQ1qBGSVll4rfDq6JJVO//fesjoX808hXWfBjY+ROZgpKDI5TRSRBSoJiZ8eg==", + "requires": { + "mimic-fn": "^2.1.0" + } + }, + "open": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/open/-/open-7.1.0.tgz", + "integrity": "sha512-lLPI5KgOwEYCDKXf4np7y1PBEkj7HYIyP2DY8mVDRnx0VIIu6bNrRB0R66TuO7Mack6EnTNLm4uvcl1UoklTpA==", + "requires": { + "is-docker": "^2.0.0", + "is-wsl": "^2.1.1" + }, + "dependencies": { + "is-wsl": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", + "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==", + "requires": { + "is-docker": "^2.0.0" + } + } + } + }, + "opn": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/opn/-/opn-5.5.0.tgz", + "integrity": "sha512-PqHpggC9bLV0VeWcdKhkpxY+3JTzetLSqTCWL/z/tFIbI6G8JCjondXklT1JinczLz2Xib62sSp0T/gKT4KksA==", + "requires": { + "is-wsl": "^1.1.0" + } + }, + "optimize-css-assets-webpack-plugin": { + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/optimize-css-assets-webpack-plugin/-/optimize-css-assets-webpack-plugin-5.0.3.tgz", + "integrity": "sha512-q9fbvCRS6EYtUKKSwI87qm2IxlyJK5b4dygW1rKUBT6mMDhdG5e5bZT63v6tnJR9F9FB/H5a0HTmtw+laUBxKA==", + "requires": { + "cssnano": "^4.1.10", + "last-call-webpack-plugin": "^3.0.0" + } + }, + "optionator": { + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", + "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", + "requires": { + "deep-is": "~0.1.3", + "fast-levenshtein": "~2.0.6", + "levn": "~0.3.0", + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2", + "word-wrap": "~1.2.3" + } + }, + "original": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/original/-/original-1.0.2.tgz", + "integrity": "sha512-hyBVl6iqqUOJ8FqRe+l/gS8H+kKYjrEndd5Pm1MfBtsEKA038HkkdbAl/72EAXGyonD/PFsvmVG+EvcIpliMBg==", + "requires": { + "url-parse": "^1.4.3" + } + }, + "os-browserify": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/os-browserify/-/os-browserify-0.3.0.tgz", + "integrity": "sha1-hUNzx/XCMVkU/Jv8a9gjj92h7Cc=" + }, + "os-homedir": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/os-homedir/-/os-homedir-1.0.2.tgz", + "integrity": "sha1-/7xJiDNuDoM94MFox+8VISGqf7M=" + }, + "os-tmpdir": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz", + "integrity": "sha1-u+Z0BseaqFxc/sdm/lc0VV36EnQ=" + }, + "osenv": { + "version": "0.1.5", + "resolved": "https://registry.npmjs.org/osenv/-/osenv-0.1.5.tgz", + "integrity": "sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g==", + "requires": { + "os-homedir": "^1.0.0", + "os-tmpdir": "^1.0.0" + } + }, + "p-each-series": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/p-each-series/-/p-each-series-1.0.0.tgz", + "integrity": "sha1-kw89Et0fUOdDRFeiLNbwSsatf3E=", + "requires": { + "p-reduce": "^1.0.0" + } + }, + "p-finally": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", + "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=" + }, + "p-limit": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "requires": { + "p-try": "^2.0.0" + } + }, + "p-locate": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-3.0.0.tgz", + "integrity": "sha512-x+12w/To+4GFfgJhBEpiDcLozRJGegY+Ei7/z0tSLkMmxGZNybVMSfWj9aJn8Z5Fc7dBUNJOOVgPv2H7IwulSQ==", + "requires": { + "p-limit": "^2.0.0" + } + }, + "p-map": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/p-map/-/p-map-3.0.0.tgz", + "integrity": "sha512-d3qXVTF/s+W+CdJ5A29wywV2n8CQQYahlgz2bFiA+4eVNJbHJodPZ+/gXwPGh0bOqA+j8S+6+ckmvLGPk1QpxQ==", + "requires": { + "aggregate-error": "^3.0.0" + } + }, + "p-reduce": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/p-reduce/-/p-reduce-1.0.0.tgz", + "integrity": "sha1-GMKw3ZNqRpClKfgjH1ig/bakffo=" + }, + "p-retry": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/p-retry/-/p-retry-3.0.1.tgz", + "integrity": "sha512-XE6G4+YTTkT2a0UWb2kjZe8xNwf8bIbnqpc/IS/idOBVhyves0mK5OJgeocjx7q5pvX/6m23xuzVPYT1uGM73w==", + "requires": { + "retry": "^0.12.0" + } + }, + "p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==" + }, + "pako": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", + "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==" + }, + "parallel-transform": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/parallel-transform/-/parallel-transform-1.2.0.tgz", + "integrity": "sha512-P2vSmIu38uIlvdcU7fDkyrxj33gTUy/ABO5ZUbGowxNCopBq/OoD42bP4UmMrJoPyk4Uqf0mu3mtWBhHCZD8yg==", + "requires": { + "cyclist": "^1.0.1", + "inherits": "^2.0.3", + "readable-stream": "^2.1.5" + } + }, + "param-case": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/param-case/-/param-case-3.0.3.tgz", + "integrity": "sha512-VWBVyimc1+QrzappRs7waeN2YmoZFCGXWASRYX1/rGHtXqEcrGEIDm+jqIwFa2fRXNgQEwrxaYuIrX0WcAguTA==", + "requires": { + "dot-case": "^3.0.3", + "tslib": "^1.10.0" + } + }, + "parent-module": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", + "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", + "requires": { + "callsites": "^3.0.0" + }, + "dependencies": { + "callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==" + } + } + }, + "parse-asn1": { + "version": "5.1.5", + "resolved": "https://registry.npmjs.org/parse-asn1/-/parse-asn1-5.1.5.tgz", + "integrity": "sha512-jkMYn1dcJqF6d5CpU689bq7w/b5ALS9ROVSpQDPrZsqqesUJii9qutvoT5ltGedNXMO2e16YUWIghG9KxaViTQ==", + "requires": { + "asn1.js": "^4.0.0", + "browserify-aes": "^1.0.0", + "create-hash": "^1.1.0", + "evp_bytestokey": "^1.0.0", + "pbkdf2": "^3.0.3", + "safe-buffer": "^5.1.1" + } + }, + "parse-json": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "integrity": "sha1-9ID0BDTvgHQfhGkJn43qGPVaTck=", + "requires": { + "error-ex": "^1.2.0" + } + }, + "parse5": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/parse5/-/parse5-4.0.0.tgz", + "integrity": "sha512-VrZ7eOd3T1Fk4XWNXMgiGBK/z0MG48BWG2uQNU4I72fkQuKUTZpl+u9k+CxEG0twMVzSmXEEz12z5Fnw1jIQFA==" + }, + "parseurl": { + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", + "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==" + }, + "pascal-case": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/pascal-case/-/pascal-case-3.1.1.tgz", + "integrity": "sha512-XIeHKqIrsquVTQL2crjq3NfJUxmdLasn3TYOU0VBM+UX2a6ztAWBlJQBePLGY7VHW8+2dRadeIPK5+KImwTxQA==", + "requires": { + "no-case": "^3.0.3", + "tslib": "^1.10.0" + } + }, + "pascalcase": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/pascalcase/-/pascalcase-0.1.1.tgz", + "integrity": "sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ=" + }, + "path-browserify": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/path-browserify/-/path-browserify-0.0.1.tgz", + "integrity": "sha512-BapA40NHICOS+USX9SN4tyhq+A2RrN/Ws5F0Z5aMHDp98Fl86lX8Oti8B7uN93L4Ifv4fHOEA+pQw87gmMO/lQ==" + }, + "path-dirname": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/path-dirname/-/path-dirname-1.0.2.tgz", + "integrity": "sha1-zDPSTVJeCZpTiMAzbG4yuRYGCeA=" + }, + "path-exists": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "integrity": "sha1-D+tsZPD8UY2adU3V77YscCJ2H0s=", + "requires": { + "pinkie-promise": "^2.0.0" + } + }, + "path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" + }, + "path-is-inside": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/path-is-inside/-/path-is-inside-1.0.2.tgz", + "integrity": "sha1-NlQX3t5EQw0cEa9hAn+s8HS9/FM=" + }, + "path-key": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz", + "integrity": "sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=" + }, + "path-parse": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", + "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==" + }, + "path-to-regexp": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.7.0.tgz", + "integrity": "sha1-Wf3g9DW62suhA6hOnTvGTpa5k30=", + "requires": { + "isarray": "0.0.1" + }, + "dependencies": { + "isarray": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=" + } + } + }, + "path-type": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "integrity": "sha1-WcRPfuSR2nBNpBXaWkBwuk+P5EE=", + "requires": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + } + }, + "pbkdf2": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/pbkdf2/-/pbkdf2-3.1.1.tgz", + "integrity": "sha512-4Ejy1OPxi9f2tt1rRV7Go7zmfDQ+ZectEQz3VGUQhgq62HtIRPDyG/JtnwIxs6x3uNMwo2V7q1fMvKjb+Tnpqg==", + "requires": { + "create-hash": "^1.1.2", + "create-hmac": "^1.1.4", + "ripemd160": "^2.0.1", + "safe-buffer": "^5.0.1", + "sha.js": "^2.4.8" + } + }, + "perfect-scrollbar": { + "version": "1.5.3", + "resolved": "https://registry.npmjs.org/perfect-scrollbar/-/perfect-scrollbar-1.5.3.tgz", + "integrity": "sha512-+Lo6t61lSuCY9ghpqh1NFMXOu8fNwlYGqPoUMOZ3HTFIL4g7+L7zD7hQCLW5yjkOZ6LGTw1m9+MfEew7cngtAQ==" + }, + "performance-now": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", + "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" + }, + "picomatch": { + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.2.tgz", + "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==" + }, + "pify": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw=" + }, + "pinkie": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "integrity": "sha1-clVrgM+g1IqXToDnckjoDtT3+HA=" + }, + "pinkie-promise": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.1.tgz", + "integrity": "sha1-ITXW36ejWMBprJsXh3YogihFD/o=", + "requires": { + "pinkie": "^2.0.0" + } + }, + "pirates": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.1.tgz", + "integrity": "sha512-WuNqLTbMI3tmfef2TKxlQmAiLHKtFhlsCZnPIpuv2Ow0RDVO8lfy1Opf4NUzlMXLjPl+Men7AuVdX6TA+s+uGA==", + "requires": { + "node-modules-regexp": "^1.0.0" + } + }, + "pkg-dir": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-3.0.0.tgz", + "integrity": "sha512-/E57AYkoeQ25qkxMj5PBOVgF8Kiu/h7cYS30Z5+R7WaiCCBfLq58ZI/dSeaEKb9WVJV5n/03QwrN3IeWIFllvw==", + "requires": { + "find-up": "^3.0.0" + }, + "dependencies": { + "find-up": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-3.0.0.tgz", + "integrity": "sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==", + "requires": { + "locate-path": "^3.0.0" + } + } + } + }, + "pkg-up": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/pkg-up/-/pkg-up-3.1.0.tgz", + "integrity": "sha512-nDywThFk1i4BQK4twPQ6TA4RT8bDY96yeuCVBWL3ePARCiEKDRSrNGbFIgUJpLp+XeIR65v8ra7WuJOFUBtkMA==", + "requires": { + "find-up": "^3.0.0" + }, + "dependencies": { + "find-up": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-3.0.0.tgz", + "integrity": "sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==", + "requires": { + "locate-path": "^3.0.0" + } + } + } + }, + "pn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/pn/-/pn-1.1.0.tgz", + "integrity": "sha512-2qHaIQr2VLRFoxe2nASzsV6ef4yOOH+Fi9FBOVH6cqeSgUnoyySPZkxzLuzd+RYOQTRpROA0ztTMqxROKSb/nA==" + }, + "pnp-webpack-plugin": { + "version": "1.6.4", + "resolved": "https://registry.npmjs.org/pnp-webpack-plugin/-/pnp-webpack-plugin-1.6.4.tgz", + "integrity": "sha512-7Wjy+9E3WwLOEL30D+m8TSTF7qJJUJLONBnwQp0518siuMxUQUbgZwssaFX+QKlZkjHZcw/IpZCt/H0srrntSg==", + "requires": { + "ts-pnp": "^1.1.6" + } + }, + "popper.js": { + "version": "1.15.0", + "resolved": "https://registry.npmjs.org/popper.js/-/popper.js-1.15.0.tgz", + "integrity": "sha512-w010cY1oCUmI+9KwwlWki+r5jxKfTFDVoadl7MSrIujHU5MJ5OR6HTDj6Xo8aoR/QsA56x8jKjA59qGH4ELtrA==" + }, + "portfinder": { + "version": "1.0.28", + "resolved": "https://registry.npmjs.org/portfinder/-/portfinder-1.0.28.tgz", + "integrity": "sha512-Se+2isanIcEqf2XMHjyUKskczxbPH7dQnlMjXX6+dybayyHvAf/TCgyMRlzf/B6QDhAEFOGes0pzRo3by4AbMA==", + "requires": { + "async": "^2.6.2", + "debug": "^3.1.1", + "mkdirp": "^0.5.5" + }, + "dependencies": { + "debug": { + "version": "3.2.7", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", + "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==", + "requires": { + "ms": "^2.1.1" + } + }, + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" + } + } + }, + "posix-character-classes": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz", + "integrity": "sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=" + }, + "postcss": { + "version": "7.0.36", + "resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.36.tgz", + "integrity": "sha512-BebJSIUMwJHRH0HAQoxN4u1CN86glsrwsW0q7T+/m44eXOUAxSNdHRkNZPYz5vVUbg17hFgOQDE7fZk7li3pZw==", + "requires": { + "chalk": "^2.4.2", + "source-map": "^0.6.1", + "supports-color": "^6.1.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + }, + "dependencies": { + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + }, + "supports-color": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-6.1.0.tgz", + "integrity": "sha512-qe1jfm1Mg7Nq/NSh6XE24gPXROEVsWHxC1LIx//XNlD9iw7YZQGjZNjYN7xGaEG6iKdA8EtNFW6R0gjnVXp+wQ==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "postcss-attribute-case-insensitive": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-attribute-case-insensitive/-/postcss-attribute-case-insensitive-4.0.2.tgz", + "integrity": "sha512-clkFxk/9pcdb4Vkn0hAHq3YnxBQ2p0CGD1dy24jN+reBck+EWxMbxSUqN4Yj7t0w8csl87K6p0gxBe1utkJsYA==", + "requires": { + "postcss": "^7.0.2", + "postcss-selector-parser": "^6.0.2" + } + }, + "postcss-browser-comments": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/postcss-browser-comments/-/postcss-browser-comments-3.0.0.tgz", + "integrity": "sha512-qfVjLfq7HFd2e0HW4s1dvU8X080OZdG46fFbIBFjW7US7YPDcWfRvdElvwMJr2LI6hMmD+7LnH2HcmXTs+uOig==", + "requires": { + "postcss": "^7" + } + }, + "postcss-calc": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/postcss-calc/-/postcss-calc-7.0.2.tgz", + "integrity": "sha512-rofZFHUg6ZIrvRwPeFktv06GdbDYLcGqh9EwiMutZg+a0oePCCw1zHOEiji6LCpyRcjTREtPASuUqeAvYlEVvQ==", + "requires": { + "postcss": "^7.0.27", + "postcss-selector-parser": "^6.0.2", + "postcss-value-parser": "^4.0.2" + } + }, + "postcss-color-functional-notation": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/postcss-color-functional-notation/-/postcss-color-functional-notation-2.0.1.tgz", + "integrity": "sha512-ZBARCypjEDofW4P6IdPVTLhDNXPRn8T2s1zHbZidW6rPaaZvcnCS2soYFIQJrMZSxiePJ2XIYTlcb2ztr/eT2g==", + "requires": { + "postcss": "^7.0.2", + "postcss-values-parser": "^2.0.0" + } + }, + "postcss-color-gray": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/postcss-color-gray/-/postcss-color-gray-5.0.0.tgz", + "integrity": "sha512-q6BuRnAGKM/ZRpfDascZlIZPjvwsRye7UDNalqVz3s7GDxMtqPY6+Q871liNxsonUw8oC61OG+PSaysYpl1bnw==", + "requires": { + "@csstools/convert-colors": "^1.4.0", + "postcss": "^7.0.5", + "postcss-values-parser": "^2.0.0" + } + }, + "postcss-color-hex-alpha": { + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/postcss-color-hex-alpha/-/postcss-color-hex-alpha-5.0.3.tgz", + "integrity": "sha512-PF4GDel8q3kkreVXKLAGNpHKilXsZ6xuu+mOQMHWHLPNyjiUBOr75sp5ZKJfmv1MCus5/DWUGcK9hm6qHEnXYw==", + "requires": { + "postcss": "^7.0.14", + "postcss-values-parser": "^2.0.1" + } + }, + "postcss-color-mod-function": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/postcss-color-mod-function/-/postcss-color-mod-function-3.0.3.tgz", + "integrity": "sha512-YP4VG+xufxaVtzV6ZmhEtc+/aTXH3d0JLpnYfxqTvwZPbJhWqp8bSY3nfNzNRFLgB4XSaBA82OE4VjOOKpCdVQ==", + "requires": { + "@csstools/convert-colors": "^1.4.0", + "postcss": "^7.0.2", + "postcss-values-parser": "^2.0.0" + } + }, + "postcss-color-rebeccapurple": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-color-rebeccapurple/-/postcss-color-rebeccapurple-4.0.1.tgz", + "integrity": "sha512-aAe3OhkS6qJXBbqzvZth2Au4V3KieR5sRQ4ptb2b2O8wgvB3SJBsdG+jsn2BZbbwekDG8nTfcCNKcSfe/lEy8g==", + "requires": { + "postcss": "^7.0.2", + "postcss-values-parser": "^2.0.0" + } + }, + "postcss-colormin": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/postcss-colormin/-/postcss-colormin-4.0.3.tgz", + "integrity": "sha512-WyQFAdDZpExQh32j0U0feWisZ0dmOtPl44qYmJKkq9xFWY3p+4qnRzCHeNrkeRhwPHz9bQ3mo0/yVkaply0MNw==", + "requires": { + "browserslist": "^4.0.0", + "color": "^3.0.0", + "has": "^1.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-convert-values": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-convert-values/-/postcss-convert-values-4.0.1.tgz", + "integrity": "sha512-Kisdo1y77KUC0Jmn0OXU/COOJbzM8cImvw1ZFsBgBgMgb1iL23Zs/LXRe3r+EZqM3vGYKdQ2YJVQ5VkJI+zEJQ==", + "requires": { + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-custom-media": { + "version": "7.0.8", + "resolved": "https://registry.npmjs.org/postcss-custom-media/-/postcss-custom-media-7.0.8.tgz", + "integrity": "sha512-c9s5iX0Ge15o00HKbuRuTqNndsJUbaXdiNsksnVH8H4gdc+zbLzr/UasOwNG6CTDpLFekVY4672eWdiiWu2GUg==", + "requires": { + "postcss": "^7.0.14" + } + }, + "postcss-custom-properties": { + "version": "8.0.11", + "resolved": "https://registry.npmjs.org/postcss-custom-properties/-/postcss-custom-properties-8.0.11.tgz", + "integrity": "sha512-nm+o0eLdYqdnJ5abAJeXp4CEU1c1k+eB2yMCvhgzsds/e0umabFrN6HoTy/8Q4K5ilxERdl/JD1LO5ANoYBeMA==", + "requires": { + "postcss": "^7.0.17", + "postcss-values-parser": "^2.0.1" + } + }, + "postcss-custom-selectors": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/postcss-custom-selectors/-/postcss-custom-selectors-5.1.2.tgz", + "integrity": "sha512-DSGDhqinCqXqlS4R7KGxL1OSycd1lydugJ1ky4iRXPHdBRiozyMHrdu0H3o7qNOCiZwySZTUI5MV0T8QhCLu+w==", + "requires": { + "postcss": "^7.0.2", + "postcss-selector-parser": "^5.0.0-rc.3" + }, + "dependencies": { + "cssesc": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/cssesc/-/cssesc-2.0.0.tgz", + "integrity": "sha512-MsCAG1z9lPdoO/IUMLSBWBSVxVtJ1395VGIQ+Fc2gNdkQ1hNDnQdw3YhA71WJCBW1vdwA0cAnk/DnW6bqoEUYg==" + }, + "postcss-selector-parser": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-5.0.0.tgz", + "integrity": "sha512-w+zLE5Jhg6Liz8+rQOWEAwtwkyqpfnmsinXjXg6cY7YIONZZtgvE0v2O0uhQBs0peNomOJwWRKt6JBfTdTd3OQ==", + "requires": { + "cssesc": "^2.0.0", + "indexes-of": "^1.0.1", + "uniq": "^1.0.1" + } + } + } + }, + "postcss-dir-pseudo-class": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/postcss-dir-pseudo-class/-/postcss-dir-pseudo-class-5.0.0.tgz", + "integrity": "sha512-3pm4oq8HYWMZePJY+5ANriPs3P07q+LW6FAdTlkFH2XqDdP4HeeJYMOzn0HYLhRSjBO3fhiqSwwU9xEULSrPgw==", + "requires": { + "postcss": "^7.0.2", + "postcss-selector-parser": "^5.0.0-rc.3" + }, + "dependencies": { + "cssesc": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/cssesc/-/cssesc-2.0.0.tgz", + "integrity": "sha512-MsCAG1z9lPdoO/IUMLSBWBSVxVtJ1395VGIQ+Fc2gNdkQ1hNDnQdw3YhA71WJCBW1vdwA0cAnk/DnW6bqoEUYg==" + }, + "postcss-selector-parser": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-5.0.0.tgz", + "integrity": "sha512-w+zLE5Jhg6Liz8+rQOWEAwtwkyqpfnmsinXjXg6cY7YIONZZtgvE0v2O0uhQBs0peNomOJwWRKt6JBfTdTd3OQ==", + "requires": { + "cssesc": "^2.0.0", + "indexes-of": "^1.0.1", + "uniq": "^1.0.1" + } + } + } + }, + "postcss-discard-comments": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-discard-comments/-/postcss-discard-comments-4.0.2.tgz", + "integrity": "sha512-RJutN259iuRf3IW7GZyLM5Sw4GLTOH8FmsXBnv8Ab/Tc2k4SR4qbV4DNbyyY4+Sjo362SyDmW2DQ7lBSChrpkg==", + "requires": { + "postcss": "^7.0.0" + } + }, + "postcss-discard-duplicates": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-discard-duplicates/-/postcss-discard-duplicates-4.0.2.tgz", + "integrity": "sha512-ZNQfR1gPNAiXZhgENFfEglF93pciw0WxMkJeVmw8eF+JZBbMD7jp6C67GqJAXVZP2BWbOztKfbsdmMp/k8c6oQ==", + "requires": { + "postcss": "^7.0.0" + } + }, + "postcss-discard-empty": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-discard-empty/-/postcss-discard-empty-4.0.1.tgz", + "integrity": "sha512-B9miTzbznhDjTfjvipfHoqbWKwd0Mj+/fL5s1QOz06wufguil+Xheo4XpOnc4NqKYBCNqqEzgPv2aPBIJLox0w==", + "requires": { + "postcss": "^7.0.0" + } + }, + "postcss-discard-overridden": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-discard-overridden/-/postcss-discard-overridden-4.0.1.tgz", + "integrity": "sha512-IYY2bEDD7g1XM1IDEsUT4//iEYCxAmP5oDSFMVU/JVvT7gh+l4fmjciLqGgwjdWpQIdb0Che2VX00QObS5+cTg==", + "requires": { + "postcss": "^7.0.0" + } + }, + "postcss-double-position-gradients": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/postcss-double-position-gradients/-/postcss-double-position-gradients-1.0.0.tgz", + "integrity": "sha512-G+nV8EnQq25fOI8CH/B6krEohGWnF5+3A6H/+JEpOncu5dCnkS1QQ6+ct3Jkaepw1NGVqqOZH6lqrm244mCftA==", + "requires": { + "postcss": "^7.0.5", + "postcss-values-parser": "^2.0.0" + } + }, + "postcss-env-function": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/postcss-env-function/-/postcss-env-function-2.0.2.tgz", + "integrity": "sha512-rwac4BuZlITeUbiBq60h/xbLzXY43qOsIErngWa4l7Mt+RaSkT7QBjXVGTcBHupykkblHMDrBFh30zchYPaOUw==", + "requires": { + "postcss": "^7.0.2", + "postcss-values-parser": "^2.0.0" + } + }, + "postcss-flexbugs-fixes": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/postcss-flexbugs-fixes/-/postcss-flexbugs-fixes-4.1.0.tgz", + "integrity": "sha512-jr1LHxQvStNNAHlgco6PzY308zvLklh7SJVYuWUwyUQncofaAlD2l+P/gxKHOdqWKe7xJSkVLFF/2Tp+JqMSZA==", + "requires": { + "postcss": "^7.0.0" + } + }, + "postcss-focus-visible": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/postcss-focus-visible/-/postcss-focus-visible-4.0.0.tgz", + "integrity": "sha512-Z5CkWBw0+idJHSV6+Bgf2peDOFf/x4o+vX/pwcNYrWpXFrSfTkQ3JQ1ojrq9yS+upnAlNRHeg8uEwFTgorjI8g==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-focus-within": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/postcss-focus-within/-/postcss-focus-within-3.0.0.tgz", + "integrity": "sha512-W0APui8jQeBKbCGZudW37EeMCjDeVxKgiYfIIEo8Bdh5SpB9sxds/Iq8SEuzS0Q4YFOlG7EPFulbbxujpkrV2w==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-font-variant": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/postcss-font-variant/-/postcss-font-variant-4.0.0.tgz", + "integrity": "sha512-M8BFYKOvCrI2aITzDad7kWuXXTm0YhGdP9Q8HanmN4EF1Hmcgs1KK5rSHylt/lUJe8yLxiSwWAHdScoEiIxztg==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-gap-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/postcss-gap-properties/-/postcss-gap-properties-2.0.0.tgz", + "integrity": "sha512-QZSqDaMgXCHuHTEzMsS2KfVDOq7ZFiknSpkrPJY6jmxbugUPTuSzs/vuE5I3zv0WAS+3vhrlqhijiprnuQfzmg==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-image-set-function": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/postcss-image-set-function/-/postcss-image-set-function-3.0.1.tgz", + "integrity": "sha512-oPTcFFip5LZy8Y/whto91L9xdRHCWEMs3e1MdJxhgt4jy2WYXfhkng59fH5qLXSCPN8k4n94p1Czrfe5IOkKUw==", + "requires": { + "postcss": "^7.0.2", + "postcss-values-parser": "^2.0.0" + } + }, + "postcss-initial": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/postcss-initial/-/postcss-initial-3.0.2.tgz", + "integrity": "sha512-ugA2wKonC0xeNHgirR4D3VWHs2JcU08WAi1KFLVcnb7IN89phID6Qtg2RIctWbnvp1TM2BOmDtX8GGLCKdR8YA==", + "requires": { + "lodash.template": "^4.5.0", + "postcss": "^7.0.2" + } + }, + "postcss-lab-function": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/postcss-lab-function/-/postcss-lab-function-2.0.1.tgz", + "integrity": "sha512-whLy1IeZKY+3fYdqQFuDBf8Auw+qFuVnChWjmxm/UhHWqNHZx+B99EwxTvGYmUBqe3Fjxs4L1BoZTJmPu6usVg==", + "requires": { + "@csstools/convert-colors": "^1.4.0", + "postcss": "^7.0.2", + "postcss-values-parser": "^2.0.0" + } + }, + "postcss-load-config": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-2.1.0.tgz", + "integrity": "sha512-4pV3JJVPLd5+RueiVVB+gFOAa7GWc25XQcMp86Zexzke69mKf6Nx9LRcQywdz7yZI9n1udOxmLuAwTBypypF8Q==", + "requires": { + "cosmiconfig": "^5.0.0", + "import-cwd": "^2.0.0" + } + }, + "postcss-loader": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/postcss-loader/-/postcss-loader-3.0.0.tgz", + "integrity": "sha512-cLWoDEY5OwHcAjDnkyRQzAXfs2jrKjXpO/HQFcc5b5u/r7aa471wdmChmwfnv7x2u840iat/wi0lQ5nbRgSkUA==", + "requires": { + "loader-utils": "^1.1.0", + "postcss": "^7.0.0", + "postcss-load-config": "^2.0.0", + "schema-utils": "^1.0.0" + }, + "dependencies": { + "schema-utils": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-1.0.0.tgz", + "integrity": "sha512-i27Mic4KovM/lnGsy8whRCHhc7VicJajAjTrYg11K9zfZXnYIt4k5F+kZkwjnrhKzLic/HLU4j11mjsz2G/75g==", + "requires": { + "ajv": "^6.1.0", + "ajv-errors": "^1.0.0", + "ajv-keywords": "^3.1.0" + } + } + } + }, + "postcss-logical": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/postcss-logical/-/postcss-logical-3.0.0.tgz", + "integrity": "sha512-1SUKdJc2vuMOmeItqGuNaC+N8MzBWFWEkAnRnLpFYj1tGGa7NqyVBujfRtgNa2gXR+6RkGUiB2O5Vmh7E2RmiA==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-media-minmax": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/postcss-media-minmax/-/postcss-media-minmax-4.0.0.tgz", + "integrity": "sha512-fo9moya6qyxsjbFAYl97qKO9gyre3qvbMnkOZeZwlsW6XYFsvs2DMGDlchVLfAd8LHPZDxivu/+qW2SMQeTHBw==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-merge-longhand": { + "version": "4.0.11", + "resolved": "https://registry.npmjs.org/postcss-merge-longhand/-/postcss-merge-longhand-4.0.11.tgz", + "integrity": "sha512-alx/zmoeXvJjp7L4mxEMjh8lxVlDFX1gqWHzaaQewwMZiVhLo42TEClKaeHbRf6J7j82ZOdTJ808RtN0ZOZwvw==", + "requires": { + "css-color-names": "0.0.4", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0", + "stylehacks": "^4.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-merge-rules": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/postcss-merge-rules/-/postcss-merge-rules-4.0.3.tgz", + "integrity": "sha512-U7e3r1SbvYzO0Jr3UT/zKBVgYYyhAz0aitvGIYOYK5CPmkNih+WDSsS5tvPrJ8YMQYlEMvsZIiqmn7HdFUaeEQ==", + "requires": { + "browserslist": "^4.0.0", + "caniuse-api": "^3.0.0", + "cssnano-util-same-parent": "^4.0.0", + "postcss": "^7.0.0", + "postcss-selector-parser": "^3.0.0", + "vendors": "^1.0.0" + }, + "dependencies": { + "postcss-selector-parser": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-3.1.2.tgz", + "integrity": "sha512-h7fJ/5uWuRVyOtkO45pnt1Ih40CEleeyCHzipqAZO2e5H20g25Y48uYnFUiShvY4rZWNJ/Bib/KVPmanaCtOhA==", + "requires": { + "dot-prop": "^5.2.0", + "indexes-of": "^1.0.1", + "uniq": "^1.0.1" + } + } + } + }, + "postcss-minify-font-values": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-minify-font-values/-/postcss-minify-font-values-4.0.2.tgz", + "integrity": "sha512-j85oO6OnRU9zPf04+PZv1LYIYOprWm6IA6zkXkrJXyRveDEuQggG6tvoy8ir8ZwjLxLuGfNkCZEQG7zan+Hbtg==", + "requires": { + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-minify-gradients": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-minify-gradients/-/postcss-minify-gradients-4.0.2.tgz", + "integrity": "sha512-qKPfwlONdcf/AndP1U8SJ/uzIJtowHlMaSioKzebAXSG4iJthlWC9iSWznQcX4f66gIWX44RSA841HTHj3wK+Q==", + "requires": { + "cssnano-util-get-arguments": "^4.0.0", + "is-color-stop": "^1.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-minify-params": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-minify-params/-/postcss-minify-params-4.0.2.tgz", + "integrity": "sha512-G7eWyzEx0xL4/wiBBJxJOz48zAKV2WG3iZOqVhPet/9geefm/Px5uo1fzlHu+DOjT+m0Mmiz3jkQzVHe6wxAWg==", + "requires": { + "alphanum-sort": "^1.0.0", + "browserslist": "^4.0.0", + "cssnano-util-get-arguments": "^4.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0", + "uniqs": "^2.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-minify-selectors": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-minify-selectors/-/postcss-minify-selectors-4.0.2.tgz", + "integrity": "sha512-D5S1iViljXBj9kflQo4YutWnJmwm8VvIsU1GeXJGiG9j8CIg9zs4voPMdQDUmIxetUOh60VilsNzCiAFTOqu3g==", + "requires": { + "alphanum-sort": "^1.0.0", + "has": "^1.0.0", + "postcss": "^7.0.0", + "postcss-selector-parser": "^3.0.0" + }, + "dependencies": { + "postcss-selector-parser": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-3.1.2.tgz", + "integrity": "sha512-h7fJ/5uWuRVyOtkO45pnt1Ih40CEleeyCHzipqAZO2e5H20g25Y48uYnFUiShvY4rZWNJ/Bib/KVPmanaCtOhA==", + "requires": { + "dot-prop": "^5.2.0", + "indexes-of": "^1.0.1", + "uniq": "^1.0.1" + } + } + } + }, + "postcss-modules-extract-imports": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/postcss-modules-extract-imports/-/postcss-modules-extract-imports-2.0.0.tgz", + "integrity": "sha512-LaYLDNS4SG8Q5WAWqIJgdHPJrDDr/Lv775rMBFUbgjTz6j34lUznACHcdRWroPvXANP2Vj7yNK57vp9eFqzLWQ==", + "requires": { + "postcss": "^7.0.5" + } + }, + "postcss-modules-local-by-default": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/postcss-modules-local-by-default/-/postcss-modules-local-by-default-3.0.3.tgz", + "integrity": "sha512-e3xDq+LotiGesympRlKNgaJ0PCzoUIdpH0dj47iWAui/kyTgh3CiAr1qP54uodmJhl6p9rN6BoNcdEDVJx9RDw==", + "requires": { + "icss-utils": "^4.1.1", + "postcss": "^7.0.32", + "postcss-selector-parser": "^6.0.2", + "postcss-value-parser": "^4.1.0" + } + }, + "postcss-modules-scope": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/postcss-modules-scope/-/postcss-modules-scope-2.2.0.tgz", + "integrity": "sha512-YyEgsTMRpNd+HmyC7H/mh3y+MeFWevy7V1evVhJWewmMbjDHIbZbOXICC2y+m1xI1UVfIT1HMW/O04Hxyu9oXQ==", + "requires": { + "postcss": "^7.0.6", + "postcss-selector-parser": "^6.0.0" + } + }, + "postcss-modules-values": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/postcss-modules-values/-/postcss-modules-values-3.0.0.tgz", + "integrity": "sha512-1//E5jCBrZ9DmRX+zCtmQtRSV6PV42Ix7Bzj9GbwJceduuf7IqP8MgeTXuRDHOWj2m0VzZD5+roFWDuU8RQjcg==", + "requires": { + "icss-utils": "^4.0.0", + "postcss": "^7.0.6" + } + }, + "postcss-nesting": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/postcss-nesting/-/postcss-nesting-7.0.1.tgz", + "integrity": "sha512-FrorPb0H3nuVq0Sff7W2rnc3SmIcruVC6YwpcS+k687VxyxO33iE1amna7wHuRVzM8vfiYofXSBHNAZ3QhLvYg==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-normalize": { + "version": "8.0.1", + "resolved": "https://registry.npmjs.org/postcss-normalize/-/postcss-normalize-8.0.1.tgz", + "integrity": "sha512-rt9JMS/m9FHIRroDDBGSMsyW1c0fkvOJPy62ggxSHUldJO7B195TqFMqIf+lY5ezpDcYOV4j86aUp3/XbxzCCQ==", + "requires": { + "@csstools/normalize.css": "^10.1.0", + "browserslist": "^4.6.2", + "postcss": "^7.0.17", + "postcss-browser-comments": "^3.0.0", + "sanitize.css": "^10.0.0" + } + }, + "postcss-normalize-charset": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-normalize-charset/-/postcss-normalize-charset-4.0.1.tgz", + "integrity": "sha512-gMXCrrlWh6G27U0hF3vNvR3w8I1s2wOBILvA87iNXaPvSNo5uZAMYsZG7XjCUf1eVxuPfyL4TJ7++SGZLc9A3g==", + "requires": { + "postcss": "^7.0.0" + } + }, + "postcss-normalize-display-values": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-normalize-display-values/-/postcss-normalize-display-values-4.0.2.tgz", + "integrity": "sha512-3F2jcsaMW7+VtRMAqf/3m4cPFhPD3EFRgNs18u+k3lTJJlVe7d0YPO+bnwqo2xg8YiRpDXJI2u8A0wqJxMsQuQ==", + "requires": { + "cssnano-util-get-match": "^4.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-normalize-positions": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-normalize-positions/-/postcss-normalize-positions-4.0.2.tgz", + "integrity": "sha512-Dlf3/9AxpxE+NF1fJxYDeggi5WwV35MXGFnnoccP/9qDtFrTArZ0D0R+iKcg5WsUd8nUYMIl8yXDCtcrT8JrdA==", + "requires": { + "cssnano-util-get-arguments": "^4.0.0", + "has": "^1.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-normalize-repeat-style": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-normalize-repeat-style/-/postcss-normalize-repeat-style-4.0.2.tgz", + "integrity": "sha512-qvigdYYMpSuoFs3Is/f5nHdRLJN/ITA7huIoCyqqENJe9PvPmLhNLMu7QTjPdtnVf6OcYYO5SHonx4+fbJE1+Q==", + "requires": { + "cssnano-util-get-arguments": "^4.0.0", + "cssnano-util-get-match": "^4.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-normalize-string": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-normalize-string/-/postcss-normalize-string-4.0.2.tgz", + "integrity": "sha512-RrERod97Dnwqq49WNz8qo66ps0swYZDSb6rM57kN2J+aoyEAJfZ6bMx0sx/F9TIEX0xthPGCmeyiam/jXif0eA==", + "requires": { + "has": "^1.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-normalize-timing-functions": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-normalize-timing-functions/-/postcss-normalize-timing-functions-4.0.2.tgz", + "integrity": "sha512-acwJY95edP762e++00Ehq9L4sZCEcOPyaHwoaFOhIwWCDfik6YvqsYNxckee65JHLKzuNSSmAdxwD2Cud1Z54A==", + "requires": { + "cssnano-util-get-match": "^4.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-normalize-unicode": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-normalize-unicode/-/postcss-normalize-unicode-4.0.1.tgz", + "integrity": "sha512-od18Uq2wCYn+vZ/qCOeutvHjB5jm57ToxRaMeNuf0nWVHaP9Hua56QyMF6fs/4FSUnVIw0CBPsU0K4LnBPwYwg==", + "requires": { + "browserslist": "^4.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-normalize-url": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-normalize-url/-/postcss-normalize-url-4.0.1.tgz", + "integrity": "sha512-p5oVaF4+IHwu7VpMan/SSpmpYxcJMtkGppYf0VbdH5B6hN8YNmVyJLuY9FmLQTzY3fag5ESUUHDqM+heid0UVA==", + "requires": { + "is-absolute-url": "^2.0.0", + "normalize-url": "^3.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "normalize-url": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-3.3.0.tgz", + "integrity": "sha512-U+JJi7duF1o+u2pynbp2zXDW2/PADgC30f0GsHZtRh+HOcXHnw137TrNlyxxRvWW5fjKd3bcLHPxofWuCjaeZg==" + }, + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-normalize-whitespace": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-normalize-whitespace/-/postcss-normalize-whitespace-4.0.2.tgz", + "integrity": "sha512-tO8QIgrsI3p95r8fyqKV+ufKlSHh9hMJqACqbv2XknufqEDhDvbguXGBBqxw9nsQoXWf0qOqppziKJKHMD4GtA==", + "requires": { + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-ordered-values": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/postcss-ordered-values/-/postcss-ordered-values-4.1.2.tgz", + "integrity": "sha512-2fCObh5UanxvSxeXrtLtlwVThBvHn6MQcu4ksNT2tsaV2Fg76R2CV98W7wNSlX+5/pFwEyaDwKLLoEV7uRybAw==", + "requires": { + "cssnano-util-get-arguments": "^4.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-overflow-shorthand": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/postcss-overflow-shorthand/-/postcss-overflow-shorthand-2.0.0.tgz", + "integrity": "sha512-aK0fHc9CBNx8jbzMYhshZcEv8LtYnBIRYQD5i7w/K/wS9c2+0NSR6B3OVMu5y0hBHYLcMGjfU+dmWYNKH0I85g==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-page-break": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/postcss-page-break/-/postcss-page-break-2.0.0.tgz", + "integrity": "sha512-tkpTSrLpfLfD9HvgOlJuigLuk39wVTbbd8RKcy8/ugV2bNBUW3xU+AIqyxhDrQr1VUj1RmyJrBn1YWrqUm9zAQ==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-place": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-place/-/postcss-place-4.0.1.tgz", + "integrity": "sha512-Zb6byCSLkgRKLODj/5mQugyuj9bvAAw9LqJJjgwz5cYryGeXfFZfSXoP1UfveccFmeq0b/2xxwcTEVScnqGxBg==", + "requires": { + "postcss": "^7.0.2", + "postcss-values-parser": "^2.0.0" + } + }, + "postcss-preset-env": { + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/postcss-preset-env/-/postcss-preset-env-6.7.0.tgz", + "integrity": "sha512-eU4/K5xzSFwUFJ8hTdTQzo2RBLbDVt83QZrAvI07TULOkmyQlnYlpwep+2yIK+K+0KlZO4BvFcleOCCcUtwchg==", + "requires": { + "autoprefixer": "^9.6.1", + "browserslist": "^4.6.4", + "caniuse-lite": "^1.0.30000981", + "css-blank-pseudo": "^0.1.4", + "css-has-pseudo": "^0.10.0", + "css-prefers-color-scheme": "^3.1.1", + "cssdb": "^4.4.0", + "postcss": "^7.0.17", + "postcss-attribute-case-insensitive": "^4.0.1", + "postcss-color-functional-notation": "^2.0.1", + "postcss-color-gray": "^5.0.0", + "postcss-color-hex-alpha": "^5.0.3", + "postcss-color-mod-function": "^3.0.3", + "postcss-color-rebeccapurple": "^4.0.1", + "postcss-custom-media": "^7.0.8", + "postcss-custom-properties": "^8.0.11", + "postcss-custom-selectors": "^5.1.2", + "postcss-dir-pseudo-class": "^5.0.0", + "postcss-double-position-gradients": "^1.0.0", + "postcss-env-function": "^2.0.2", + "postcss-focus-visible": "^4.0.0", + "postcss-focus-within": "^3.0.0", + "postcss-font-variant": "^4.0.0", + "postcss-gap-properties": "^2.0.0", + "postcss-image-set-function": "^3.0.1", + "postcss-initial": "^3.0.0", + "postcss-lab-function": "^2.0.1", + "postcss-logical": "^3.0.0", + "postcss-media-minmax": "^4.0.0", + "postcss-nesting": "^7.0.0", + "postcss-overflow-shorthand": "^2.0.0", + "postcss-page-break": "^2.0.0", + "postcss-place": "^4.0.1", + "postcss-pseudo-class-any-link": "^6.0.0", + "postcss-replace-overflow-wrap": "^3.0.0", + "postcss-selector-matches": "^4.0.0", + "postcss-selector-not": "^4.0.0" + } + }, + "postcss-pseudo-class-any-link": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/postcss-pseudo-class-any-link/-/postcss-pseudo-class-any-link-6.0.0.tgz", + "integrity": "sha512-lgXW9sYJdLqtmw23otOzrtbDXofUdfYzNm4PIpNE322/swES3VU9XlXHeJS46zT2onFO7V1QFdD4Q9LiZj8mew==", + "requires": { + "postcss": "^7.0.2", + "postcss-selector-parser": "^5.0.0-rc.3" + }, + "dependencies": { + "cssesc": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/cssesc/-/cssesc-2.0.0.tgz", + "integrity": "sha512-MsCAG1z9lPdoO/IUMLSBWBSVxVtJ1395VGIQ+Fc2gNdkQ1hNDnQdw3YhA71WJCBW1vdwA0cAnk/DnW6bqoEUYg==" + }, + "postcss-selector-parser": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-5.0.0.tgz", + "integrity": "sha512-w+zLE5Jhg6Liz8+rQOWEAwtwkyqpfnmsinXjXg6cY7YIONZZtgvE0v2O0uhQBs0peNomOJwWRKt6JBfTdTd3OQ==", + "requires": { + "cssesc": "^2.0.0", + "indexes-of": "^1.0.1", + "uniq": "^1.0.1" + } + } + } + }, + "postcss-reduce-initial": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/postcss-reduce-initial/-/postcss-reduce-initial-4.0.3.tgz", + "integrity": "sha512-gKWmR5aUulSjbzOfD9AlJiHCGH6AEVLaM0AV+aSioxUDd16qXP1PCh8d1/BGVvpdWn8k/HiK7n6TjeoXN1F7DA==", + "requires": { + "browserslist": "^4.0.0", + "caniuse-api": "^3.0.0", + "has": "^1.0.0", + "postcss": "^7.0.0" + } + }, + "postcss-reduce-transforms": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-reduce-transforms/-/postcss-reduce-transforms-4.0.2.tgz", + "integrity": "sha512-EEVig1Q2QJ4ELpJXMZR8Vt5DQx8/mo+dGWSR7vWXqcob2gQLyQGsionYcGKATXvQzMPn6DSN1vTN7yFximdIAg==", + "requires": { + "cssnano-util-get-match": "^4.0.0", + "has": "^1.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-replace-overflow-wrap": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/postcss-replace-overflow-wrap/-/postcss-replace-overflow-wrap-3.0.0.tgz", + "integrity": "sha512-2T5hcEHArDT6X9+9dVSPQdo7QHzG4XKclFT8rU5TzJPDN7RIRTbO9c4drUISOVemLj03aezStHCR2AIcr8XLpw==", + "requires": { + "postcss": "^7.0.2" + } + }, + "postcss-safe-parser": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-safe-parser/-/postcss-safe-parser-4.0.1.tgz", + "integrity": "sha512-xZsFA3uX8MO3yAda03QrG3/Eg1LN3EPfjjf07vke/46HERLZyHrTsQ9E1r1w1W//fWEhtYNndo2hQplN2cVpCQ==", + "requires": { + "postcss": "^7.0.0" + } + }, + "postcss-selector-matches": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/postcss-selector-matches/-/postcss-selector-matches-4.0.0.tgz", + "integrity": "sha512-LgsHwQR/EsRYSqlwdGzeaPKVT0Ml7LAT6E75T8W8xLJY62CE4S/l03BWIt3jT8Taq22kXP08s2SfTSzaraoPww==", + "requires": { + "balanced-match": "^1.0.0", + "postcss": "^7.0.2" + } + }, + "postcss-selector-not": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/postcss-selector-not/-/postcss-selector-not-4.0.0.tgz", + "integrity": "sha512-W+bkBZRhqJaYN8XAnbbZPLWMvZD1wKTu0UxtFKdhtGjWYmxhkUneoeOhRJKdAE5V7ZTlnbHfCR+6bNwK9e1dTQ==", + "requires": { + "balanced-match": "^1.0.0", + "postcss": "^7.0.2" + } + }, + "postcss-selector-parser": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.0.2.tgz", + "integrity": "sha512-36P2QR59jDTOAiIkqEprfJDsoNrvwFei3eCqKd1Y0tUsBimsq39BLp7RD+JWny3WgB1zGhJX8XVePwm9k4wdBg==", + "requires": { + "cssesc": "^3.0.0", + "indexes-of": "^1.0.1", + "uniq": "^1.0.1" + } + }, + "postcss-svgo": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/postcss-svgo/-/postcss-svgo-4.0.2.tgz", + "integrity": "sha512-C6wyjo3VwFm0QgBy+Fu7gCYOkCmgmClghO+pjcxvrcBKtiKt0uCF+hvbMO1fyv5BMImRK90SMb+dwUnfbGd+jw==", + "requires": { + "is-svg": "^3.0.0", + "postcss": "^7.0.0", + "postcss-value-parser": "^3.0.0", + "svgo": "^1.0.0" + }, + "dependencies": { + "postcss-value-parser": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz", + "integrity": "sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==" + } + } + }, + "postcss-unique-selectors": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/postcss-unique-selectors/-/postcss-unique-selectors-4.0.1.tgz", + "integrity": "sha512-+JanVaryLo9QwZjKrmJgkI4Fn8SBgRO6WXQBJi7KiAVPlmxikB5Jzc4EvXMT2H0/m0RjrVVm9rGNhZddm/8Spg==", + "requires": { + "alphanum-sort": "^1.0.0", + "postcss": "^7.0.0", + "uniqs": "^2.0.0" + } + }, + "postcss-value-parser": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.1.0.tgz", + "integrity": "sha512-97DXOFbQJhk71ne5/Mt6cOu6yxsSfM0QGQyl0L25Gca4yGWEGJaig7l7gbCX623VqTBNGLRLaVUCnNkcedlRSQ==" + }, + "postcss-values-parser": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/postcss-values-parser/-/postcss-values-parser-2.0.1.tgz", + "integrity": "sha512-2tLuBsA6P4rYTNKCXYG/71C7j1pU6pK503suYOmn4xYrQIzW+opD+7FAFNuGSdZC/3Qfy334QbeMu7MEb8gOxg==", + "requires": { + "flatten": "^1.0.2", + "indexes-of": "^1.0.1", + "uniq": "^1.0.1" + } + }, + "prelude-ls": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", + "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=" + }, + "prepend-http": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/prepend-http/-/prepend-http-1.0.4.tgz", + "integrity": "sha1-1PRWKwzjaW5BrFLQ4ALlemNdxtw=" + }, + "pretty-bytes": { + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/pretty-bytes/-/pretty-bytes-5.3.0.tgz", + "integrity": "sha512-hjGrh+P926p4R4WbaB6OckyRtO0F0/lQBiT+0gnxjV+5kjPBrfVBFCsCLbMqVQeydvIoouYTCmmEURiH3R1Bdg==" + }, + "pretty-error": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/pretty-error/-/pretty-error-2.1.1.tgz", + "integrity": "sha1-X0+HyPkeWuPzuoerTPXgOxoX8aM=", + "requires": { + "renderkid": "^2.0.1", + "utila": "~0.4" + } + }, + "pretty-format": { + "version": "24.9.0", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-24.9.0.tgz", + "integrity": "sha512-00ZMZUiHaJrNfk33guavqgvfJS30sLYf0f8+Srklv0AMPodGGHcoHgksZ3OThYnIvOd+8yMCn0YiEOogjlgsnA==", + "requires": { + "@jest/types": "^24.9.0", + "ansi-regex": "^4.0.0", + "ansi-styles": "^3.2.0", + "react-is": "^16.8.4" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" + }, + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + } + } + }, + "process": { + "version": "0.11.10", + "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", + "integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI=" + }, + "process-nextick-args": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", + "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==" + }, + "progress": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", + "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==" + }, + "promise-inflight": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/promise-inflight/-/promise-inflight-1.0.1.tgz", + "integrity": "sha1-mEcocL8igTL8vdhoEputEsPAKeM=" + }, + "prompts": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.3.2.tgz", + "integrity": "sha512-Q06uKs2CkNYVID0VqwfAl9mipo99zkBv/n2JtWY89Yxa3ZabWSrs0e2KTudKVa3peLUvYXMefDqIleLPVUBZMA==", + "requires": { + "kleur": "^3.0.3", + "sisteransi": "^1.0.4" + } + }, + "prop-types": { + "version": "15.7.2", + "resolved": "https://registry.npmjs.org/prop-types/-/prop-types-15.7.2.tgz", + "integrity": "sha512-8QQikdH7//R2vurIJSutZ1smHYTcLpRWEOlHnzcWHmBYrOGUysKwSsrC89BCiFj3CbrfJ/nXFdJepOVrY1GCHQ==", + "requires": { + "loose-envify": "^1.4.0", + "object-assign": "^4.1.1", + "react-is": "^16.8.1" + } + }, + "proxy-addr": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.6.tgz", + "integrity": "sha512-dh/frvCBVmSsDYzw6n926jv974gddhkFPfiN8hPOi30Wax25QZyZEGveluCgliBnqmuM+UJmBErbAUFIoDbjOw==", + "requires": { + "forwarded": "~0.1.2", + "ipaddr.js": "1.9.1" + } + }, + "prr": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/prr/-/prr-1.0.1.tgz", + "integrity": "sha1-0/wRS6BplaRexok/SEzrHXj19HY=" + }, + "pseudomap": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz", + "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM=" + }, + "psl": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", + "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" + }, + "public-encrypt": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/public-encrypt/-/public-encrypt-4.0.3.tgz", + "integrity": "sha512-zVpa8oKZSz5bTMTFClc1fQOnyyEzpl5ozpi1B5YcvBrdohMjH2rfsBtyXcuNuwjsDIXmBYlF2N5FlJYhR29t8Q==", + "requires": { + "bn.js": "^4.1.0", + "browserify-rsa": "^4.0.0", + "create-hash": "^1.1.0", + "parse-asn1": "^5.0.0", + "randombytes": "^2.0.1", + "safe-buffer": "^5.1.2" + }, + "dependencies": { + "bn.js": { + "version": "4.11.9", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz", + "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==" + } + } + }, + "pump": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==", + "requires": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "pumpify": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/pumpify/-/pumpify-1.5.1.tgz", + "integrity": "sha512-oClZI37HvuUJJxSKKrC17bZ9Cu0ZYhEAGPsPUy9KlMUmv9dKX2o77RUmq7f3XjIxbwyGwYzbzQ1L2Ks8sIradQ==", + "requires": { + "duplexify": "^3.6.0", + "inherits": "^2.0.3", + "pump": "^2.0.0" + }, + "dependencies": { + "pump": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/pump/-/pump-2.0.1.tgz", + "integrity": "sha512-ruPMNRkN3MHP1cWJc9OWr+T/xDP0jhXYCLfJcBuX54hhfIBnaQmAUMfDcG4DM5UMWByBbJY69QSphm3jtDKIkA==", + "requires": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + } + } + }, + "punycode": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" + }, + "q": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/q/-/q-1.5.1.tgz", + "integrity": "sha1-fjL3W0E4EpHQRhHxvxQQmsAGUdc=" + }, + "qs": { + "version": "6.9.4", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.4.tgz", + "integrity": "sha512-A1kFqHekCTM7cz0udomYUoYNWjBebHm/5wzU/XqrBRBNWectVH0QIiN+NEcZ0Dte5hvzHwbr8+XQmguPhJ6WdQ==" + }, + "query-string": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/query-string/-/query-string-4.3.4.tgz", + "integrity": "sha1-u7aTucqRXCMlFbIosaArYJBD2+s=", + "requires": { + "object-assign": "^4.1.0", + "strict-uri-encode": "^1.0.0" + } + }, + "querystring": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/querystring/-/querystring-0.2.0.tgz", + "integrity": "sha1-sgmEkgO7Jd+CDadW50cAWHhSFiA=" + }, + "querystring-es3": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/querystring-es3/-/querystring-es3-0.2.1.tgz", + "integrity": "sha1-nsYfeQSYdXB9aUFFlv2Qek1xHnM=" + }, + "querystringify": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.2.0.tgz", + "integrity": "sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==" + }, + "raf": { + "version": "3.4.1", + "resolved": "https://registry.npmjs.org/raf/-/raf-3.4.1.tgz", + "integrity": "sha512-Sq4CW4QhwOHE8ucn6J34MqtZCeWFP2aQSmrlroYgqAV1PjStIhJXxYuTgUIfkEk7zTLjmIjLmU5q+fbD1NnOJA==", + "requires": { + "performance-now": "^2.1.0" + } + }, + "randombytes": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz", + "integrity": "sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==", + "requires": { + "safe-buffer": "^5.1.0" + } + }, + "randomfill": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/randomfill/-/randomfill-1.0.4.tgz", + "integrity": "sha512-87lcbR8+MhcWcUiQ+9e+Rwx8MyR2P7qnt15ynUlbm3TU/fjbgz4GsvfSUDTemtCCtVCqb4ZcEFlyPNTh9bBTLw==", + "requires": { + "randombytes": "^2.0.5", + "safe-buffer": "^5.1.0" + } + }, + "range-parser": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", + "integrity": "sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==" + }, + "raw-body": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.4.0.tgz", + "integrity": "sha512-4Oz8DUIwdvoa5qMJelxipzi/iJIi40O5cGV1wNYp5hvZP8ZN0T+jiNkL0QepXs+EsQ9XJ8ipEDoiH70ySUJP3Q==", + "requires": { + "bytes": "3.1.0", + "http-errors": "1.7.2", + "iconv-lite": "0.4.24", + "unpipe": "1.0.0" + }, + "dependencies": { + "bytes": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz", + "integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg==" + } + } + }, + "react": { + "version": "16.10.2", + "resolved": "https://registry.npmjs.org/react/-/react-16.10.2.tgz", + "integrity": "sha512-MFVIq0DpIhrHFyqLU0S3+4dIcBhhOvBE8bJ/5kHPVOVaGdo0KuiQzpcjCPsf585WvhypqtrMILyoE2th6dT+Lw==", + "requires": { + "loose-envify": "^1.1.0", + "object-assign": "^4.1.1", + "prop-types": "^15.6.2" + } + }, + "react-app-polyfill": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/react-app-polyfill/-/react-app-polyfill-1.0.6.tgz", + "integrity": "sha512-OfBnObtnGgLGfweORmdZbyEz+3dgVePQBb3zipiaDsMHV1NpWm0rDFYIVXFV/AK+x4VIIfWHhrdMIeoTLyRr2g==", + "requires": { + "core-js": "^3.5.0", + "object-assign": "^4.1.1", + "promise": "^8.0.3", + "raf": "^3.4.1", + "regenerator-runtime": "^0.13.3", + "whatwg-fetch": "^3.0.0" + }, + "dependencies": { + "core-js": { + "version": "3.6.5", + "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.6.5.tgz", + "integrity": "sha512-vZVEEwZoIsI+vPEuoF9Iqf5H7/M3eeQqWlQnYa8FSKKePuYTf5MWnxb5SDAzCa60b3JBRS5g9b+Dq7b1y/RCrA==" + }, + "promise": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/promise/-/promise-8.1.0.tgz", + "integrity": "sha512-W04AqnILOL/sPRXziNicCjSNRruLAuIHEOVBazepu0545DDNGYHz7ar9ZgZ1fMU8/MA4mVxp5rkBWRi6OXIy3Q==", + "requires": { + "asap": "~2.0.6" + } + } + } + }, + "react-codemirror": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/react-codemirror/-/react-codemirror-1.0.0.tgz", + "integrity": "sha1-kUZ7U7H12A2Rai/QtMetuFqQAbo=", + "requires": { + "classnames": "^2.2.5", + "codemirror": "^5.18.2", + "create-react-class": "^15.5.1", + "lodash.debounce": "^4.0.8", + "lodash.isequal": "^4.5.0", + "prop-types": "^15.5.4" + } + }, + "react-dev-utils": { + "version": "10.2.1", + "resolved": "https://registry.npmjs.org/react-dev-utils/-/react-dev-utils-10.2.1.tgz", + "integrity": "sha512-XxTbgJnYZmxuPtY3y/UV0D8/65NKkmaia4rXzViknVnZeVlklSh8u6TnaEYPfAi/Gh1TP4mEOXHI6jQOPbeakQ==", + "requires": { + "@babel/code-frame": "7.8.3", + "address": "1.1.2", + "browserslist": "4.10.0", + "chalk": "2.4.2", + "cross-spawn": "7.0.1", + "detect-port-alt": "1.1.6", + "escape-string-regexp": "2.0.0", + "filesize": "6.0.1", + "find-up": "4.1.0", + "fork-ts-checker-webpack-plugin": "3.1.1", + "global-modules": "2.0.0", + "globby": "8.0.2", + "gzip-size": "5.1.1", + "immer": "1.10.0", + "inquirer": "7.0.4", + "is-root": "2.1.0", + "loader-utils": "1.2.3", + "open": "^7.0.2", + "pkg-up": "3.1.0", + "react-error-overlay": "^6.0.7", + "recursive-readdir": "2.2.2", + "shell-quote": "1.7.2", + "strip-ansi": "6.0.0", + "text-table": "0.2.0" + }, + "dependencies": { + "@babel/code-frame": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.8.3.tgz", + "integrity": "sha512-a9gxpmdXtZEInkCSHUJDLHZVBgb1QS0jhss4cPP93EW7s+uC5bikET2twEF3KV+7rDblJcmNvTR7VJejqd2C2g==", + "requires": { + "@babel/highlight": "^7.8.3" + } + }, + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==" + }, + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "browserslist": { + "version": "4.10.0", + "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.10.0.tgz", + "integrity": "sha512-TpfK0TDgv71dzuTsEAlQiHeWQ/tiPqgNZVdv046fvNtBZrjbv2O3TsWCDU0AWGJJKCF/KsjNdLzR9hXOsh/CfA==", + "requires": { + "caniuse-lite": "^1.0.30001035", + "electron-to-chromium": "^1.3.378", + "node-releases": "^1.1.52", + "pkg-up": "^3.1.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + }, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=" + } + } + }, + "cli-width": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/cli-width/-/cli-width-2.2.1.tgz", + "integrity": "sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw==" + }, + "cross-spawn": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.1.tgz", + "integrity": "sha512-u7v4o84SwFpD32Z8IIcPZ6z1/ie24O6RU3RbtL5Y316l3KuHVPx9ItBgWQ6VlfAFnRnTtMUrsQ9MUUTuEZjogg==", + "requires": { + "path-key": "^3.1.0", + "shebang-command": "^2.0.0", + "which": "^2.0.1" + } + }, + "emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + }, + "emojis-list": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/emojis-list/-/emojis-list-2.1.0.tgz", + "integrity": "sha1-TapNnbAPmBmIDHn6RXrlsJof04k=" + }, + "escape-string-regexp": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==" + }, + "find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "requires": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + } + }, + "inquirer": { + "version": "7.0.4", + "resolved": "https://registry.npmjs.org/inquirer/-/inquirer-7.0.4.tgz", + "integrity": "sha512-Bu5Td5+j11sCkqfqmUTiwv+tWisMtP0L7Q8WrqA2C/BbBhy1YTdFrvjjlrKq8oagA/tLQBski2Gcx/Sqyi2qSQ==", + "requires": { + "ansi-escapes": "^4.2.1", + "chalk": "^2.4.2", + "cli-cursor": "^3.1.0", + "cli-width": "^2.0.0", + "external-editor": "^3.0.3", + "figures": "^3.0.0", + "lodash": "^4.17.15", + "mute-stream": "0.0.8", + "run-async": "^2.2.0", + "rxjs": "^6.5.3", + "string-width": "^4.1.0", + "strip-ansi": "^5.1.0", + "through": "^2.3.6" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" + }, + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "requires": { + "ansi-regex": "^4.1.0" + } + } + } + }, + "is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==" + }, + "json5": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", + "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "requires": { + "minimist": "^1.2.0" + } + }, + "loader-utils": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/loader-utils/-/loader-utils-1.2.3.tgz", + "integrity": "sha512-fkpz8ejdnEMG3s37wGL07iSBDg99O9D5yflE9RGNH3hRdx9SOwYfnGYdZOUIZitN8E+E2vkq3MUMYMvPYl5ZZA==", + "requires": { + "big.js": "^5.2.2", + "emojis-list": "^2.0.0", + "json5": "^1.0.1" + } + }, + "locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "requires": { + "p-locate": "^4.1.0" + } + }, + "p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "requires": { + "p-limit": "^2.2.0" + } + }, + "path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==" + }, + "path-key": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==" + }, + "shebang-command": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "requires": { + "shebang-regex": "^3.0.0" + } + }, + "shebang-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==" + }, + "string-width": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz", + "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==", + "requires": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "strip-ansi": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", + "requires": { + "ansi-regex": "^5.0.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + }, + "which": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "requires": { + "isexe": "^2.0.0" + } + } + } + }, + "react-dom": { + "version": "16.10.2", + "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-16.10.2.tgz", + "integrity": "sha512-kWGDcH3ItJK4+6Pl9DZB16BXYAZyrYQItU4OMy0jAkv5aNqc+mAKb4TpFtAteI6TJZu+9ZlNhaeNQSVQDHJzkw==", + "requires": { + "loose-envify": "^1.1.0", + "object-assign": "^4.1.1", + "prop-types": "^15.6.2", + "scheduler": "^0.16.2" + } + }, + "react-error-overlay": { + "version": "6.0.7", + "resolved": "https://registry.npmjs.org/react-error-overlay/-/react-error-overlay-6.0.7.tgz", + "integrity": "sha512-TAv1KJFh3RhqxNvhzxj6LeT5NWklP6rDr2a0jaTfsZ5wSZWHOGeqQyejUp3xxLfPt2UpyJEcVQB/zyPcmonNFA==" + }, + "react-fast-compare": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/react-fast-compare/-/react-fast-compare-3.2.0.tgz", + "integrity": "sha512-rtGImPZ0YyLrscKI9xTpV8psd6I8VAtjKCzQDlzyDvqJA8XOW78TXYQwNRNd8g8JZnDu8q9Fu/1v4HPAVwVdHA==" + }, + "react-helmet": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/react-helmet/-/react-helmet-6.1.0.tgz", + "integrity": "sha512-4uMzEY9nlDlgxr61NL3XbKRy1hEkXmKNXhjbAIOVw5vcFrsdYbH2FEwcNyWvWinl103nXgzYNlns9ca+8kFiWw==", + "requires": { + "object-assign": "^4.1.1", + "prop-types": "^15.7.2", + "react-fast-compare": "^3.1.1", + "react-side-effect": "^2.1.0" + } + }, + "react-html-parser": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/react-html-parser/-/react-html-parser-2.0.2.tgz", + "integrity": "sha512-XeerLwCVjTs3njZcgCOeDUqLgNIt/t+6Jgi5/qPsO/krUWl76kWKXMeVs2LhY2gwM6X378DkhLjur0zUQdpz0g==", + "requires": { + "htmlparser2": "^3.9.0" + } + }, + "react-is": { + "version": "16.10.2", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.10.2.tgz", + "integrity": "sha512-INBT1QEgtcCCgvccr5/86CfD71fw9EPmDxgiJX4I2Ddr6ZsV6iFXsuby+qWJPtmNuMY0zByTsG4468P7nHuNWA==" + }, + "react-lifecycles-compat": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/react-lifecycles-compat/-/react-lifecycles-compat-3.0.4.tgz", + "integrity": "sha512-fBASbA6LnOU9dOU2eW7aQ8xmYBSXUIWr+UmF9b1efZBazGNO+rcXT/icdKnYm2pTwcRylVUYwW7H1PHfLekVzA==" + }, + "react-perfect-scrollbar": { + "version": "1.5.8", + "resolved": "https://registry.npmjs.org/react-perfect-scrollbar/-/react-perfect-scrollbar-1.5.8.tgz", + "integrity": "sha512-bQ46m70gp/HJtiBOF3gRzBISSZn8FFGNxznTdmTG8AAwpxG1bJCyn7shrgjEvGSQ5FJEafVEiosY+ccER11OSA==", + "requires": { + "perfect-scrollbar": "^1.5.0", + "prop-types": "^15.6.1" + } + }, + "react-redux": { + "version": "7.2.1", + "resolved": "https://registry.npmjs.org/react-redux/-/react-redux-7.2.1.tgz", + "integrity": "sha512-T+VfD/bvgGTUA74iW9d2i5THrDQWbweXP0AVNI8tNd1Rk5ch1rnMiJkDD67ejw7YBKM4+REvcvqRuWJb7BLuEg==", + "requires": { + "@babel/runtime": "^7.5.5", + "hoist-non-react-statics": "^3.3.0", + "loose-envify": "^1.4.0", + "prop-types": "^15.7.2", + "react-is": "^16.9.0" + } + }, + "react-router": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/react-router/-/react-router-5.1.2.tgz", + "integrity": "sha512-yjEuMFy1ONK246B+rsa0cUam5OeAQ8pyclRDgpxuSCrAlJ1qN9uZ5IgyKC7gQg0w8OM50NXHEegPh/ks9YuR2A==", + "requires": { + "@babel/runtime": "^7.1.2", + "history": "^4.9.0", + "hoist-non-react-statics": "^3.1.0", + "loose-envify": "^1.3.1", + "mini-create-react-context": "^0.3.0", + "path-to-regexp": "^1.7.0", + "prop-types": "^15.6.2", + "react-is": "^16.6.0", + "tiny-invariant": "^1.0.2", + "tiny-warning": "^1.0.0" + } + }, + "react-router-dom": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-5.1.2.tgz", + "integrity": "sha512-7BPHAaIwWpZS074UKaw1FjVdZBSVWEk8IuDXdB+OkLb8vd/WRQIpA4ag9WQk61aEfQs47wHyjWUoUGGZxpQXew==", + "requires": { + "@babel/runtime": "^7.1.2", + "history": "^4.9.0", + "loose-envify": "^1.3.1", + "prop-types": "^15.6.2", + "react-router": "5.1.2", + "tiny-invariant": "^1.0.2", + "tiny-warning": "^1.0.0" + } + }, + "react-scripts": { + "version": "3.4.4", + "resolved": "https://registry.npmjs.org/react-scripts/-/react-scripts-3.4.4.tgz", + "integrity": "sha512-7J7GZyF/QvZkKAZLneiOIhHozvOMHey7hO9cdO9u68jjhGZlI8hDdOm6UyuHofn6Ajc9Uji5I6Psm/nKNuWdyw==", + "requires": { + "@babel/core": "7.9.0", + "@svgr/webpack": "4.3.3", + "@typescript-eslint/eslint-plugin": "^2.10.0", + "@typescript-eslint/parser": "^2.10.0", + "babel-eslint": "10.1.0", + "babel-jest": "^24.9.0", + "babel-loader": "8.1.0", + "babel-plugin-named-asset-import": "^0.3.6", + "babel-preset-react-app": "^9.1.2", + "camelcase": "^5.3.1", + "case-sensitive-paths-webpack-plugin": "2.3.0", + "css-loader": "3.4.2", + "dotenv": "8.2.0", + "dotenv-expand": "5.1.0", + "eslint": "^6.6.0", + "eslint-config-react-app": "^5.2.1", + "eslint-loader": "3.0.3", + "eslint-plugin-flowtype": "4.6.0", + "eslint-plugin-import": "2.20.1", + "eslint-plugin-jsx-a11y": "6.2.3", + "eslint-plugin-react": "7.19.0", + "eslint-plugin-react-hooks": "^1.6.1", + "file-loader": "4.3.0", + "fs-extra": "^8.1.0", + "fsevents": "2.1.2", + "html-webpack-plugin": "4.0.0-beta.11", + "identity-obj-proxy": "3.0.0", + "jest": "24.9.0", + "jest-environment-jsdom-fourteen": "1.0.1", + "jest-resolve": "24.9.0", + "jest-watch-typeahead": "0.4.2", + "mini-css-extract-plugin": "0.9.0", + "optimize-css-assets-webpack-plugin": "5.0.3", + "pnp-webpack-plugin": "1.6.4", + "postcss-flexbugs-fixes": "4.1.0", + "postcss-loader": "3.0.0", + "postcss-normalize": "8.0.1", + "postcss-preset-env": "6.7.0", + "postcss-safe-parser": "4.0.1", + "react-app-polyfill": "^1.0.6", + "react-dev-utils": "^10.2.1", + "resolve": "1.15.0", + "resolve-url-loader": "3.1.2", + "sass-loader": "8.0.2", + "semver": "6.3.0", + "style-loader": "0.23.1", + "terser-webpack-plugin": "2.3.8", + "ts-pnp": "1.1.6", + "url-loader": "2.3.0", + "webpack": "4.42.0", + "webpack-dev-server": "3.11.0", + "webpack-manifest-plugin": "2.2.0", + "workbox-webpack-plugin": "4.3.1" + }, + "dependencies": { + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==" + }, + "resolve": { + "version": "1.15.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.15.0.tgz", + "integrity": "sha512-+hTmAldEGE80U2wJJDC1lebb5jWqvTYAfm3YZ1ckk1gBr0MnCqUKlwK1e+anaFljIl+F5tR5IoZcm4ZDA1zMQw==", + "requires": { + "path-parse": "^1.0.6" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + } + } + }, + "react-side-effect": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/react-side-effect/-/react-side-effect-2.1.1.tgz", + "integrity": "sha512-2FoTQzRNTncBVtnzxFOk2mCpcfxQpenBMbk5kSVBg5UcPqV9fRbgY2zhb7GTWWOlpFmAxhClBDlIq8Rsubz1yQ==" + }, + "react-toastify": { + "version": "5.4.0", + "resolved": "https://registry.npmjs.org/react-toastify/-/react-toastify-5.4.0.tgz", + "integrity": "sha512-0cdPq1gyxAcYu0KiDPOYp9nNiqIFDWoi7nyoaSw496DElUnNlcjhc7Aduz8CXrGTRugvjuXd3eplUvFaCeQMNA==", + "requires": { + "@babel/runtime": "^7.4.2", + "classnames": "^2.2.6", + "prop-types": "^15.7.2", + "react-transition-group": "^2.6.1" + } + }, + "react-transition-group": { + "version": "2.9.0", + "resolved": "https://registry.npmjs.org/react-transition-group/-/react-transition-group-2.9.0.tgz", + "integrity": "sha512-+HzNTCHpeQyl4MJ/bdE0u6XRMe9+XG/+aL4mCxVN4DnPBQ0/5bfHWPDuOZUzYdMj94daZaZdCCc1Dzt9R/xSSg==", + "requires": { + "dom-helpers": "^3.4.0", + "loose-envify": "^1.4.0", + "prop-types": "^15.6.2", + "react-lifecycles-compat": "^3.0.4" + } + }, + "read-pkg": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "integrity": "sha1-9f+qXs0pyzHAR0vKfXVra7KePyg=", + "requires": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + } + }, + "read-pkg-up": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "integrity": "sha1-nWPBMnbAZZGNV/ACpX9AobZD+wI=", + "requires": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + } + }, + "readable-stream": { + "version": "2.3.7", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz", + "integrity": "sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==", + "requires": { + "core-util-is": "~1.0.0", + "inherits": "~2.0.3", + "isarray": "~1.0.0", + "process-nextick-args": "~2.0.0", + "safe-buffer": "~5.1.1", + "string_decoder": "~1.1.1", + "util-deprecate": "~1.0.1" + } + }, + "readdirp": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.4.0.tgz", + "integrity": "sha512-0xe001vZBnJEK+uKcj8qOhyAKPzIT+gStxWr3LCB0DwcXR5NZJ3IaC+yGnHCYzB/S7ov3m3EEbZI2zeNvX+hGQ==", + "requires": { + "picomatch": "^2.2.1" + } + }, + "realpath-native": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-1.1.0.tgz", + "integrity": "sha512-wlgPA6cCIIg9gKz0fgAPjnzh4yR/LnXovwuo9hvyGvx3h8nX4+/iLZplfUWasXpqD8BdnGnP5njOFjkUwPzvjA==", + "requires": { + "util.promisify": "^1.0.0" + } + }, + "recursive-readdir": { + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/recursive-readdir/-/recursive-readdir-2.2.2.tgz", + "integrity": "sha512-nRCcW9Sj7NuZwa2XvH9co8NPeXUBhZP7CRKJtU+cS6PW9FpCIFoI5ib0NT1ZrbNuPoRy0ylyCaUL8Gih4LSyFg==", + "requires": { + "minimatch": "3.0.4" + } + }, + "redent": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/redent/-/redent-1.0.0.tgz", + "integrity": "sha1-z5Fqsf1fHxbfsggi3W7H9zDCr94=", + "requires": { + "indent-string": "^2.1.0", + "strip-indent": "^1.0.1" + } + }, + "redux": { + "version": "4.0.5", + "resolved": "https://registry.npmjs.org/redux/-/redux-4.0.5.tgz", + "integrity": "sha512-VSz1uMAH24DM6MF72vcojpYPtrTUu3ByVWfPL1nPfVRb5mZVTve5GnNCUV53QM/BZ66xfWrm0CTWoM+Xlz8V1w==", + "requires": { + "loose-envify": "^1.4.0", + "symbol-observable": "^1.2.0" + } + }, + "redux-devtools-extension": { + "version": "2.13.8", + "resolved": "https://registry.npmjs.org/redux-devtools-extension/-/redux-devtools-extension-2.13.8.tgz", + "integrity": "sha512-8qlpooP2QqPtZHQZRhx3x3OP5skEV1py/zUdMY28WNAocbafxdG2tRD1MWE7sp8obGMNYuLWanhhQ7EQvT1FBg==" + }, + "redux-thunk": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/redux-thunk/-/redux-thunk-2.3.0.tgz", + "integrity": "sha512-km6dclyFnmcvxhAcrQV2AkZmPQjzPDjgVlQtR0EQjxZPyJ0BnMf3in1ryuR8A2qU0HldVRfxYXbFSKlI3N7Slw==" + }, + "regenerate": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/regenerate/-/regenerate-1.4.1.tgz", + "integrity": "sha512-j2+C8+NtXQgEKWk49MMP5P/u2GhnahTtVkRIHr5R5lVRlbKvmQ+oS+A5aLKWp2ma5VkT8sh6v+v4hbH0YHR66A==" + }, + "regenerate-unicode-properties": { + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/regenerate-unicode-properties/-/regenerate-unicode-properties-8.2.0.tgz", + "integrity": "sha512-F9DjY1vKLo/tPePDycuH3dn9H1OTPIkVD9Kz4LODu+F2C75mgjAJ7x/gwy6ZcSNRAAkhNlJSOHRe8k3p+K9WhA==", + "requires": { + "regenerate": "^1.4.0" + } + }, + "regenerator-runtime": { + "version": "0.13.3", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.3.tgz", + "integrity": "sha512-naKIZz2GQ8JWh///G7L3X6LaQUAMp2lvb1rvwwsURe/VXwD6VMfr+/1NuNw3ag8v2kY1aQ/go5SNn79O9JU7yw==" + }, + "regenerator-transform": { + "version": "0.14.5", + "resolved": "https://registry.npmjs.org/regenerator-transform/-/regenerator-transform-0.14.5.tgz", + "integrity": "sha512-eOf6vka5IO151Jfsw2NO9WpGX58W6wWmefK3I1zEGr0lOD0u8rwPaNqQL1aRxUaxLeKO3ArNh3VYg1KbaD+FFw==", + "requires": { + "@babel/runtime": "^7.8.4" + }, + "dependencies": { + "@babel/runtime": { + "version": "7.11.0", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.11.0.tgz", + "integrity": "sha512-qArkXsjJq7H+T86WrIFV0Fnu/tNOkZ4cgXmjkzAu3b/58D5mFIO8JH/y77t7C9q0OdDRdh9s7Ue5GasYssxtXw==", + "requires": { + "regenerator-runtime": "^0.13.4" + } + }, + "regenerator-runtime": { + "version": "0.13.7", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.7.tgz", + "integrity": "sha512-a54FxoJDIr27pgf7IgeQGxmqUNYrcV338lf/6gH456HZ/PhX+5BcwHXG9ajESmwe6WRO0tAzRUrRmNONWgkrew==" + } + } + }, + "regex-not": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz", + "integrity": "sha512-J6SDjUgDxQj5NusnOtdFxDwN/+HWykR8GELwctJ7mdqhcyy1xEc4SRFHUXvxTp661YaVKAjfRLZ9cCqS6tn32A==", + "requires": { + "extend-shallow": "^3.0.2", + "safe-regex": "^1.1.0" + } + }, + "regex-parser": { + "version": "2.2.11", + "resolved": "https://registry.npmjs.org/regex-parser/-/regex-parser-2.2.11.tgz", + "integrity": "sha512-jbD/FT0+9MBU2XAZluI7w2OBs1RBi6p9M83nkoZayQXXU9e8Robt69FcZc7wU4eJD/YFTjn1JdCk3rbMJajz8Q==" + }, + "regexp.prototype.flags": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/regexp.prototype.flags/-/regexp.prototype.flags-1.3.0.tgz", + "integrity": "sha512-2+Q0C5g951OlYlJz6yu5/M33IcsESLlLfsyIaLJaG4FA2r4yP8MvVMJUUP/fVBkSpbbbZlS5gynbEWLipiiXiQ==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.0-next.1" + } + }, + "regexpp": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-3.1.0.tgz", + "integrity": "sha512-ZOIzd8yVsQQA7j8GCSlPGXwg5PfmA1mrq0JP4nGhh54LaKN3xdai/vHUDu74pKwV8OxseMS65u2NImosQcSD0Q==" + }, + "regexpu-core": { + "version": "4.7.0", + "resolved": "https://registry.npmjs.org/regexpu-core/-/regexpu-core-4.7.0.tgz", + "integrity": "sha512-TQ4KXRnIn6tz6tjnrXEkD/sshygKH/j5KzK86X8MkeHyZ8qst/LZ89j3X4/8HEIfHANTFIP/AbXakeRhWIl5YQ==", + "requires": { + "regenerate": "^1.4.0", + "regenerate-unicode-properties": "^8.2.0", + "regjsgen": "^0.5.1", + "regjsparser": "^0.6.4", + "unicode-match-property-ecmascript": "^1.0.4", + "unicode-match-property-value-ecmascript": "^1.2.0" + } + }, + "regjsgen": { + "version": "0.5.2", + "resolved": "https://registry.npmjs.org/regjsgen/-/regjsgen-0.5.2.tgz", + "integrity": "sha512-OFFT3MfrH90xIW8OOSyUrk6QHD5E9JOTeGodiJeBS3J6IwlgzJMNE/1bZklWz5oTg+9dCMyEetclvCVXOPoN3A==" + }, + "regjsparser": { + "version": "0.6.4", + "resolved": "https://registry.npmjs.org/regjsparser/-/regjsparser-0.6.4.tgz", + "integrity": "sha512-64O87/dPDgfk8/RQqC4gkZoGyyWFIEUTTh80CU6CWuK5vkCGyekIx+oKcEIYtP/RAxSQltCZHCNu/mdd7fqlJw==", + "requires": { + "jsesc": "~0.5.0" + }, + "dependencies": { + "jsesc": { + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-0.5.0.tgz", + "integrity": "sha1-597mbjXW/Bb3EP6R1c9p9w8IkR0=" + } + } + }, + "relateurl": { + "version": "0.2.7", + "resolved": "https://registry.npmjs.org/relateurl/-/relateurl-0.2.7.tgz", + "integrity": "sha1-VNvzd+UUQKypCkzSdGANP/LYiKk=" + }, + "remove-trailing-separator": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz", + "integrity": "sha1-wkvOKig62tW8P1jg1IJJuSN52O8=" + }, + "renderkid": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/renderkid/-/renderkid-2.0.3.tgz", + "integrity": "sha512-z8CLQp7EZBPCwCnncgf9C4XAi3WR0dv+uWu/PjIyhhAb5d6IJ/QZqlHFprHeKT+59//V6BNUsLbvN8+2LarxGA==", + "requires": { + "css-select": "^1.1.0", + "dom-converter": "^0.2", + "htmlparser2": "^3.3.0", + "strip-ansi": "^3.0.0", + "utila": "^0.4.0" + }, + "dependencies": { + "css-select": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/css-select/-/css-select-1.2.0.tgz", + "integrity": "sha1-KzoRBTnFNV8c2NMUYj6HCxIeyFg=", + "requires": { + "boolbase": "~1.0.0", + "css-what": "2.1", + "domutils": "1.5.1", + "nth-check": "~1.0.1" + } + }, + "css-what": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/css-what/-/css-what-2.1.3.tgz", + "integrity": "sha512-a+EPoD+uZiNfh+5fxw2nO9QwFa6nJe2Or35fGY6Ipw1R3R4AGz1d1TEZrCegvw2YTmZ0jXirGYlzxxpYSHwpEg==" + }, + "domutils": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/domutils/-/domutils-1.5.1.tgz", + "integrity": "sha1-3NhIiib1Y9YQeeSMn3t+Mjc2gs8=", + "requires": { + "dom-serializer": "0", + "domelementtype": "1" + } + } + } + }, + "repeat-element": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.3.tgz", + "integrity": "sha512-ahGq0ZnV5m5XtZLMb+vP76kcAM5nkLqk0lpqAuojSKGgQtn4eRi4ZZGm2olo2zKFH+sMsWaqOCW1dqAnOru72g==" + }, + "repeat-string": { + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", + "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=" + }, + "repeating": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/repeating/-/repeating-2.0.1.tgz", + "integrity": "sha1-UhTFOpJtNVJwdSf7q0FdvAjQbdo=", + "requires": { + "is-finite": "^1.0.0" + } + }, + "request": { + "version": "2.88.2", + "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", + "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "requires": { + "aws-sign2": "~0.7.0", + "aws4": "^1.8.0", + "caseless": "~0.12.0", + "combined-stream": "~1.0.6", + "extend": "~3.0.2", + "forever-agent": "~0.6.1", + "form-data": "~2.3.2", + "har-validator": "~5.1.3", + "http-signature": "~1.2.0", + "is-typedarray": "~1.0.0", + "isstream": "~0.1.2", + "json-stringify-safe": "~5.0.1", + "mime-types": "~2.1.19", + "oauth-sign": "~0.9.0", + "performance-now": "^2.1.0", + "qs": "~6.5.2", + "safe-buffer": "^5.1.2", + "tough-cookie": "~2.5.0", + "tunnel-agent": "^0.6.0", + "uuid": "^3.3.2" + }, + "dependencies": { + "qs": { + "version": "6.5.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", + "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" + } + } + }, + "request-promise-core": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/request-promise-core/-/request-promise-core-1.1.4.tgz", + "integrity": "sha512-TTbAfBBRdWD7aNNOoVOBH4pN/KigV6LyapYNNlAPA8JwbovRti1E88m3sYAwsLi5ryhPKsE9APwnjFTgdUjTpw==", + "requires": { + "lodash": "^4.17.19" + } + }, + "request-promise-native": { + "version": "1.0.9", + "resolved": "https://registry.npmjs.org/request-promise-native/-/request-promise-native-1.0.9.tgz", + "integrity": "sha512-wcW+sIUiWnKgNY0dqCpOZkUbF/I+YPi+f09JZIDa39Ec+q82CpSYniDp+ISgTTbKmnpJWASeJBPZmoxH84wt3g==", + "requires": { + "request-promise-core": "1.1.4", + "stealthy-require": "^1.1.1", + "tough-cookie": "^2.3.3" + } + }, + "require-directory": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=" + }, + "require-main-filename": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", + "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==" + }, + "requires-port": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz", + "integrity": "sha1-kl0mAdOaxIXgkc8NpcbmlNw9yv8=" + }, + "resolve": { + "version": "1.17.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.17.0.tgz", + "integrity": "sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==", + "requires": { + "path-parse": "^1.0.6" + } + }, + "resolve-cwd": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-2.0.0.tgz", + "integrity": "sha1-AKn3OHVW4nA46uIyyqNypqWbZlo=", + "requires": { + "resolve-from": "^3.0.0" + } + }, + "resolve-from": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-3.0.0.tgz", + "integrity": "sha1-six699nWiBvItuZTM17rywoYh0g=" + }, + "resolve-pathname": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/resolve-pathname/-/resolve-pathname-3.0.0.tgz", + "integrity": "sha512-C7rARubxI8bXFNB/hqcp/4iUeIXJhJZvFPFPiSPRnhU5UPxzMFIl+2E6yY6c4k9giDJAhtV+enfA+G89N6Csng==" + }, + "resolve-url": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/resolve-url/-/resolve-url-0.2.1.tgz", + "integrity": "sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=" + }, + "resolve-url-loader": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/resolve-url-loader/-/resolve-url-loader-3.1.2.tgz", + "integrity": "sha512-QEb4A76c8Mi7I3xNKXlRKQSlLBwjUV/ULFMP+G7n3/7tJZ8MG5wsZ3ucxP1Jz8Vevn6fnJsxDx9cIls+utGzPQ==", + "requires": { + "adjust-sourcemap-loader": "3.0.0", + "camelcase": "5.3.1", + "compose-function": "3.0.3", + "convert-source-map": "1.7.0", + "es6-iterator": "2.0.3", + "loader-utils": "1.2.3", + "postcss": "7.0.21", + "rework": "1.0.1", + "rework-visit": "1.0.0", + "source-map": "0.6.1" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==" + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + }, + "dependencies": { + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "emojis-list": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/emojis-list/-/emojis-list-2.1.0.tgz", + "integrity": "sha1-TapNnbAPmBmIDHn6RXrlsJof04k=" + }, + "json5": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", + "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "requires": { + "minimist": "^1.2.0" + } + }, + "loader-utils": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/loader-utils/-/loader-utils-1.2.3.tgz", + "integrity": "sha512-fkpz8ejdnEMG3s37wGL07iSBDg99O9D5yflE9RGNH3hRdx9SOwYfnGYdZOUIZitN8E+E2vkq3MUMYMvPYl5ZZA==", + "requires": { + "big.js": "^5.2.2", + "emojis-list": "^2.0.0", + "json5": "^1.0.1" + } + }, + "postcss": { + "version": "7.0.21", + "resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.21.tgz", + "integrity": "sha512-uIFtJElxJo29QC753JzhidoAhvp/e/Exezkdhfmt8AymWT6/5B7W1WmponYWkHk2eg6sONyTch0A3nkMPun3SQ==", + "requires": { + "chalk": "^2.4.2", + "source-map": "^0.6.1", + "supports-color": "^6.1.0" + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + }, + "supports-color": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-6.1.0.tgz", + "integrity": "sha512-qe1jfm1Mg7Nq/NSh6XE24gPXROEVsWHxC1LIx//XNlD9iw7YZQGjZNjYN7xGaEG6iKdA8EtNFW6R0gjnVXp+wQ==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "restore-cursor": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz", + "integrity": "sha512-l+sSefzHpj5qimhFSE5a8nufZYAM3sBSVMAPtYkmC+4EH2anSGaEMXSD0izRQbu9nfyQ9y5JrVmp7E8oZrUjvA==", + "requires": { + "onetime": "^5.1.0", + "signal-exit": "^3.0.2" + } + }, + "ret": { + "version": "0.1.15", + "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", + "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==" + }, + "retry": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/retry/-/retry-0.12.0.tgz", + "integrity": "sha1-G0KmJmoh8HQh0bC1S33BZ7AcATs=" + }, + "rework": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/rework/-/rework-1.0.1.tgz", + "integrity": "sha1-MIBqhBNCtUUQqkEQhQzUhTQUSqc=", + "requires": { + "convert-source-map": "^0.3.3", + "css": "^2.0.0" + }, + "dependencies": { + "convert-source-map": { + "version": "0.3.5", + "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-0.3.5.tgz", + "integrity": "sha1-8dgClQr33SYxof6+BZZVDIarMZA=" + } + } + }, + "rework-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/rework-visit/-/rework-visit-1.0.0.tgz", + "integrity": "sha1-mUWygD8hni96ygCtuLyfZA+ELJo=" + }, + "rgb-regex": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/rgb-regex/-/rgb-regex-1.0.1.tgz", + "integrity": "sha1-wODWiC3w4jviVKR16O3UGRX+rrE=" + }, + "rgba-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/rgba-regex/-/rgba-regex-1.0.0.tgz", + "integrity": "sha1-QzdOLiyglosO8VI0YLfXMP8i7rM=" + }, + "rimraf": { + "version": "2.7.1", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.7.1.tgz", + "integrity": "sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==", + "requires": { + "glob": "^7.1.3" + } + }, + "ripemd160": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.2.tgz", + "integrity": "sha512-ii4iagi25WusVoiC4B4lq7pbXfAp3D9v5CwfkY33vffw2+pkDjY1D8GaN7spsxvCSx8dkPqOZCEZyfxcmJG2IA==", + "requires": { + "hash-base": "^3.0.0", + "inherits": "^2.0.1" + } + }, + "rsvp": { + "version": "4.8.5", + "resolved": "https://registry.npmjs.org/rsvp/-/rsvp-4.8.5.tgz", + "integrity": "sha512-nfMOlASu9OnRJo1mbEk2cz0D56a1MBNrJ7orjRZQG10XDyuvwksKbuXNp6qa+kbn839HwjwhBzhFmdsaEAfauA==" + }, + "run-async": { + "version": "2.4.1", + "resolved": "https://registry.npmjs.org/run-async/-/run-async-2.4.1.tgz", + "integrity": "sha512-tvVnVv01b8c1RrA6Ep7JkStj85Guv/YrMcwqYQnwjsAS2cTmmPGBBjAjpCW7RrSodNSoE2/qg9O4bceNvUuDgQ==" + }, + "run-queue": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/run-queue/-/run-queue-1.0.3.tgz", + "integrity": "sha1-6Eg5bwV9Ij8kOGkkYY4laUFh7Ec=", + "requires": { + "aproba": "^1.1.1" + } + }, + "rxjs": { + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.2.tgz", + "integrity": "sha512-BHdBMVoWC2sL26w//BCu3YzKT4s2jip/WhwsGEDmeKYBhKDZeYezVUnHatYB7L85v5xs0BAQmg6BEYJEKxBabg==", + "requires": { + "tslib": "^1.9.0" + } + }, + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" + }, + "safe-regex": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz", + "integrity": "sha1-QKNmnzsHfR6UPURinhV91IAjvy4=", + "requires": { + "ret": "~0.1.10" + } + }, + "safer-buffer": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" + }, + "sane": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/sane/-/sane-4.1.0.tgz", + "integrity": "sha512-hhbzAgTIX8O7SHfp2c8/kREfEn4qO/9q8C9beyY6+tvZ87EpoZ3i1RIEvp27YBswnNbY9mWd6paKVmKbAgLfZA==", + "requires": { + "@cnakazawa/watch": "^1.0.3", + "anymatch": "^2.0.0", + "capture-exit": "^2.0.0", + "exec-sh": "^0.3.2", + "execa": "^1.0.0", + "fb-watchman": "^2.0.0", + "micromatch": "^3.1.4", + "minimist": "^1.1.1", + "walker": "~1.0.5" + } + }, + "sanitize.css": { + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/sanitize.css/-/sanitize.css-10.0.0.tgz", + "integrity": "sha512-vTxrZz4dX5W86M6oVWVdOVe72ZiPs41Oi7Z6Km4W5Turyz28mrXSJhhEBZoRtzJWIv3833WKVwLSDWWkEfupMg==" + }, + "sass-graph": { + "version": "2.2.5", + "resolved": "https://registry.npmjs.org/sass-graph/-/sass-graph-2.2.5.tgz", + "integrity": "sha512-VFWDAHOe6mRuT4mZRd4eKE+d8Uedrk6Xnh7Sh9b4NGufQLQjOrvf/MQoOdx+0s92L89FeyUUNfU597j/3uNpag==", + "requires": { + "glob": "^7.0.0", + "lodash": "^4.0.0", + "scss-tokenizer": "^0.2.3", + "yargs": "^13.3.2" + } + }, + "sass-loader": { + "version": "8.0.2", + "resolved": "https://registry.npmjs.org/sass-loader/-/sass-loader-8.0.2.tgz", + "integrity": "sha512-7o4dbSK8/Ol2KflEmSco4jTjQoV988bM82P9CZdmo9hR3RLnvNc0ufMNdMrB0caq38JQ/FgF4/7RcbcfKzxoFQ==", + "requires": { + "clone-deep": "^4.0.1", + "loader-utils": "^1.2.3", + "neo-async": "^2.6.1", + "schema-utils": "^2.6.1", + "semver": "^6.3.0" + }, + "dependencies": { + "clone-deep": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/clone-deep/-/clone-deep-4.0.1.tgz", + "integrity": "sha512-neHB9xuzh/wk0dIHweyAXv2aPGZIVk3pLMe+/RNzINf17fe0OG96QroktYAUm7SM1PBnzTabaLboqqxDyMU+SQ==", + "requires": { + "is-plain-object": "^2.0.4", + "kind-of": "^6.0.2", + "shallow-clone": "^3.0.0" + } + }, + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==" + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + }, + "shallow-clone": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/shallow-clone/-/shallow-clone-3.0.1.tgz", + "integrity": "sha512-/6KqX+GVUdqPuPPd2LxDDxzX6CAbjJehAAOKlNpqqUpAqPM6HeL8f+o3a+JsyGjn2lv0WY8UsTgUJjU9Ok55NA==", + "requires": { + "kind-of": "^6.0.2" + } + } + } + }, + "sax": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz", + "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" + }, + "saxes": { + "version": "3.1.11", + "resolved": "https://registry.npmjs.org/saxes/-/saxes-3.1.11.tgz", + "integrity": "sha512-Ydydq3zC+WYDJK1+gRxRapLIED9PWeSuuS41wqyoRmzvhhh9nc+QQrVMKJYzJFULazeGhzSV0QleN2wD3boh2g==", + "requires": { + "xmlchars": "^2.1.1" + } + }, + "scheduler": { + "version": "0.16.2", + "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.16.2.tgz", + "integrity": "sha512-BqYVWqwz6s1wZMhjFvLfVR5WXP7ZY32M/wYPo04CcuPM7XZEbV2TBNW7Z0UkguPTl0dWMA59VbNXxK6q+pHItg==", + "requires": { + "loose-envify": "^1.1.0", + "object-assign": "^4.1.1" + } + }, + "schema-utils": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-2.7.0.tgz", + "integrity": "sha512-0ilKFI6QQF5nxDZLFn2dMjvc4hjg/Wkg7rHd3jK6/A4a1Hl9VFdQWvgB1UMGoU94pad1P/8N7fMcEnLnSiju8A==", + "requires": { + "@types/json-schema": "^7.0.4", + "ajv": "^6.12.2", + "ajv-keywords": "^3.4.1" + } + }, + "scss-tokenizer": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/scss-tokenizer/-/scss-tokenizer-0.2.3.tgz", + "integrity": "sha1-jrBtualyMzOCTT9VMGQRSYR85dE=", + "requires": { + "js-base64": "^2.1.8", + "source-map": "^0.4.2" + } + }, + "select-hose": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/select-hose/-/select-hose-2.0.0.tgz", + "integrity": "sha1-Yl2GWPhlr0Psliv8N2o3NZpJlMo=" + }, + "selfsigned": { + "version": "1.10.8", + "resolved": "https://registry.npmjs.org/selfsigned/-/selfsigned-1.10.8.tgz", + "integrity": "sha512-2P4PtieJeEwVgTU9QEcwIRDQ/mXJLX8/+I3ur+Pg16nS8oNbrGxEso9NyYWy8NAmXiNl4dlAp5MwoNeCWzON4w==", + "requires": { + "node-forge": "^0.10.0" + } + }, + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==" + }, + "send": { + "version": "0.17.1", + "resolved": "https://registry.npmjs.org/send/-/send-0.17.1.tgz", + "integrity": "sha512-BsVKsiGcQMFwT8UxypobUKyv7irCNRHk1T0G680vk88yf6LBByGcZJOTJCrTP2xVN6yI+XjPJcNuE3V4fT9sAg==", + "requires": { + "debug": "2.6.9", + "depd": "~1.1.2", + "destroy": "~1.0.4", + "encodeurl": "~1.0.2", + "escape-html": "~1.0.3", + "etag": "~1.8.1", + "fresh": "0.5.2", + "http-errors": "~1.7.2", + "mime": "1.6.0", + "ms": "2.1.1", + "on-finished": "~2.3.0", + "range-parser": "~1.2.1", + "statuses": "~1.5.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + }, + "dependencies": { + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + } + } + }, + "mime": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz", + "integrity": "sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==" + }, + "ms": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", + "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==" + } + } + }, + "serialize-javascript": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-4.0.0.tgz", + "integrity": "sha512-GaNA54380uFefWghODBWEGisLZFj00nS5ACs6yHa9nLqlLpVLO8ChDGeKRjZnV4Nh4n0Qi7nhYZD/9fCPzEqkw==", + "requires": { + "randombytes": "^2.1.0" + } + }, + "serve-index": { + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/serve-index/-/serve-index-1.9.1.tgz", + "integrity": "sha1-03aNabHn2C5c4FD/9bRTvqEqkjk=", + "requires": { + "accepts": "~1.3.4", + "batch": "0.6.1", + "debug": "2.6.9", + "escape-html": "~1.0.3", + "http-errors": "~1.6.2", + "mime-types": "~2.1.17", + "parseurl": "~1.3.2" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + }, + "http-errors": { + "version": "1.6.3", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz", + "integrity": "sha1-i1VoC7S+KDoLW/TqLjhYC+HZMg0=", + "requires": { + "depd": "~1.1.2", + "inherits": "2.0.3", + "setprototypeof": "1.1.0", + "statuses": ">= 1.4.0 < 2" + } + }, + "inherits": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", + "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=" + }, + "setprototypeof": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.0.tgz", + "integrity": "sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ==" + } + } + }, + "serve-static": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.14.1.tgz", + "integrity": "sha512-JMrvUwE54emCYWlTI+hGrGv5I8dEwmco/00EvkzIIsR7MqrHonbD9pO2MOfFnpFntl7ecpZs+3mW+XbQZu9QCg==", + "requires": { + "encodeurl": "~1.0.2", + "escape-html": "~1.0.3", + "parseurl": "~1.3.3", + "send": "0.17.1" + } + }, + "set-blocking": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", + "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=" + }, + "set-value": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz", + "integrity": "sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==", + "requires": { + "extend-shallow": "^2.0.1", + "is-extendable": "^0.1.1", + "is-plain-object": "^2.0.3", + "split-string": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "setimmediate": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz", + "integrity": "sha1-KQy7Iy4waULX1+qbg3Mqt4VvgoU=" + }, + "setprototypeof": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.1.tgz", + "integrity": "sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw==" + }, + "sha.js": { + "version": "2.4.11", + "resolved": "https://registry.npmjs.org/sha.js/-/sha.js-2.4.11.tgz", + "integrity": "sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ==", + "requires": { + "inherits": "^2.0.1", + "safe-buffer": "^5.0.1" + } + }, + "shallow-clone": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/shallow-clone/-/shallow-clone-0.1.2.tgz", + "integrity": "sha1-WQnodLp3EG1zrEFM/sH/yofZcGA=", + "requires": { + "is-extendable": "^0.1.1", + "kind-of": "^2.0.1", + "lazy-cache": "^0.2.3", + "mixin-object": "^2.0.1" + }, + "dependencies": { + "is-buffer": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==" + }, + "kind-of": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-2.0.1.tgz", + "integrity": "sha1-AY7HpM5+OobLkUG+UZ0kyPqpgbU=", + "requires": { + "is-buffer": "^1.0.2" + } + }, + "lazy-cache": { + "version": "0.2.7", + "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-0.2.7.tgz", + "integrity": "sha1-f+3fLctu23fRHvHRF6tf/fCrG2U=" + } + } + }, + "shebang-command": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-1.2.0.tgz", + "integrity": "sha1-RKrGW2lbAzmJaMOfNj/uXer98eo=", + "requires": { + "shebang-regex": "^1.0.0" + } + }, + "shebang-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz", + "integrity": "sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=" + }, + "shell-quote": { + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/shell-quote/-/shell-quote-1.7.2.tgz", + "integrity": "sha512-mRz/m/JVscCrkMyPqHc/bczi3OQHkLTqXHEFu0zDhK/qfv3UcOA4SVmRCLmos4bhjr9ekVQubj/R7waKapmiQg==" + }, + "shellwords": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/shellwords/-/shellwords-0.1.1.tgz", + "integrity": "sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==" + }, + "side-channel": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.2.tgz", + "integrity": "sha512-7rL9YlPHg7Ancea1S96Pa8/QWb4BtXL/TZvS6B8XFetGBeuhAsfmUspK6DokBeZ64+Kj9TCNRD/30pVz1BvQNA==", + "requires": { + "es-abstract": "^1.17.0-next.1", + "object-inspect": "^1.7.0" + } + }, + "signal-exit": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.3.tgz", + "integrity": "sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA==" + }, + "simple-swizzle": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/simple-swizzle/-/simple-swizzle-0.2.2.tgz", + "integrity": "sha1-pNprY1/8zMoz9w0Xy5JZLeleVXo=", + "requires": { + "is-arrayish": "^0.3.1" + }, + "dependencies": { + "is-arrayish": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.3.2.tgz", + "integrity": "sha512-eVRqCvVlZbuw3GrM63ovNSNAeA1K16kaR/LRY/92w0zxQ5/1YzwblUX652i4Xs9RwAGjW9d9y6X88t8OaAJfWQ==" + } + } + }, + "sisteransi": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==" + }, + "slash": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-2.0.0.tgz", + "integrity": "sha512-ZYKh3Wh2z1PpEXWr0MpSBZ0V6mZHAQfYevttO11c51CaWjGTaadiKZ+wVt1PbMlDV5qhMFslpZCemhwOK7C89A==" + }, + "slice-ansi": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-2.1.0.tgz", + "integrity": "sha512-Qu+VC3EwYLldKa1fCxuuvULvSJOKEgk9pi8dZeCVK7TqBfUNTH4sFkk4joj8afVSfAYgJoSOetjx9QWOJ5mYoQ==", + "requires": { + "ansi-styles": "^3.2.0", + "astral-regex": "^1.0.0", + "is-fullwidth-code-point": "^2.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "is-fullwidth-code-point": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", + "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=" + } + } + }, + "snapdragon": { + "version": "0.8.2", + "resolved": "https://registry.npmjs.org/snapdragon/-/snapdragon-0.8.2.tgz", + "integrity": "sha512-FtyOnWN/wCHTVXOMwvSv26d+ko5vWlIDD6zoUJ7LW8vh+ZBC8QdljveRP+crNrtBwioEUWy/4dMtbBjA4ioNlg==", + "requires": { + "base": "^0.11.1", + "debug": "^2.2.0", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "map-cache": "^0.2.2", + "source-map": "^0.5.6", + "source-map-resolve": "^0.5.0", + "use": "^3.1.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "requires": { + "is-extendable": "^0.1.0" + } + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=" + } + } + }, + "snapdragon-node": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/snapdragon-node/-/snapdragon-node-2.1.1.tgz", + "integrity": "sha512-O27l4xaMYt/RSQ5TR3vpWCAB5Kb/czIcqUFOM/C4fYcLnbZUc1PkjTAMjof2pBWaSTwOUd6qUHcFGVGj7aIwnw==", + "requires": { + "define-property": "^1.0.0", + "isobject": "^3.0.0", + "snapdragon-util": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + }, + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==" + } + } + }, + "snapdragon-util": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/snapdragon-util/-/snapdragon-util-3.0.1.tgz", + "integrity": "sha512-mbKkMdQKsjX4BAL4bRYTj21edOf8cN7XHdYUJEe+Zn99hVEYcMvKPct1IqNe7+AZPirn8BCDOQBHQZknqmKlZQ==", + "requires": { + "kind-of": "^3.2.0" + } + }, + "sockjs": { + "version": "0.3.20", + "resolved": "https://registry.npmjs.org/sockjs/-/sockjs-0.3.20.tgz", + "integrity": "sha512-SpmVOVpdq0DJc0qArhF3E5xsxvaiqGNb73XfgBpK1y3UD5gs8DSo8aCTsuT5pX8rssdc2NDIzANwP9eCAiSdTA==", + "requires": { + "faye-websocket": "^0.10.0", + "uuid": "^3.4.0", + "websocket-driver": "0.6.5" + } + }, + "sockjs-client": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/sockjs-client/-/sockjs-client-1.4.0.tgz", + "integrity": "sha512-5zaLyO8/nri5cua0VtOrFXBPK1jbL4+1cebT/mmKA1E1ZXOvJrII75bPu0l0k843G/+iAbhEqzyKr0w/eCCj7g==", + "requires": { + "debug": "^3.2.5", + "eventsource": "^1.0.7", + "faye-websocket": "~0.11.1", + "inherits": "^2.0.3", + "json3": "^3.3.2", + "url-parse": "^1.4.3" + }, + "dependencies": { + "debug": { + "version": "3.2.7", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", + "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==", + "requires": { + "ms": "^2.1.1" + } + }, + "faye-websocket": { + "version": "0.11.3", + "resolved": "https://registry.npmjs.org/faye-websocket/-/faye-websocket-0.11.3.tgz", + "integrity": "sha512-D2y4bovYpzziGgbHYtGCMjlJM36vAl/y+xUyn1C+FVx8szd1E+86KwVw6XvYSzOP8iMpm1X0I4xJD+QtUb36OA==", + "requires": { + "websocket-driver": ">=0.5.1" + } + }, + "ms": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" + } + } + }, + "sort-keys": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-1.1.2.tgz", + "integrity": "sha1-RBttTTRnmPG05J6JIK37oOVD+a0=", + "requires": { + "is-plain-obj": "^1.0.0" + } + }, + "source-list-map": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/source-list-map/-/source-list-map-2.0.1.tgz", + "integrity": "sha512-qnQ7gVMxGNxsiL4lEuJwe/To8UnK7fAnmbGEEH8RpLouuKbeEm0lhbQVFIrNSuB+G7tVrAlVsZgETT5nljf+Iw==" + }, + "source-map": { + "version": "0.4.4", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.4.4.tgz", + "integrity": "sha1-66T12pwNyZneaAMti092FzZSA2s=", + "requires": { + "amdefine": ">=0.0.4" + } + }, + "source-map-resolve": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/source-map-resolve/-/source-map-resolve-0.5.3.tgz", + "integrity": "sha512-Htz+RnsXWk5+P2slx5Jh3Q66vhQj1Cllm0zvnaY98+NFx+Dv2CF/f5O/t8x+KaNdrdIAsruNzoh/KpialbqAnw==", + "requires": { + "atob": "^2.1.2", + "decode-uri-component": "^0.2.0", + "resolve-url": "^0.2.1", + "source-map-url": "^0.4.0", + "urix": "^0.1.0" + } + }, + "source-map-support": { + "version": "0.5.19", + "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.19.tgz", + "integrity": "sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==", + "requires": { + "buffer-from": "^1.0.0", + "source-map": "^0.6.0" + }, + "dependencies": { + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } + } + }, + "source-map-url": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/source-map-url/-/source-map-url-0.4.0.tgz", + "integrity": "sha1-PpNdfd1zYxuXZZlW1VEo6HtQhKM=" + }, + "spdx-correct": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz", + "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==", + "requires": { + "spdx-expression-parse": "^3.0.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-exceptions": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz", + "integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==" + }, + "spdx-expression-parse": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", + "integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==", + "requires": { + "spdx-exceptions": "^2.1.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-license-ids": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.5.tgz", + "integrity": "sha512-J+FWzZoynJEXGphVIS+XEh3kFSjZX/1i9gFBaWQcB+/tmpe2qUsSBABpcxqxnAxFdiUFEgAX1bjYGQvIZmoz9Q==" + }, + "spdy": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/spdy/-/spdy-4.0.2.tgz", + "integrity": "sha512-r46gZQZQV+Kl9oItvl1JZZqJKGr+oEkB08A6BzkiR7593/7IbtuncXHd2YoYeTsG4157ZssMu9KYvUHLcjcDoA==", + "requires": { + "debug": "^4.1.0", + "handle-thing": "^2.0.0", + "http-deceiver": "^1.2.7", + "select-hose": "^2.0.0", + "spdy-transport": "^3.0.0" + }, + "dependencies": { + "debug": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "requires": { + "ms": "2.1.2" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + } + } + }, + "spdy-transport": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/spdy-transport/-/spdy-transport-3.0.0.tgz", + "integrity": "sha512-hsLVFE5SjA6TCisWeJXFKniGGOpBgMLmerfO2aCyCU5s7nJ/rpAepqmFifv/GCbSbueEeAJJnmSQ2rKC/g8Fcw==", + "requires": { + "debug": "^4.1.0", + "detect-node": "^2.0.4", + "hpack.js": "^2.1.6", + "obuf": "^1.1.2", + "readable-stream": "^3.0.6", + "wbuf": "^1.7.3" + }, + "dependencies": { + "debug": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "requires": { + "ms": "2.1.2" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "readable-stream": { + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz", + "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==", + "requires": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + } + } + } + }, + "split-string": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/split-string/-/split-string-3.1.0.tgz", + "integrity": "sha512-NzNVhJDYpwceVVii8/Hu6DKfD2G+NrQHlS/V/qgv763EYudVwEcMQNxd2lh+0VrUByXN/oJkl5grOhYWvQUYiw==", + "requires": { + "extend-shallow": "^3.0.0" + } + }, + "sprintf-js": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=" + }, + "sshpk": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", + "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "requires": { + "asn1": "~0.2.3", + "assert-plus": "^1.0.0", + "bcrypt-pbkdf": "^1.0.0", + "dashdash": "^1.12.0", + "ecc-jsbn": "~0.1.1", + "getpass": "^0.1.1", + "jsbn": "~0.1.0", + "safer-buffer": "^2.0.2", + "tweetnacl": "~0.14.0" + } + }, + "ssri": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/ssri/-/ssri-7.1.1.tgz", + "integrity": "sha512-w+daCzXN89PseTL99MkA+fxJEcU3wfaE/ah0i0lnOlpG1CYLJ2ZjzEry68YBKfLs4JfoTShrTEsJkAZuNZ/stw==", + "requires": { + "figgy-pudding": "^3.5.1", + "minipass": "^3.1.1" + } + }, + "stable": { + "version": "0.1.8", + "resolved": "https://registry.npmjs.org/stable/-/stable-0.1.8.tgz", + "integrity": "sha512-ji9qxRnOVfcuLDySj9qzhGSEFVobyt1kIOSkj1qZzYLzq7Tos/oUUWvotUPQLlrsidqsK6tBH89Bc9kL5zHA6w==" + }, + "stack-utils": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-1.0.2.tgz", + "integrity": "sha512-MTX+MeG5U994cazkjd/9KNAapsHnibjMLnfXodlkXw76JEea0UiNzrqidzo1emMwk7w5Qhc9jd4Bn9TBb1MFwA==" + }, + "static-extend": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/static-extend/-/static-extend-0.1.2.tgz", + "integrity": "sha1-YICcOcv/VTNyJv1eC1IPNB8ftcY=", + "requires": { + "define-property": "^0.2.5", + "object-copy": "^0.1.0" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "statuses": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz", + "integrity": "sha1-Fhx9rBd2Wf2YEfQ3cfqZOBR4Yow=" + }, + "stdout-stream": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/stdout-stream/-/stdout-stream-1.4.1.tgz", + "integrity": "sha512-j4emi03KXqJWcIeF8eIXkjMFN1Cmb8gUlDYGeBALLPo5qdyTfA9bOtl8m33lRoC+vFMkP3gl0WsDr6+gzxbbTA==", + "requires": { + "readable-stream": "^2.0.1" + } + }, + "stealthy-require": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/stealthy-require/-/stealthy-require-1.1.1.tgz", + "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=" + }, + "stream-browserify": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/stream-browserify/-/stream-browserify-2.0.2.tgz", + "integrity": "sha512-nX6hmklHs/gr2FuxYDltq8fJA1GDlxKQCz8O/IM4atRqBH8OORmBNgfvW5gG10GT/qQ9u0CzIvr2X5Pkt6ntqg==", + "requires": { + "inherits": "~2.0.1", + "readable-stream": "^2.0.2" + } + }, + "stream-each": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/stream-each/-/stream-each-1.2.3.tgz", + "integrity": "sha512-vlMC2f8I2u/bZGqkdfLQW/13Zihpej/7PmSiMQsbYddxuTsJp8vRe2x2FvVExZg7FaOds43ROAuFJwPR4MTZLw==", + "requires": { + "end-of-stream": "^1.1.0", + "stream-shift": "^1.0.0" + } + }, + "stream-http": { + "version": "2.8.3", + "resolved": "https://registry.npmjs.org/stream-http/-/stream-http-2.8.3.tgz", + "integrity": "sha512-+TSkfINHDo4J+ZobQLWiMouQYB+UVYFttRA94FpEzzJ7ZdqcL4uUUQ7WkdkI4DSozGmgBUE/a47L+38PenXhUw==", + "requires": { + "builtin-status-codes": "^3.0.0", + "inherits": "^2.0.1", + "readable-stream": "^2.3.6", + "to-arraybuffer": "^1.0.0", + "xtend": "^4.0.0" + } + }, + "stream-shift": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.1.tgz", + "integrity": "sha512-AiisoFqQ0vbGcZgQPY1cdP2I76glaVA/RauYR4G4thNFgkTqr90yXTo4LYX60Jl+sIlPNHHdGSwo01AvbKUSVQ==" + }, + "strict-uri-encode": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz", + "integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=" + }, + "string-length": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/string-length/-/string-length-2.0.0.tgz", + "integrity": "sha1-1A27aGo6zpYMHP/KVivyxF+DY+0=", + "requires": { + "astral-regex": "^1.0.0", + "strip-ansi": "^4.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz", + "integrity": "sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=" + }, + "strip-ansi": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz", + "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=", + "requires": { + "ansi-regex": "^3.0.0" + } + } + } + }, + "string-width": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz", + "integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=", + "requires": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + } + }, + "string.prototype.matchall": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/string.prototype.matchall/-/string.prototype.matchall-4.0.2.tgz", + "integrity": "sha512-N/jp6O5fMf9os0JU3E72Qhf590RSRZU/ungsL/qJUYVTNv7hTG0P/dbPjxINVN9jpscu3nzYwKESU3P3RY5tOg==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.0", + "has-symbols": "^1.0.1", + "internal-slot": "^1.0.2", + "regexp.prototype.flags": "^1.3.0", + "side-channel": "^1.0.2" + } + }, + "string.prototype.trimend": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/string.prototype.trimend/-/string.prototype.trimend-1.0.1.tgz", + "integrity": "sha512-LRPxFUaTtpqYsTeNKaFOw3R4bxIzWOnbQ837QfBylo8jIxtcbK/A/sMV7Q+OAV/vWo+7s25pOE10KYSjaSO06g==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.5" + } + }, + "string.prototype.trimstart": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/string.prototype.trimstart/-/string.prototype.trimstart-1.0.1.tgz", + "integrity": "sha512-XxZn+QpvrBI1FOcg6dIpxUPgWCPuNXvMD72aaRaUQv1eD4e/Qy8i/hFTe0BUmD60p/QA6bh1avmuPTfNjqVWRw==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.5" + } + }, + "string_decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", + "requires": { + "safe-buffer": "~5.1.0" + } + }, + "stringify-object": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/stringify-object/-/stringify-object-3.3.0.tgz", + "integrity": "sha512-rHqiFh1elqCQ9WPLIC8I0Q/g/wj5J1eMkyoiD6eoQApWHP0FtlK7rqnhmabL5VUY9JQCcqwwvlOaSuutekgyrw==", + "requires": { + "get-own-enumerable-property-symbols": "^3.0.0", + "is-obj": "^1.0.1", + "is-regexp": "^1.0.0" + }, + "dependencies": { + "is-obj": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-obj/-/is-obj-1.0.1.tgz", + "integrity": "sha1-PkcprB9f3gJc19g6iW2rn09n2w8=" + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=", + "requires": { + "ansi-regex": "^2.0.0" + } + }, + "strip-bom": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "integrity": "sha1-YhmoVhZSBJHzV4i9vxRHqZx+aw4=", + "requires": { + "is-utf8": "^0.2.0" + } + }, + "strip-comments": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/strip-comments/-/strip-comments-1.0.2.tgz", + "integrity": "sha512-kL97alc47hoyIQSV165tTt9rG5dn4w1dNnBhOQ3bOU1Nc1hel09jnXANaHJ7vzHLd4Ju8kseDGzlev96pghLFw==", + "requires": { + "babel-extract-comments": "^1.0.0", + "babel-plugin-transform-object-rest-spread": "^6.26.0" + } + }, + "strip-eof": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz", + "integrity": "sha1-u0P/VZim6wXYm1n80SnJgzE2Br8=" + }, + "strip-indent": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/strip-indent/-/strip-indent-1.0.1.tgz", + "integrity": "sha1-DHlipq3vp7vUrDZkYKY4VSrhoKI=", + "requires": { + "get-stdin": "^4.0.1" + } + }, + "strip-json-comments": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", + "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==" + }, + "style-loader": { + "version": "0.23.1", + "resolved": "https://registry.npmjs.org/style-loader/-/style-loader-0.23.1.tgz", + "integrity": "sha512-XK+uv9kWwhZMZ1y7mysB+zoihsEj4wneFWAS5qoiLwzW0WzSqMrrsIy+a3zkQJq0ipFtBpX5W3MqyRIBF/WFGg==", + "requires": { + "loader-utils": "^1.1.0", + "schema-utils": "^1.0.0" + }, + "dependencies": { + "schema-utils": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-1.0.0.tgz", + "integrity": "sha512-i27Mic4KovM/lnGsy8whRCHhc7VicJajAjTrYg11K9zfZXnYIt4k5F+kZkwjnrhKzLic/HLU4j11mjsz2G/75g==", + "requires": { + "ajv": "^6.1.0", + "ajv-errors": "^1.0.0", + "ajv-keywords": "^3.1.0" + } + } + } + }, + "stylehacks": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/stylehacks/-/stylehacks-4.0.3.tgz", + "integrity": "sha512-7GlLk9JwlElY4Y6a/rmbH2MhVlTyVmiJd1PfTCqFaIBEGMYNsrO/v3SeGTdhBThLg4Z+NbOk/qFMwCa+J+3p/g==", + "requires": { + "browserslist": "^4.0.0", + "postcss": "^7.0.0", + "postcss-selector-parser": "^3.0.0" + }, + "dependencies": { + "postcss-selector-parser": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-3.1.2.tgz", + "integrity": "sha512-h7fJ/5uWuRVyOtkO45pnt1Ih40CEleeyCHzipqAZO2e5H20g25Y48uYnFUiShvY4rZWNJ/Bib/KVPmanaCtOhA==", + "requires": { + "dot-prop": "^5.2.0", + "indexes-of": "^1.0.1", + "uniq": "^1.0.1" + } + } + } + }, + "supports-color": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", + "integrity": "sha1-U10EXOa2Nj+kARcIRimZXp3zJMc=" + }, + "svg-parser": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/svg-parser/-/svg-parser-2.0.4.tgz", + "integrity": "sha512-e4hG1hRwoOdRb37cIMSgzNsxyzKfayW6VOflrwvR+/bzrkyxY/31WkbgnQpgtrNp1SdpJvpUAGTa/ZoiPNDuRQ==" + }, + "svgo": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/svgo/-/svgo-1.3.2.tgz", + "integrity": "sha512-yhy/sQYxR5BkC98CY7o31VGsg014AKLEPxdfhora76l36hD9Rdy5NZA/Ocn6yayNPgSamYdtX2rFJdcv07AYVw==", + "requires": { + "chalk": "^2.4.1", + "coa": "^2.0.2", + "css-select": "^2.0.0", + "css-select-base-adapter": "^0.1.1", + "css-tree": "1.0.0-alpha.37", + "csso": "^4.0.2", + "js-yaml": "^3.13.1", + "mkdirp": "~0.5.1", + "object.values": "^1.1.0", + "sax": "~1.2.4", + "stable": "^0.1.8", + "unquote": "~1.1.1", + "util.promisify": "~1.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "symbol-observable": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz", + "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==" + }, + "symbol-tree": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", + "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==" + }, + "table": { + "version": "5.4.6", + "resolved": "https://registry.npmjs.org/table/-/table-5.4.6.tgz", + "integrity": "sha512-wmEc8m4fjnob4gt5riFRtTu/6+4rSe12TpAELNSqHMfF3IqnA+CH37USM6/YR3qRZv7e56kAEAtd6nKZaxe0Ug==", + "requires": { + "ajv": "^6.10.2", + "lodash": "^4.17.14", + "slice-ansi": "^2.1.0", + "string-width": "^3.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" + }, + "is-fullwidth-code-point": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", + "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=" + }, + "string-width": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz", + "integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==", + "requires": { + "emoji-regex": "^7.0.1", + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^5.1.0" + } + }, + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "requires": { + "ansi-regex": "^4.1.0" + } + } + } + }, + "tapable": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/tapable/-/tapable-1.1.3.tgz", + "integrity": "sha512-4WK/bYZmj8xLr+HUCODHGF1ZFzsYffasLUgEiMBY4fgtltdO6B4WJtlSbPaDTLpYTcGVwM2qLnFTICEcNxs3kA==" + }, + "tar": { + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/tar/-/tar-2.2.2.tgz", + "integrity": "sha512-FCEhQ/4rE1zYv9rYXJw/msRqsnmlje5jHP6huWeBZ704jUTy02c5AZyWujpMR1ax6mVw9NyJMfuK2CMDWVIfgA==", + "requires": { + "block-stream": "*", + "fstream": "^1.0.12", + "inherits": "2" + } + }, + "terser": { + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/terser/-/terser-4.8.0.tgz", + "integrity": "sha512-EAPipTNeWsb/3wLPeup1tVPaXfIaU68xMnVdPafIL1TV05OhASArYyIfFvnvJCNrR2NIOvDVNNTFRa+Re2MWyw==", + "requires": { + "commander": "^2.20.0", + "source-map": "~0.6.1", + "source-map-support": "~0.5.12" + }, + "dependencies": { + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } + } + }, + "terser-webpack-plugin": { + "version": "2.3.8", + "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-2.3.8.tgz", + "integrity": "sha512-/fKw3R+hWyHfYx7Bv6oPqmk4HGQcrWLtV3X6ggvPuwPNHSnzvVV51z6OaaCOus4YLjutYGOz3pEpbhe6Up2s1w==", + "requires": { + "cacache": "^13.0.1", + "find-cache-dir": "^3.3.1", + "jest-worker": "^25.4.0", + "p-limit": "^2.3.0", + "schema-utils": "^2.6.6", + "serialize-javascript": "^4.0.0", + "source-map": "^0.6.1", + "terser": "^4.6.12", + "webpack-sources": "^1.4.3" + }, + "dependencies": { + "find-cache-dir": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/find-cache-dir/-/find-cache-dir-3.3.1.tgz", + "integrity": "sha512-t2GDMt3oGC/v+BMwzmllWDuJF/xcDtE5j/fCGbqDD7OLuJkj0cfh1YSA5VKPvwMeLFLNDBkwOKZ2X85jGLVftQ==", + "requires": { + "commondir": "^1.0.1", + "make-dir": "^3.0.2", + "pkg-dir": "^4.1.0" + } + }, + "find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "requires": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + } + }, + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" + }, + "jest-worker": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-25.5.0.tgz", + "integrity": "sha512-/dsSmUkIy5EBGfv/IjjqmFxrNAUpBERfGs1oHROyD7yxjG/w+t0GOJDX8O1k32ySmd7+a5IhnJU2qQFcJ4n1vw==", + "requires": { + "merge-stream": "^2.0.0", + "supports-color": "^7.0.0" + } + }, + "locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "requires": { + "p-locate": "^4.1.0" + } + }, + "make-dir": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", + "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "requires": { + "semver": "^6.0.0" + } + }, + "p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "requires": { + "p-limit": "^2.2.0" + } + }, + "path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==" + }, + "pkg-dir": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "requires": { + "find-up": "^4.0.0" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + }, + "supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "requires": { + "has-flag": "^4.0.0" + } + } + } + }, + "test-exclude": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-5.2.3.tgz", + "integrity": "sha512-M+oxtseCFO3EDtAaGH7iiej3CBkzXqFMbzqYAACdzKui4eZA+pq3tZEwChvOdNfa7xxy8BfbmgJSIr43cC/+2g==", + "requires": { + "glob": "^7.1.3", + "minimatch": "^3.0.4", + "read-pkg-up": "^4.0.0", + "require-main-filename": "^2.0.0" + }, + "dependencies": { + "find-up": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-3.0.0.tgz", + "integrity": "sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==", + "requires": { + "locate-path": "^3.0.0" + } + }, + "load-json-file": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-4.0.0.tgz", + "integrity": "sha1-L19Fq5HjMhYjT9U62rZo607AmTs=", + "requires": { + "graceful-fs": "^4.1.2", + "parse-json": "^4.0.0", + "pify": "^3.0.0", + "strip-bom": "^3.0.0" + } + }, + "parse-json": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-4.0.0.tgz", + "integrity": "sha1-vjX1Qlvh9/bHRxhPmKeIy5lHfuA=", + "requires": { + "error-ex": "^1.3.1", + "json-parse-better-errors": "^1.0.1" + } + }, + "path-type": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/path-type/-/path-type-3.0.0.tgz", + "integrity": "sha512-T2ZUsdZFHgA3u4e5PfPbjd7HDDpxPnQb5jN0SrDsjNSuVXHJqtwTnWqG0B1jZrgmJ/7lj1EmVIByWt1gxGkWvg==", + "requires": { + "pify": "^3.0.0" + } + }, + "pify": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", + "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=" + }, + "read-pkg": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-3.0.0.tgz", + "integrity": "sha1-nLxoaXj+5l0WwA4rGcI3/Pbjg4k=", + "requires": { + "load-json-file": "^4.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^3.0.0" + } + }, + "read-pkg-up": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-4.0.0.tgz", + "integrity": "sha512-6etQSH7nJGsK0RbG/2TeDzZFa8shjQ1um+SwQQ5cwKy0dhSXdOncEhb1CPpvQG4h7FyOV6EB6YlV0yJvZQNAkA==", + "requires": { + "find-up": "^3.0.0", + "read-pkg": "^3.0.0" + } + }, + "strip-bom": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz", + "integrity": "sha1-IzTBjpx1n3vdVv3vfprj1YjmjtM=" + } + } + }, + "text-table": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", + "integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=" + }, + "throat": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/throat/-/throat-4.1.0.tgz", + "integrity": "sha1-iQN8vJLFarGJJua6TLsgDhVnKmo=" + }, + "through": { + "version": "2.3.8", + "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz", + "integrity": "sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=" + }, + "through2": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/through2/-/through2-2.0.5.tgz", + "integrity": "sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==", + "requires": { + "readable-stream": "~2.3.6", + "xtend": "~4.0.1" + } + }, + "thunky": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/thunky/-/thunky-1.1.0.tgz", + "integrity": "sha512-eHY7nBftgThBqOyHGVN+l8gF0BucP09fMo0oO/Lb0w1OF80dJv+lDVpXG60WMQvkcxAkNybKsrEIE3ZtKGmPrA==" + }, + "timers-browserify": { + "version": "2.0.11", + "resolved": "https://registry.npmjs.org/timers-browserify/-/timers-browserify-2.0.11.tgz", + "integrity": "sha512-60aV6sgJ5YEbzUdn9c8kYGIqOubPoUdqQCul3SBAsRCZ40s6Y5cMcrW4dt3/k/EsbLVJNl9n6Vz3fTc+k2GeKQ==", + "requires": { + "setimmediate": "^1.0.4" + } + }, + "timsort": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/timsort/-/timsort-0.3.0.tgz", + "integrity": "sha1-QFQRqOfmM5/mTbmiNN4R3DHgK9Q=" + }, + "tiny-invariant": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/tiny-invariant/-/tiny-invariant-1.0.6.tgz", + "integrity": "sha512-FOyLWWVjG+aC0UqG76V53yAWdXfH8bO6FNmyZOuUrzDzK8DI3/JRY25UD7+g49JWM1LXwymsKERB+DzI0dTEQA==" + }, + "tiny-warning": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/tiny-warning/-/tiny-warning-1.0.3.tgz", + "integrity": "sha512-lBN9zLN/oAf68o3zNXYrdCt1kP8WsiGW8Oo2ka41b2IM5JL/S1CTyX1rW0mb/zSuJun0ZUrDxx4sqvYS2FWzPA==" + }, + "tmp": { + "version": "0.0.33", + "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz", + "integrity": "sha512-jRCJlojKnZ3addtTOjdIqoRuPEKBvNXcGYqzO6zWZX8KfKEpnGY5jfggJQ3EjKuu8D4bJRr0y+cYJFmYbImXGw==", + "requires": { + "os-tmpdir": "~1.0.2" + } + }, + "tmpl": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.4.tgz", + "integrity": "sha1-I2QN17QtAEM5ERQIIOXPRA5SHdE=" + }, + "to-arraybuffer": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/to-arraybuffer/-/to-arraybuffer-1.0.1.tgz", + "integrity": "sha1-fSKbH8xjfkZsoIEYCDanqr/4P0M=" + }, + "to-fast-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=" + }, + "to-object-path": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/to-object-path/-/to-object-path-0.3.0.tgz", + "integrity": "sha1-KXWIt7Dn4KwI4E5nL4XB9JmeF68=", + "requires": { + "kind-of": "^3.0.2" + } + }, + "to-regex": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/to-regex/-/to-regex-3.0.2.tgz", + "integrity": "sha512-FWtleNAtZ/Ki2qtqej2CXTOayOH9bHDQF+Q48VpWyDXjbYxA4Yz8iDB31zXOBUlOHHKidDbqGVrTUvQMPmBGBw==", + "requires": { + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "regex-not": "^1.0.2", + "safe-regex": "^1.1.0" + } + }, + "to-regex-range": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-2.1.1.tgz", + "integrity": "sha1-fIDBe53+vlmeJzZ+DU3VWQFB2zg=", + "requires": { + "is-number": "^3.0.0", + "repeat-string": "^1.6.1" + } + }, + "toidentifier": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.0.tgz", + "integrity": "sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw==" + }, + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + }, + "tr46": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-1.0.1.tgz", + "integrity": "sha1-qLE/1r/SSJUZZ0zN5VujaTtwbQk=", + "requires": { + "punycode": "^2.1.0" + } + }, + "trim-newlines": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-1.0.0.tgz", + "integrity": "sha1-WIeWa7WCpFA6QetST301ARgVphM=" + }, + "true-case-path": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/true-case-path/-/true-case-path-1.0.3.tgz", + "integrity": "sha512-m6s2OdQe5wgpFMC+pAJ+q9djG82O2jcHPOI6RNg1yy9rCYR+WD6Nbpl32fDpfC56nirdRy+opFa/Vk7HYhqaew==", + "requires": { + "glob": "^7.1.2" + } + }, + "ts-pnp": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/ts-pnp/-/ts-pnp-1.1.6.tgz", + "integrity": "sha512-CrG5GqAAzMT7144Cl+UIFP7mz/iIhiy+xQ6GGcnjTezhALT02uPMRw7tgDSESgB5MsfKt55+GPWw4ir1kVtMIQ==" + }, + "tslib": { + "version": "1.13.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.13.0.tgz", + "integrity": "sha512-i/6DQjL8Xf3be4K/E6Wgpekn5Qasl1usyw++dAA35Ue5orEn65VIxOA+YvNNl9HV3qv70T7CNwjODHZrLwvd1Q==" + }, + "tsutils": { + "version": "3.17.1", + "resolved": "https://registry.npmjs.org/tsutils/-/tsutils-3.17.1.tgz", + "integrity": "sha512-kzeQ5B8H3w60nFY2g8cJIuH7JDpsALXySGtwGJ0p2LSjLgay3NdIpqq5SoOBe46bKDW2iq25irHCr8wjomUS2g==", + "requires": { + "tslib": "^1.8.1" + } + }, + "tty-browserify": { + "version": "0.0.0", + "resolved": "https://registry.npmjs.org/tty-browserify/-/tty-browserify-0.0.0.tgz", + "integrity": "sha1-oVe6QC2iTpv5V/mqadUk7tQpAaY=" + }, + "tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "requires": { + "safe-buffer": "^5.0.1" + } + }, + "tweetnacl": { + "version": "0.14.5", + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", + "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" + }, + "type": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/type/-/type-1.2.0.tgz", + "integrity": "sha512-+5nt5AAniqsCnu2cEQQdpzCAh33kVx8n0VoFidKpB1dVVLAN/F+bgVOqOJqOnEnrhp222clB5p3vUlD+1QAnfg==" + }, + "type-check": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", + "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", + "requires": { + "prelude-ls": "~1.1.2" + } + }, + "type-fest": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "integrity": "sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==" + }, + "type-is": { + "version": "1.6.18", + "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", + "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", + "requires": { + "media-typer": "0.3.0", + "mime-types": "~2.1.24" + } + }, + "typedarray": { + "version": "0.0.6", + "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz", + "integrity": "sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=" + }, + "unicode-canonical-property-names-ecmascript": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-1.0.4.tgz", + "integrity": "sha512-jDrNnXWHd4oHiTZnx/ZG7gtUTVp+gCcTTKr8L0HjlwphROEW3+Him+IpvC+xcJEFegapiMZyZe02CyuOnRmbnQ==" + }, + "unicode-match-property-ecmascript": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/unicode-match-property-ecmascript/-/unicode-match-property-ecmascript-1.0.4.tgz", + "integrity": "sha512-L4Qoh15vTfntsn4P1zqnHulG0LdXgjSO035fEpdtp6YxXhMT51Q6vgM5lYdG/5X3MjS+k/Y9Xw4SFCY9IkR0rg==", + "requires": { + "unicode-canonical-property-names-ecmascript": "^1.0.4", + "unicode-property-aliases-ecmascript": "^1.0.4" + } + }, + "unicode-match-property-value-ecmascript": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/unicode-match-property-value-ecmascript/-/unicode-match-property-value-ecmascript-1.2.0.tgz", + "integrity": "sha512-wjuQHGQVofmSJv1uVISKLE5zO2rNGzM/KCYZch/QQvez7C1hUhBIuZ701fYXExuufJFMPhv2SyL8CyoIfMLbIQ==" + }, + "unicode-property-aliases-ecmascript": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/unicode-property-aliases-ecmascript/-/unicode-property-aliases-ecmascript-1.1.0.tgz", + "integrity": "sha512-PqSoPh/pWetQ2phoj5RLiaqIk4kCNwoV3CI+LfGmWLKI3rE3kl1h59XpX2BjgDrmbxD9ARtQobPGU1SguCYuQg==" + }, + "union-value": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz", + "integrity": "sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==", + "requires": { + "arr-union": "^3.1.0", + "get-value": "^2.0.6", + "is-extendable": "^0.1.1", + "set-value": "^2.0.1" + } + }, + "uniq": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/uniq/-/uniq-1.0.1.tgz", + "integrity": "sha1-sxxa6CVIRKOoKBVBzisEuGWnNP8=" + }, + "uniqs": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/uniqs/-/uniqs-2.0.0.tgz", + "integrity": "sha1-/+3ks2slKQaW5uFl1KWe25mOawI=" + }, + "unique-filename": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/unique-filename/-/unique-filename-1.1.1.tgz", + "integrity": "sha512-Vmp0jIp2ln35UTXuryvjzkjGdRyf9b2lTXuSYUiPmzRcl3FDtYqAwOnTJkAngD9SWhnoJzDbTKwaOrZ+STtxNQ==", + "requires": { + "unique-slug": "^2.0.0" + } + }, + "unique-slug": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/unique-slug/-/unique-slug-2.0.2.tgz", + "integrity": "sha512-zoWr9ObaxALD3DOPfjPSqxt4fnZiWblxHIgeWqW8x7UqDzEtHEQLzji2cuJYQFCU6KmoJikOYAZlrTHHebjx2w==", + "requires": { + "imurmurhash": "^0.1.4" + } + }, + "universalify": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", + "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==" + }, + "unpipe": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", + "integrity": "sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw=" + }, + "unquote": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/unquote/-/unquote-1.1.1.tgz", + "integrity": "sha1-j97XMk7G6IoP+LkF58CYzcCG1UQ=" + }, + "unset-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/unset-value/-/unset-value-1.0.0.tgz", + "integrity": "sha1-g3aHP30jNRef+x5vw6jtDfyKtVk=", + "requires": { + "has-value": "^0.3.1", + "isobject": "^3.0.0" + }, + "dependencies": { + "has-value": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-0.3.1.tgz", + "integrity": "sha1-ex9YutpiyoJ+wKIHgCVlSEWZXh8=", + "requires": { + "get-value": "^2.0.3", + "has-values": "^0.1.4", + "isobject": "^2.0.0" + }, + "dependencies": { + "isobject": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz", + "integrity": "sha1-8GVWEJaj8dou9GJy+BXIQNh+DIk=", + "requires": { + "isarray": "1.0.0" + } + } + } + }, + "has-values": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-0.1.4.tgz", + "integrity": "sha1-bWHeldkd/Km5oCCJrThL/49it3E=" + } + } + }, + "upath": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/upath/-/upath-1.2.0.tgz", + "integrity": "sha512-aZwGpamFO61g3OlfT7OQCHqhGnW43ieH9WZeP7QxN/G/jS4jfqUkZxoryvJgVPEcrl5NL/ggHsSmLMHuH64Lhg==" + }, + "uri-js": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", + "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", + "requires": { + "punycode": "^2.1.0" + } + }, + "urix": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/urix/-/urix-0.1.0.tgz", + "integrity": "sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI=" + }, + "url": { + "version": "0.11.0", + "resolved": "https://registry.npmjs.org/url/-/url-0.11.0.tgz", + "integrity": "sha1-ODjpfPxgUh63PFJajlW/3Z4uKPE=", + "requires": { + "punycode": "1.3.2", + "querystring": "0.2.0" + }, + "dependencies": { + "punycode": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.3.2.tgz", + "integrity": "sha1-llOgNvt8HuQjQvIyXM7v6jkmxI0=" + } + } + }, + "url-loader": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/url-loader/-/url-loader-2.3.0.tgz", + "integrity": "sha512-goSdg8VY+7nPZKUEChZSEtW5gjbS66USIGCeSJ1OVOJ7Yfuh/36YxCwMi5HVEJh6mqUYOoy3NJ0vlOMrWsSHog==", + "requires": { + "loader-utils": "^1.2.3", + "mime": "^2.4.4", + "schema-utils": "^2.5.0" + } + }, + "url-parse": { + "version": "1.5.3", + "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.3.tgz", + "integrity": "sha512-IIORyIQD9rvj0A4CLWsHkBBJuNqWpFQe224b6j9t/ABmquIS0qDU2pY6kl6AuOrL5OkCXHMCFNe1jBcuAggjvQ==", + "requires": { + "querystringify": "^2.1.1", + "requires-port": "^1.0.0" + } + }, + "use": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz", + "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==" + }, + "util": { + "version": "0.10.3", + "resolved": "https://registry.npmjs.org/util/-/util-0.10.3.tgz", + "integrity": "sha1-evsa/lCAUkZInj23/g7TeTNqwPk=", + "requires": { + "inherits": "2.0.1" + }, + "dependencies": { + "inherits": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.1.tgz", + "integrity": "sha1-sX0I0ya0Qj5Wjv9xn5GwscvfafE=" + } + } + }, + "util-deprecate": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" + }, + "util.promisify": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/util.promisify/-/util.promisify-1.0.1.tgz", + "integrity": "sha512-g9JpC/3He3bm38zsLupWryXHoEcS22YHthuPQSJdMy6KNrzIRzWqcsHzD/WUnqe45whVou4VIsPew37DoXWNrA==", + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.2", + "has-symbols": "^1.0.1", + "object.getownpropertydescriptors": "^2.1.0" + } + }, + "utila": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/utila/-/utila-0.4.0.tgz", + "integrity": "sha1-ihagXURWV6Oupe7MWxKk+lN5dyw=" + }, + "utils-merge": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", + "integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=" + }, + "uuid": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", + "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" + }, + "v8-compile-cache": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.1.1.tgz", + "integrity": "sha512-8OQ9CL+VWyt3JStj7HX7/ciTL2V3Rl1Wf5OL+SNTm0yK1KvtReVulksyeRnCANHHuUxHlQig+JJDlUhBt1NQDQ==" + }, + "validate-npm-package-license": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", + "requires": { + "spdx-correct": "^3.0.0", + "spdx-expression-parse": "^3.0.0" + } + }, + "validate.js": { + "version": "0.13.1", + "resolved": "https://registry.npmjs.org/validate.js/-/validate.js-0.13.1.tgz", + "integrity": "sha512-PnFM3xiZ+kYmLyTiMgTYmU7ZHkjBZz2/+F0DaALc/uUtVzdCt1wAosvYJ5hFQi/hz8O4zb52FQhHZRC+uVkJ+g==" + }, + "value-equal": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/value-equal/-/value-equal-1.0.1.tgz", + "integrity": "sha512-NOJ6JZCAWr0zlxZt+xqCHNTEKOsrks2HQd4MqhP1qy4z1SkbEP467eNx6TgDKXMvUOb+OENfJCZwM+16n7fRfw==" + }, + "vary": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", + "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" + }, + "vendors": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/vendors/-/vendors-1.0.4.tgz", + "integrity": "sha512-/juG65kTL4Cy2su4P8HjtkTxk6VmJDiOPBufWniqQ6wknac6jNiXS9vU+hO3wgusiyqWlzTbVHi0dyJqRONg3w==" + }, + "verror": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", + "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", + "requires": { + "assert-plus": "^1.0.0", + "core-util-is": "1.0.2", + "extsprintf": "^1.2.0" + } + }, + "vm-browserify": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/vm-browserify/-/vm-browserify-1.1.2.tgz", + "integrity": "sha512-2ham8XPWTONajOR0ohOKOHXkm3+gaBmGut3SRuu75xLd/RRaY6vqgh8NBYYk7+RW3u5AtzPQZG8F10LHkl0lAQ==" + }, + "w3c-hr-time": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", + "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", + "requires": { + "browser-process-hrtime": "^1.0.0" + } + }, + "w3c-xmlserializer": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-1.1.2.tgz", + "integrity": "sha512-p10l/ayESzrBMYWRID6xbuCKh2Fp77+sA0doRuGn4tTIMrrZVeqfpKjXHY+oDh3K4nLdPgNwMTVP6Vp4pvqbNg==", + "requires": { + "domexception": "^1.0.1", + "webidl-conversions": "^4.0.2", + "xml-name-validator": "^3.0.0" + } + }, + "walker": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.7.tgz", + "integrity": "sha1-L3+bj9ENZ3JisYqITijRlhjgKPs=", + "requires": { + "makeerror": "1.0.x" + } + }, + "watchpack": { + "version": "1.7.4", + "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-1.7.4.tgz", + "integrity": "sha512-aWAgTW4MoSJzZPAicljkO1hsi1oKj/RRq/OJQh2PKI2UKL04c2Bs+MBOB+BBABHTXJpf9mCwHN7ANCvYsvY2sg==", + "requires": { + "chokidar": "^3.4.1", + "graceful-fs": "^4.1.2", + "neo-async": "^2.5.0", + "watchpack-chokidar2": "^2.0.0" + } + }, + "watchpack-chokidar2": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/watchpack-chokidar2/-/watchpack-chokidar2-2.0.0.tgz", + "integrity": "sha512-9TyfOyN/zLUbA288wZ8IsMZ+6cbzvsNyEzSBp6e/zkifi6xxbl8SmQ/CxQq32k8NNqrdVEVUVSEf56L4rQ/ZxA==", + "optional": true, + "requires": { + "chokidar": "^2.1.8" + }, + "dependencies": { + "binary-extensions": { + "version": "1.13.1", + "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-1.13.1.tgz", + "integrity": "sha512-Un7MIEDdUC5gNpcGDV97op1Ywk748MpHcFTHoYs6qnj1Z3j7I53VG3nwZhKzoBZmbdRNnb6WRdFlwl7tSDuZGw==", + "optional": true + }, + "chokidar": { + "version": "2.1.8", + "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-2.1.8.tgz", + "integrity": "sha512-ZmZUazfOzf0Nve7duiCKD23PFSCs4JPoYyccjUFF3aQkQadqBhfzhjkwBH2mNOG9cTBwhamM37EIsIkZw3nRgg==", + "optional": true, + "requires": { + "anymatch": "^2.0.0", + "async-each": "^1.0.1", + "braces": "^2.3.2", + "fsevents": "^1.2.7", + "glob-parent": "^3.1.0", + "inherits": "^2.0.3", + "is-binary-path": "^1.0.0", + "is-glob": "^4.0.0", + "normalize-path": "^3.0.0", + "path-is-absolute": "^1.0.0", + "readdirp": "^2.2.1", + "upath": "^1.1.1" + } + }, + "fsevents": { + "version": "1.2.13", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-1.2.13.tgz", + "integrity": "sha512-oWb1Z6mkHIskLzEJ/XWX0srkpkTQ7vaopMQkyaEIoq0fmtFVxOthb8cCxeT+p3ynTdkk/RZwbgG4brR5BeWECw==", + "optional": true, + "requires": { + "bindings": "^1.5.0", + "nan": "^2.12.1" + } + }, + "glob-parent": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz", + "integrity": "sha1-nmr2KZ2NO9K9QEMIMr0RPfkGxa4=", + "optional": true, + "requires": { + "is-glob": "^3.1.0", + "path-dirname": "^1.0.0" + }, + "dependencies": { + "is-glob": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-3.1.0.tgz", + "integrity": "sha1-e6WuJCF4BKxwcHuWkiVnSGzD6Eo=", + "optional": true, + "requires": { + "is-extglob": "^2.1.0" + } + } + } + }, + "is-binary-path": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-1.0.1.tgz", + "integrity": "sha1-dfFmQrSA8YenEcgUFh/TpKdlWJg=", + "optional": true, + "requires": { + "binary-extensions": "^1.0.0" + } + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "optional": true + }, + "readdirp": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-2.2.1.tgz", + "integrity": "sha512-1JU/8q+VgFZyxwrJ+SVIOsh+KywWGpds3NTqikiKpDMZWScmAYyKIgqkO+ARvNWJfXeXR1zxz7aHF4u4CyH6vQ==", + "optional": true, + "requires": { + "graceful-fs": "^4.1.11", + "micromatch": "^3.1.10", + "readable-stream": "^2.0.2" + } + } + } + }, + "wbuf": { + "version": "1.7.3", + "resolved": "https://registry.npmjs.org/wbuf/-/wbuf-1.7.3.tgz", + "integrity": "sha512-O84QOnr0icsbFGLS0O3bI5FswxzRr8/gHwWkDlQFskhSPryQXvrTMxjxGP4+iWYoauLoBvfDpkrOauZ+0iZpDA==", + "requires": { + "minimalistic-assert": "^1.0.0" + } + }, + "webidl-conversions": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-4.0.2.tgz", + "integrity": "sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==" + }, + "webpack": { + "version": "4.42.0", + "resolved": "https://registry.npmjs.org/webpack/-/webpack-4.42.0.tgz", + "integrity": "sha512-EzJRHvwQyBiYrYqhyjW9AqM90dE4+s1/XtCfn7uWg6cS72zH+2VPFAlsnW0+W0cDi0XRjNKUMoJtpSi50+Ph6w==", + "requires": { + "@webassemblyjs/ast": "1.8.5", + "@webassemblyjs/helper-module-context": "1.8.5", + "@webassemblyjs/wasm-edit": "1.8.5", + "@webassemblyjs/wasm-parser": "1.8.5", + "acorn": "^6.2.1", + "ajv": "^6.10.2", + "ajv-keywords": "^3.4.1", + "chrome-trace-event": "^1.0.2", + "enhanced-resolve": "^4.1.0", + "eslint-scope": "^4.0.3", + "json-parse-better-errors": "^1.0.2", + "loader-runner": "^2.4.0", + "loader-utils": "^1.2.3", + "memory-fs": "^0.4.1", + "micromatch": "^3.1.10", + "mkdirp": "^0.5.1", + "neo-async": "^2.6.1", + "node-libs-browser": "^2.2.1", + "schema-utils": "^1.0.0", + "tapable": "^1.1.3", + "terser-webpack-plugin": "^1.4.3", + "watchpack": "^1.6.0", + "webpack-sources": "^1.4.1" + }, + "dependencies": { + "acorn": { + "version": "6.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", + "integrity": "sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==" + }, + "cacache": { + "version": "12.0.4", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-12.0.4.tgz", + "integrity": "sha512-a0tMB40oefvuInr4Cwb3GerbL9xTj1D5yg0T5xrjGCGyfvbxseIXX7BAO/u/hIXdafzOI5JC3wDwHyf24buOAQ==", + "requires": { + "bluebird": "^3.5.5", + "chownr": "^1.1.1", + "figgy-pudding": "^3.5.1", + "glob": "^7.1.4", + "graceful-fs": "^4.1.15", + "infer-owner": "^1.0.3", + "lru-cache": "^5.1.1", + "mississippi": "^3.0.0", + "mkdirp": "^0.5.1", + "move-concurrently": "^1.0.1", + "promise-inflight": "^1.0.1", + "rimraf": "^2.6.3", + "ssri": "^6.0.1", + "unique-filename": "^1.1.1", + "y18n": "^4.0.0" + } + }, + "eslint-scope": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-4.0.3.tgz", + "integrity": "sha512-p7VutNr1O/QrxysMo3E45FjYDTeXBy0iTltPFNSqKAIfjDSXC+4dj+qfyuD8bfAXrW/y6lW3O76VaYNPKfpKrg==", + "requires": { + "esrecurse": "^4.1.0", + "estraverse": "^4.1.1" + } + }, + "lru-cache": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", + "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "requires": { + "yallist": "^3.0.2" + } + }, + "schema-utils": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-1.0.0.tgz", + "integrity": "sha512-i27Mic4KovM/lnGsy8whRCHhc7VicJajAjTrYg11K9zfZXnYIt4k5F+kZkwjnrhKzLic/HLU4j11mjsz2G/75g==", + "requires": { + "ajv": "^6.1.0", + "ajv-errors": "^1.0.0", + "ajv-keywords": "^3.1.0" + } + }, + "serialize-javascript": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-3.1.0.tgz", + "integrity": "sha512-JIJT1DGiWmIKhzRsG91aS6Ze4sFUrYbltlkg2onR5OrnNM02Kl/hnY/T4FN2omvyeBbQmMJv+K4cPOpGzOTFBg==", + "requires": { + "randombytes": "^2.1.0" + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + }, + "ssri": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/ssri/-/ssri-6.0.1.tgz", + "integrity": "sha512-3Wge10hNcT1Kur4PDFwEieXSCMCJs/7WvSACcrMYrNp+b8kDL1/0wJch5Ni2WrtwEa2IO8OsVfeKIciKCDx/QA==", + "requires": { + "figgy-pudding": "^3.5.1" + } + }, + "terser-webpack-plugin": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-1.4.4.tgz", + "integrity": "sha512-U4mACBHIegmfoEe5fdongHESNJWqsGU+W0S/9+BmYGVQDw1+c2Ow05TpMhxjPK1sRb7cuYq1BPl1e5YHJMTCqA==", + "requires": { + "cacache": "^12.0.2", + "find-cache-dir": "^2.1.0", + "is-wsl": "^1.1.0", + "schema-utils": "^1.0.0", + "serialize-javascript": "^3.1.0", + "source-map": "^0.6.1", + "terser": "^4.1.2", + "webpack-sources": "^1.4.0", + "worker-farm": "^1.7.0" + } + }, + "yallist": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", + "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + } + } + }, + "webpack-dev-middleware": { + "version": "3.7.3", + "resolved": "https://registry.npmjs.org/webpack-dev-middleware/-/webpack-dev-middleware-3.7.3.tgz", + "integrity": "sha512-djelc/zGiz9nZj/U7PTBi2ViorGJXEWo/3ltkPbDyxCXhhEXkW0ce99falaok4TPj+AsxLiXJR0EBOb0zh9fKQ==", + "requires": { + "memory-fs": "^0.4.1", + "mime": "^2.4.4", + "mkdirp": "^0.5.1", + "range-parser": "^1.2.1", + "webpack-log": "^2.0.0" + } + }, + "webpack-dev-server": { + "version": "3.11.0", + "resolved": "https://registry.npmjs.org/webpack-dev-server/-/webpack-dev-server-3.11.0.tgz", + "integrity": "sha512-PUxZ+oSTxogFQgkTtFndEtJIPNmml7ExwufBZ9L2/Xyyd5PnOL5UreWe5ZT7IU25DSdykL9p1MLQzmLh2ljSeg==", + "requires": { + "ansi-html": "0.0.7", + "bonjour": "^3.5.0", + "chokidar": "^2.1.8", + "compression": "^1.7.4", + "connect-history-api-fallback": "^1.6.0", + "debug": "^4.1.1", + "del": "^4.1.1", + "express": "^4.17.1", + "html-entities": "^1.3.1", + "http-proxy-middleware": "0.19.1", + "import-local": "^2.0.0", + "internal-ip": "^4.3.0", + "ip": "^1.1.5", + "is-absolute-url": "^3.0.3", + "killable": "^1.0.1", + "loglevel": "^1.6.8", + "opn": "^5.5.0", + "p-retry": "^3.0.1", + "portfinder": "^1.0.26", + "schema-utils": "^1.0.0", + "selfsigned": "^1.10.7", + "semver": "^6.3.0", + "serve-index": "^1.9.1", + "sockjs": "0.3.20", + "sockjs-client": "1.4.0", + "spdy": "^4.0.2", + "strip-ansi": "^3.0.1", + "supports-color": "^6.1.0", + "url": "^0.11.0", + "webpack-dev-middleware": "^3.7.2", + "webpack-log": "^2.0.0", + "ws": "^6.2.1", + "yargs": "^13.3.2" + }, + "dependencies": { + "binary-extensions": { + "version": "1.13.1", + "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-1.13.1.tgz", + "integrity": "sha512-Un7MIEDdUC5gNpcGDV97op1Ywk748MpHcFTHoYs6qnj1Z3j7I53VG3nwZhKzoBZmbdRNnb6WRdFlwl7tSDuZGw==" + }, + "chokidar": { + "version": "2.1.8", + "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-2.1.8.tgz", + "integrity": "sha512-ZmZUazfOzf0Nve7duiCKD23PFSCs4JPoYyccjUFF3aQkQadqBhfzhjkwBH2mNOG9cTBwhamM37EIsIkZw3nRgg==", + "requires": { + "anymatch": "^2.0.0", + "async-each": "^1.0.1", + "braces": "^2.3.2", + "fsevents": "^1.2.7", + "glob-parent": "^3.1.0", + "inherits": "^2.0.3", + "is-binary-path": "^1.0.0", + "is-glob": "^4.0.0", + "normalize-path": "^3.0.0", + "path-is-absolute": "^1.0.0", + "readdirp": "^2.2.1", + "upath": "^1.1.1" + } + }, + "debug": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "requires": { + "ms": "2.1.2" + } + }, + "fsevents": { + "version": "1.2.13", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-1.2.13.tgz", + "integrity": "sha512-oWb1Z6mkHIskLzEJ/XWX0srkpkTQ7vaopMQkyaEIoq0fmtFVxOthb8cCxeT+p3ynTdkk/RZwbgG4brR5BeWECw==", + "optional": true, + "requires": { + "bindings": "^1.5.0", + "nan": "^2.12.1" + } + }, + "glob-parent": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz", + "integrity": "sha1-nmr2KZ2NO9K9QEMIMr0RPfkGxa4=", + "requires": { + "is-glob": "^3.1.0", + "path-dirname": "^1.0.0" + }, + "dependencies": { + "is-glob": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-3.1.0.tgz", + "integrity": "sha1-e6WuJCF4BKxwcHuWkiVnSGzD6Eo=", + "requires": { + "is-extglob": "^2.1.0" + } + } + } + }, + "is-absolute-url": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/is-absolute-url/-/is-absolute-url-3.0.3.tgz", + "integrity": "sha512-opmNIX7uFnS96NtPmhWQgQx6/NYFgsUXYMllcfzwWKUMwfo8kku1TvE6hkNcH+Q1ts5cMVrsY7j0bxXQDciu9Q==" + }, + "is-binary-path": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-1.0.1.tgz", + "integrity": "sha1-dfFmQrSA8YenEcgUFh/TpKdlWJg=", + "requires": { + "binary-extensions": "^1.0.0" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==" + }, + "readdirp": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-2.2.1.tgz", + "integrity": "sha512-1JU/8q+VgFZyxwrJ+SVIOsh+KywWGpds3NTqikiKpDMZWScmAYyKIgqkO+ARvNWJfXeXR1zxz7aHF4u4CyH6vQ==", + "requires": { + "graceful-fs": "^4.1.11", + "micromatch": "^3.1.10", + "readable-stream": "^2.0.2" + } + }, + "schema-utils": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-1.0.0.tgz", + "integrity": "sha512-i27Mic4KovM/lnGsy8whRCHhc7VicJajAjTrYg11K9zfZXnYIt4k5F+kZkwjnrhKzLic/HLU4j11mjsz2G/75g==", + "requires": { + "ajv": "^6.1.0", + "ajv-errors": "^1.0.0", + "ajv-keywords": "^3.1.0" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + }, + "supports-color": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-6.1.0.tgz", + "integrity": "sha512-qe1jfm1Mg7Nq/NSh6XE24gPXROEVsWHxC1LIx//XNlD9iw7YZQGjZNjYN7xGaEG6iKdA8EtNFW6R0gjnVXp+wQ==", + "requires": { + "has-flag": "^3.0.0" + } + }, + "ws": { + "version": "6.2.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-6.2.2.tgz", + "integrity": "sha512-zmhltoSR8u1cnDsD43TX59mzoMZsLKqUweyYBAIvTngR3shc0W6aOZylZmq/7hqyVxPdi+5Ud2QInblgyE72fw==", + "requires": { + "async-limiter": "~1.0.0" + } + } + } + }, + "webpack-log": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/webpack-log/-/webpack-log-2.0.0.tgz", + "integrity": "sha512-cX8G2vR/85UYG59FgkoMamwHUIkSSlV3bBMRsbxVXVUk2j6NleCKjQ/WE9eYg9WY4w25O9w8wKP4rzNZFmUcUg==", + "requires": { + "ansi-colors": "^3.0.0", + "uuid": "^3.3.2" + } + }, + "webpack-manifest-plugin": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/webpack-manifest-plugin/-/webpack-manifest-plugin-2.2.0.tgz", + "integrity": "sha512-9S6YyKKKh/Oz/eryM1RyLVDVmy3NSPV0JXMRhZ18fJsq+AwGxUY34X54VNwkzYcEmEkDwNxuEOboCZEebJXBAQ==", + "requires": { + "fs-extra": "^7.0.0", + "lodash": ">=3.5 <5", + "object.entries": "^1.1.0", + "tapable": "^1.0.0" + }, + "dependencies": { + "fs-extra": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-7.0.1.tgz", + "integrity": "sha512-YJDaCJZEnBmcbw13fvdAM9AwNOJwOzrE4pqMqBq5nFiEqXUqHwlK4B+3pUw6JNvfSPtX05xFHtYy/1ni01eGCw==", + "requires": { + "graceful-fs": "^4.1.2", + "jsonfile": "^4.0.0", + "universalify": "^0.1.0" + } + } + } + }, + "webpack-sources": { + "version": "1.4.3", + "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-1.4.3.tgz", + "integrity": "sha512-lgTS3Xhv1lCOKo7SA5TjKXMjpSM4sBjNV5+q2bqesbSPs5FjGmU6jjtBSkX9b4qW87vDIsCIlUPOEhbZrMdjeQ==", + "requires": { + "source-list-map": "^2.0.0", + "source-map": "~0.6.1" + }, + "dependencies": { + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + } + } + }, + "websocket-driver": { + "version": "0.6.5", + "resolved": "https://registry.npmjs.org/websocket-driver/-/websocket-driver-0.6.5.tgz", + "integrity": "sha1-XLJVbOuF9Dc8bYI4qmkchFThOjY=", + "requires": { + "websocket-extensions": ">=0.1.1" + } + }, + "websocket-extensions": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.4.tgz", + "integrity": "sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==" + }, + "whatwg-encoding": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", + "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", + "requires": { + "iconv-lite": "0.4.24" + } + }, + "whatwg-fetch": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/whatwg-fetch/-/whatwg-fetch-3.0.0.tgz", + "integrity": "sha512-9GSJUgz1D4MfyKU7KRqwOjXCXTqWdFNvEr7eUBYchQiVc744mqK/MzXPNR2WsPkmkOa4ywfg8C2n8h+13Bey1Q==" + }, + "whatwg-mimetype": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", + "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==" + }, + "whatwg-url": { + "version": "6.5.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-6.5.0.tgz", + "integrity": "sha512-rhRZRqx/TLJQWUpQ6bmrt2UV4f0HCQ463yQuONJqC6fO2VoEb1pTYddbe59SkYq87aoM5A3bdhMZiUiVws+fzQ==", + "requires": { + "lodash.sortby": "^4.7.0", + "tr46": "^1.0.1", + "webidl-conversions": "^4.0.2" + } + }, + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "requires": { + "isexe": "^2.0.0" + } + }, + "which-module": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.0.tgz", + "integrity": "sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=" + }, + "wide-align": { + "version": "1.1.5", + "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.5.tgz", + "integrity": "sha512-eDMORYaPNZ4sQIuuYPDHdQvf4gyCF9rEEV/yPxGfwPkRodwEgiMUUXTx/dex+Me0wxx53S+NgUHaP7y3MGlDmg==", + "requires": { + "string-width": "^1.0.2 || 2 || 3 || 4" + } + }, + "word-wrap": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", + "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==" + }, + "workbox-background-sync": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-background-sync/-/workbox-background-sync-4.3.1.tgz", + "integrity": "sha512-1uFkvU8JXi7L7fCHVBEEnc3asPpiAL33kO495UMcD5+arew9IbKW2rV5lpzhoWcm/qhGB89YfO4PmB/0hQwPRg==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-broadcast-update": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-broadcast-update/-/workbox-broadcast-update-4.3.1.tgz", + "integrity": "sha512-MTSfgzIljpKLTBPROo4IpKjESD86pPFlZwlvVG32Kb70hW+aob4Jxpblud8EhNb1/L5m43DUM4q7C+W6eQMMbA==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-build": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-build/-/workbox-build-4.3.1.tgz", + "integrity": "sha512-UHdwrN3FrDvicM3AqJS/J07X0KXj67R8Cg0waq1MKEOqzo89ap6zh6LmaLnRAjpB+bDIz+7OlPye9iii9KBnxw==", + "requires": { + "@babel/runtime": "^7.3.4", + "@hapi/joi": "^15.0.0", + "common-tags": "^1.8.0", + "fs-extra": "^4.0.2", + "glob": "^7.1.3", + "lodash.template": "^4.4.0", + "pretty-bytes": "^5.1.0", + "stringify-object": "^3.3.0", + "strip-comments": "^1.0.2", + "workbox-background-sync": "^4.3.1", + "workbox-broadcast-update": "^4.3.1", + "workbox-cacheable-response": "^4.3.1", + "workbox-core": "^4.3.1", + "workbox-expiration": "^4.3.1", + "workbox-google-analytics": "^4.3.1", + "workbox-navigation-preload": "^4.3.1", + "workbox-precaching": "^4.3.1", + "workbox-range-requests": "^4.3.1", + "workbox-routing": "^4.3.1", + "workbox-strategies": "^4.3.1", + "workbox-streams": "^4.3.1", + "workbox-sw": "^4.3.1", + "workbox-window": "^4.3.1" + }, + "dependencies": { + "fs-extra": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-4.0.3.tgz", + "integrity": "sha512-q6rbdDd1o2mAnQreO7YADIxf/Whx4AHBiRf6d+/cVT8h44ss+lHgxf1FemcqDnQt9X3ct4McHr+JMGlYSsK7Cg==", + "requires": { + "graceful-fs": "^4.1.2", + "jsonfile": "^4.0.0", + "universalify": "^0.1.0" + } + } + } + }, + "workbox-cacheable-response": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-cacheable-response/-/workbox-cacheable-response-4.3.1.tgz", + "integrity": "sha512-Rp5qlzm6z8IOvnQNkCdO9qrDgDpoPNguovs0H8C+wswLuPgSzSp9p2afb5maUt9R1uTIwOXrVQMmPfPypv+npw==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-core": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-core/-/workbox-core-4.3.1.tgz", + "integrity": "sha512-I3C9jlLmMKPxAC1t0ExCq+QoAMd0vAAHULEgRZ7kieCdUd919n53WC0AfvokHNwqRhGn+tIIj7vcb5duCjs2Kg==" + }, + "workbox-expiration": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-expiration/-/workbox-expiration-4.3.1.tgz", + "integrity": "sha512-vsJLhgQsQouv9m0rpbXubT5jw0jMQdjpkum0uT+d9tTwhXcEZks7qLfQ9dGSaufTD2eimxbUOJfWLbNQpIDMPw==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-google-analytics": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-google-analytics/-/workbox-google-analytics-4.3.1.tgz", + "integrity": "sha512-xzCjAoKuOb55CBSwQrbyWBKqp35yg1vw9ohIlU2wTy06ZrYfJ8rKochb1MSGlnoBfXGWss3UPzxR5QL5guIFdg==", + "requires": { + "workbox-background-sync": "^4.3.1", + "workbox-core": "^4.3.1", + "workbox-routing": "^4.3.1", + "workbox-strategies": "^4.3.1" + } + }, + "workbox-navigation-preload": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-navigation-preload/-/workbox-navigation-preload-4.3.1.tgz", + "integrity": "sha512-K076n3oFHYp16/C+F8CwrRqD25GitA6Rkd6+qAmLmMv1QHPI2jfDwYqrytOfKfYq42bYtW8Pr21ejZX7GvALOw==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-precaching": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-precaching/-/workbox-precaching-4.3.1.tgz", + "integrity": "sha512-piSg/2csPoIi/vPpp48t1q5JLYjMkmg5gsXBQkh/QYapCdVwwmKlU9mHdmy52KsDGIjVaqEUMFvEzn2LRaigqQ==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-range-requests": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-range-requests/-/workbox-range-requests-4.3.1.tgz", + "integrity": "sha512-S+HhL9+iTFypJZ/yQSl/x2Bf5pWnbXdd3j57xnb0V60FW1LVn9LRZkPtneODklzYuFZv7qK6riZ5BNyc0R0jZA==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-routing": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-routing/-/workbox-routing-4.3.1.tgz", + "integrity": "sha512-FkbtrODA4Imsi0p7TW9u9MXuQ5P4pVs1sWHK4dJMMChVROsbEltuE79fBoIk/BCztvOJ7yUpErMKa4z3uQLX+g==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-strategies": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-strategies/-/workbox-strategies-4.3.1.tgz", + "integrity": "sha512-F/+E57BmVG8dX6dCCopBlkDvvhg/zj6VDs0PigYwSN23L8hseSRwljrceU2WzTvk/+BSYICsWmRq5qHS2UYzhw==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-streams": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-streams/-/workbox-streams-4.3.1.tgz", + "integrity": "sha512-4Kisis1f/y0ihf4l3u/+ndMkJkIT4/6UOacU3A4BwZSAC9pQ9vSvJpIi/WFGQRH/uPXvuVjF5c2RfIPQFSS2uA==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "workbox-sw": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-sw/-/workbox-sw-4.3.1.tgz", + "integrity": "sha512-0jXdusCL2uC5gM3yYFT6QMBzKfBr2XTk0g5TPAV4y8IZDyVNDyj1a8uSXy3/XrvkVTmQvLN4O5k3JawGReXr9w==" + }, + "workbox-webpack-plugin": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-webpack-plugin/-/workbox-webpack-plugin-4.3.1.tgz", + "integrity": "sha512-gJ9jd8Mb8wHLbRz9ZvGN57IAmknOipD3W4XNE/Lk/4lqs5Htw4WOQgakQy/o/4CoXQlMCYldaqUg+EJ35l9MEQ==", + "requires": { + "@babel/runtime": "^7.0.0", + "json-stable-stringify": "^1.0.1", + "workbox-build": "^4.3.1" + } + }, + "workbox-window": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/workbox-window/-/workbox-window-4.3.1.tgz", + "integrity": "sha512-C5gWKh6I58w3GeSc0wp2Ne+rqVw8qwcmZnQGpjiek8A2wpbxSJb1FdCoQVO+jDJs35bFgo/WETgl1fqgsxN0Hg==", + "requires": { + "workbox-core": "^4.3.1" + } + }, + "worker-farm": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/worker-farm/-/worker-farm-1.7.0.tgz", + "integrity": "sha512-rvw3QTZc8lAxyVrqcSGVm5yP/IJ2UcB3U0graE3LCFoZ0Yn2x4EoVSqJKdB/T5M+FLcRPjz4TDacRf3OCfNUzw==", + "requires": { + "errno": "~0.1.7" + } + }, + "worker-rpc": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/worker-rpc/-/worker-rpc-0.1.1.tgz", + "integrity": "sha512-P1WjMrUB3qgJNI9jfmpZ/htmBEjFh//6l/5y8SD9hg1Ef5zTTVVoRjTrTEzPrNBQvmhMxkoTsjOXN10GWU7aCg==", + "requires": { + "microevent.ts": "~0.1.1" + } + }, + "wrap-ansi": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-5.1.0.tgz", + "integrity": "sha512-QC1/iN/2/RPVJ5jYK8BGttj5z83LmSKmvbvrXPNCLZSEb32KKVDJDl/MOt2N01qU2H/FkzEa9PKto1BqDjtd7Q==", + "requires": { + "ansi-styles": "^3.2.0", + "string-width": "^3.0.0", + "strip-ansi": "^5.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" + }, + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "is-fullwidth-code-point": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", + "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=" + }, + "string-width": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz", + "integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==", + "requires": { + "emoji-regex": "^7.0.1", + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^5.1.0" + } + }, + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "requires": { + "ansi-regex": "^4.1.0" + } + } + } + }, + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" + }, + "write": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/write/-/write-1.0.3.tgz", + "integrity": "sha512-/lg70HAjtkUgWPVZhZcm+T4hkL8Zbtp1nFNOn3lRrxnlv50SRBv7cR7RqR+GMsd3hUXy9hWBo4CHTbFTcOYwig==", + "requires": { + "mkdirp": "^0.5.1" + } + }, + "write-file-atomic": { + "version": "2.4.1", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-2.4.1.tgz", + "integrity": "sha512-TGHFeZEZMnv+gBFRfjAcxL5bPHrsGKtnb4qsFAws7/vlh+QfwAaySIw4AXP9ZskTTh5GWu3FLuJhsWVdiJPGvg==", + "requires": { + "graceful-fs": "^4.1.11", + "imurmurhash": "^0.1.4", + "signal-exit": "^3.0.2" + } + }, + "ws": { + "version": "5.2.2", + "resolved": "https://registry.npmjs.org/ws/-/ws-5.2.2.tgz", + "integrity": "sha512-jaHFD6PFv6UgoIVda6qZllptQsMlDEJkTQcybzzXDYM1XO9Y8em691FGMPmM46WGyLU4z9KMgQN+qrux/nhlHA==", + "requires": { + "async-limiter": "~1.0.0" + } + }, + "xml-name-validator": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", + "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==" + }, + "xmlchars": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", + "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==" + }, + "xregexp": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/xregexp/-/xregexp-4.3.0.tgz", + "integrity": "sha512-7jXDIFXh5yJ/orPn4SXjuVrWWoi4Cr8jfV1eHv9CixKSbU+jY4mxfrBwAuDvupPNKpMUY+FeIqsVw/JLT9+B8g==", + "requires": { + "@babel/runtime-corejs3": "^7.8.3" + } + }, + "xtend": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz", + "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==" + }, + "y18n": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.1.tgz", + "integrity": "sha512-wNcy4NvjMYL8gogWWYAO7ZFWFfHcbdbE57tZO8e4cbpj8tfUcwrwqSl3ad8HxpYWCdXcJUCeKKZS62Av1affwQ==" + }, + "yallist": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz", + "integrity": "sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI=" + }, + "yaml": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.0.tgz", + "integrity": "sha512-yr2icI4glYaNG+KWONODapy2/jDdMSDnrONSjblABjD9B4Z5LgiircSt8m8sRZFNi08kG9Sm0uSHtEmP3zaEGg==" + }, + "yargs": { + "version": "13.3.2", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-13.3.2.tgz", + "integrity": "sha512-AX3Zw5iPruN5ie6xGRIDgqkT+ZhnRlZMLMHAs8tg7nRruy2Nb+i5o9bwghAogtM08q1dpr2LVoS8KSTMYpWXUw==", + "requires": { + "cliui": "^5.0.0", + "find-up": "^3.0.0", + "get-caller-file": "^2.0.1", + "require-directory": "^2.1.1", + "require-main-filename": "^2.0.0", + "set-blocking": "^2.0.0", + "string-width": "^3.0.0", + "which-module": "^2.0.0", + "y18n": "^4.0.0", + "yargs-parser": "^13.1.2" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" + }, + "find-up": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-3.0.0.tgz", + "integrity": "sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==", + "requires": { + "locate-path": "^3.0.0" + } + }, + "is-fullwidth-code-point": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", + "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=" + }, + "string-width": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz", + "integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==", + "requires": { + "emoji-regex": "^7.0.1", + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^5.1.0" + } + }, + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "requires": { + "ansi-regex": "^4.1.0" + } + } + } + }, + "yargs-parser": { + "version": "13.1.2", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-13.1.2.tgz", + "integrity": "sha512-3lbsNRf/j+A4QuSZfDRA7HRSfWrzO0YjqTJd5kjAq37Zep1CEgaYmrH9Q3GwPiB9cHyd1Y1UwggGhJGoxipbzg==", + "requires": { + "camelcase": "^5.0.0", + "decamelize": "^1.2.0" + }, + "dependencies": { + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==" + } + } + } + } +} diff --git a/src/react/package.json b/src/react/package.json new file mode 100644 index 000000000..06435656f --- /dev/null +++ b/src/react/package.json @@ -0,0 +1,53 @@ +{ + "name": "react-control-panel", + "author": "Alexander Osinskii", + "email": "alexanderosinskii@gmail.com", + "version": "1.0.0", + "private": false, + "dependencies": { + "@fortawesome/fontawesome-free": "^5.10.1", + "@fortawesome/fontawesome-svg-core": "^1.2.21", + "@fortawesome/free-brands-svg-icons": "^5.10.1", + "@fortawesome/free-solid-svg-icons": "^5.10.1", + "@fortawesome/react-fontawesome": "^0.1.4", + "axios": "^0.21.4", + "bootstrap": "^4.3.1", + "classname": "0.0.0", + "dayjs": "^1.11.4", + "jquery": "^3.5.1", + "node-sass": "^4.14.1", + "perfect-scrollbar": "^1.5.3", + "popper.js": "^1.15.0", + "prop-types": "^15.7.2", + "qs": "^6.9.4", + "react": "^16.10.2", + "react-codemirror": "^1.0.0", + "react-dom": "^16.10.2", + "react-helmet": "^6.1.0", + "react-html-parser": "^2.0.2", + "react-perfect-scrollbar": "^1.5.8", + "react-redux": "^7.2.1", + "react-router-dom": "^5.1.2", + "react-scripts": "^3.4.1", + "react-toastify": "^5.3.1", + "redux": "^4.0.5", + "redux-devtools-extension": "^2.13.8", + "redux-thunk": "^2.3.0", + "validate.js": "^0.13.1" + }, + "scripts": { + "start": "react-scripts start", + "build": "react-scripts build", + "test": "react-scripts test", + "eject": "react-scripts eject" + }, + "eslintConfig": { + "extends": "react-app" + }, + "browserslist": [ + ">0.2%", + "not dead", + "not ie <= 11", + "not op_mini all" + ] +} diff --git a/src/react/public/favicon.ico b/src/react/public/favicon.ico new file mode 100755 index 000000000..a11777cc4 Binary files /dev/null and b/src/react/public/favicon.ico differ diff --git a/src/react/public/index.html b/src/react/public/index.html new file mode 100755 index 000000000..745e5e138 --- /dev/null +++ b/src/react/public/index.html @@ -0,0 +1,24 @@ + + + + + + + + + + Vesta + + + + +
+ + + + + \ No newline at end of file diff --git a/src/react/public/manifest.json b/src/react/public/manifest.json new file mode 100755 index 000000000..1f2f141fa --- /dev/null +++ b/src/react/public/manifest.json @@ -0,0 +1,15 @@ +{ + "short_name": "React App", + "name": "Create React App Sample", + "icons": [ + { + "src": "favicon.ico", + "sizes": "64x64 32x32 24x24 16x16", + "type": "image/x-icon" + } + ], + "start_url": ".", + "display": "standalone", + "theme_color": "#000000", + "background_color": "#ffffff" +} diff --git a/src/react/src/ControlPanelService/Backup.js b/src/react/src/ControlPanelService/Backup.js new file mode 100644 index 000000000..b2f432b5f --- /dev/null +++ b/src/react/src/ControlPanelService/Backup.js @@ -0,0 +1,82 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/list/backup/index.php'; +const scheduleBackupUri = '/api/v1/schedule/backup/'; +const backupDetailsUri = '/api/v1/list/backup/index.php'; +const backupExclusionsUri = '/api/v1/list/backup/exclusions/index.php'; +const backupExclusionsInfoUri = '/api/v1/edit/backup/exclusions/index.php'; +const backupRestoreSettingUri = '/api/v1/schedule/restore/index.php'; +const bulkRestoreUri = '/api/v1/bulk/restore/index.php'; + +export const getBackupList = () => { + return axios.get(BASE_URL + webApiUri); +} + +export const bulkAction = (action, backups) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + backups.forEach(backup => { + formData.append("backup[]", backup); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/backup/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const scheduleBackup = () => { + return axios.get(BASE_URL + scheduleBackupUri); +} + +export const getBackupDetails = backup => { + return axios.get(BASE_URL + `${backupDetailsUri}?backup=${backup}`); +} + +export const restoreBackupSetting = params => { + return axios.get(BASE_URL + `${backupRestoreSettingUri}${params}`); +} + +export const bulkRestore = (action, selection, backup) => { + const formData = new FormData(); + formData.append("token", getAuthToken()); + formData.append("action", action); + formData.append("backup", backup); + + selection.forEach(udir => { + formData.append("udir[]", udir); + }); + + return axios.post(BASE_URL + `${bulkRestoreUri}`, formData); +} + +export const getBackupExclusions = () => { + return axios.get(BASE_URL + `${backupExclusionsUri}`); +} + +export const getBackupExclusionsInfo = () => { + return axios.get(BASE_URL + `${backupExclusionsInfoUri}`); +} + +export const updateBackupExclusions = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + backupExclusionsInfoUri, formDataObject, { + params: { + token: getAuthToken() + } + }); +} diff --git a/src/react/src/ControlPanelService/Cron.js b/src/react/src/ControlPanelService/Cron.js new file mode 100644 index 000000000..fe6f37b24 --- /dev/null +++ b/src/react/src/ControlPanelService/Cron.js @@ -0,0 +1,66 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/list/cron/index.php'; +const cronAddApiUri = '/api/v1/add/cron/index.php'; +const jobInfoUri = '/api/v1/edit/cron/index.php'; +const updateCronJobUri = '/api/v1/edit/cron/index.php'; + +export const getCronList = () => { + return axios.get(BASE_URL + webApiUri); +} + +export const bulkAction = (action, domainNameSystems) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + domainNameSystems.forEach(domainNameSystem => { + formData.append("job[]", domainNameSystem); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/cron/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const addCronJob = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + cronAddApiUri, formDataObject); +} + +export const getCronJobInfo = job => { + return axios.get(BASE_URL + jobInfoUri, { + params: { + job, + token: getAuthToken() + } + }); +} + +export const updateCronJob = (data, job) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + updateCronJobUri, formDataObject, { + params: { + job, + token: getAuthToken() + } + }); +} \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Db.js b/src/react/src/ControlPanelService/Db.js new file mode 100644 index 000000000..cd7a50e90 --- /dev/null +++ b/src/react/src/ControlPanelService/Db.js @@ -0,0 +1,111 @@ +import axios from 'axios' +import { getAuthToken } from 'src/utils/token' + +const BASE_URL = window.location.origin +const webApiUri = '/api/v1/list/db/index.php' +const addDbApiUri = '/api/v1/add/db/index.php' +const optionalDbInfoUri = '/api/v1/add/db/index.php' +const dbInfoUri = '/api/v1/edit/db/index.php' +const updateDatabaseUri = '/api/v1/edit/db/index.php' + +export const getDatabaseList = () => { + return axios.get(BASE_URL + webApiUri) +} + +export const bulkAction = (action, domainNameSystems) => { + const formData = new FormData() + formData.append('action', action) + formData.append('token', getAuthToken()) + + domainNameSystems.forEach((domainNameSystem) => { + formData.append('database[]', domainNameSystem) + }) + + return axios.post(BASE_URL + '/api/v1/bulk/db/', formData) +} + +export const handleAction = (uri) => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken(), + }, + }) +} + +export const getDbOptionalInfo = () => { + return axios.get(BASE_URL + optionalDbInfoUri) +} + +export const addDatabase = (data) => { + let formDataObject = new FormData() + + for (let key in data) { + formDataObject.append(key, data[key]) + } + + return axios.post(BASE_URL + addDbApiUri, formDataObject) +} + +export const dbCharsets = [ + 'big5', + 'dec8', + 'cp850', + 'hp8', + 'koi8r', + 'latin1', + 'latin2', + 'swe7', + 'ascii', + 'ujis', + 'sjis', + 'hebrew', + 'tis620', + 'euckr', + 'koi8u', + 'gb2312', + 'greek', + 'cp1250', + 'gbk', + 'latin5', + 'armscii8', + 'utf8', + 'utf8mb4', + 'ucs2', + 'cp866', + 'keybcs2', + 'macce', + 'macroman', + 'cp852', + 'latin7', + 'cp1251', + 'cp1256', + 'cp1257', + 'binary', + 'geostd8', + 'cp932', + 'eucjpms', +] + +export const getDatabaseInfo = (database) => { + return axios.get(BASE_URL + dbInfoUri, { + params: { + database, + token: getAuthToken(), + }, + }) +} + +export const updateDatabase = (data, database) => { + let formDataObject = new FormData() + + for (let key in data) { + formDataObject.append(key, data[key]) + } + + return axios.post(BASE_URL + updateDatabaseUri, formDataObject, { + params: { + database, + token: getAuthToken(), + }, + }) +} diff --git a/src/react/src/ControlPanelService/Dns.js b/src/react/src/ControlPanelService/Dns.js new file mode 100644 index 000000000..fb60f3ba6 --- /dev/null +++ b/src/react/src/ControlPanelService/Dns.js @@ -0,0 +1,98 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const updateDNSUri = '/api/v1/edit/dns/index.php'; +const addDnsApiUri = '/api/v1/add/dns/index.php'; +const dNSInfoUri = '/api/v1/edit/dns/index.php'; +const BASE_URL = window.location.origin; +const dnsApiUri = '/api/v1/list/dns/index.php'; + +export const getDnsList = () => { + return axios.get(BASE_URL + dnsApiUri); +} + +export const getDNSRecordsList = domain => { + return axios.get(`${BASE_URL}${dnsApiUri}?domain=${domain}`); +} + +export const getDNSRecordInfo = (domain, recordId) => { + return axios.get(`${BASE_URL}${updateDNSUri}?domain=${domain}&record_id=${recordId}`); +} + +export const bulkDomainAction = (action, domains) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + domains.forEach(record => { + formData.append("domain[]", record); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/dns/', formData); +}; + +export const bulkAction = (action, records, domain) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + formData.append("domain", domain); + + records.forEach(record => { + formData.append("record[]", record); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/dns/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const addDomainNameSystem = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + addDnsApiUri, formDataObject); +} + +export const addDomainNameSystemRecord = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + addDnsApiUri, formDataObject); +} + +export const getDNSInfo = domain => { + return axios.get(BASE_URL + dNSInfoUri, { + params: { + domain, + token: getAuthToken() + } + }); +} + +export const updateDNS = (data, domain, recordId) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + updateDNSUri, formDataObject, { + params: { + domain, + record_id: recordId, + token: getAuthToken() + } + }); +} \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Favorites.js b/src/react/src/ControlPanelService/Favorites.js new file mode 100644 index 000000000..21ac96eb1 --- /dev/null +++ b/src/react/src/ControlPanelService/Favorites.js @@ -0,0 +1,23 @@ +import axios from "axios"; +let addFavoriteUri = '/api/v1/add/favorite/index.php'; +let deleteFavoriteUri = '/api/v1/delete/favorite/index.php'; +let BASE_URL = window.location.origin; + + +export const addFavorite = (unitId, section) => { + return axios.get(BASE_URL + addFavoriteUri, { + params: { + 'v_unit_id': unitId, + 'v_section': section + } + }); +} + +export const deleteFavorite = (unitId, section) => { + return axios.get(BASE_URL + deleteFavoriteUri, { + params: { + 'v_unit_id': unitId, + 'v_section': section + } + }); +} \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Firewalls.js b/src/react/src/ControlPanelService/Firewalls.js new file mode 100644 index 000000000..717f1cfa4 --- /dev/null +++ b/src/react/src/ControlPanelService/Firewalls.js @@ -0,0 +1,115 @@ +import axios from 'axios'; +import { getAuthToken } from 'src/utils/token'; + +const BASE_URL = window.location.origin; +const usersUri = '/api/v1/list/firewall/index.php'; +const addFirewallUri = '/api/v1/add/firewall/index.php'; +const firewallInfoUri = '/api/v1/edit/firewall/index.php'; +const updateFirewallUri = '/api/v1/edit/firewall/index.php'; +const addBanIpsUri = '/api/v1/add/firewall/banlist/index.php'; +const banListUri = '/api/v1/list/firewall/banlist/index.php'; + +export const getFirewallList = () => { + return axios.get(BASE_URL + usersUri); +} + +export const getBanList = () => { + return axios.get(BASE_URL + banListUri); +} + +export const bulkFirewallAction = (action, ips) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + ips.forEach(ip => { + formData.append("rule[]", ip); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/firewall/', formData); +}; + +export const bulkAction = (action, ips, banIps) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + ips.forEach(ip => { + const banIp = banIps.find(banIp => banIp.NAME === ip); + formData.append("ipchain[]", `${ip}:${banIp['CHAIN']}`); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/firewall/banlist/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const getBanIps = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.get(BASE_URL + addBanIpsUri, { + params: { + token: getAuthToken() + } + }); +} + +export const addBanIp = (data) => { + let formDataObject = new FormData(); + + formDataObject.append('token', getAuthToken()); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + addBanIpsUri, formDataObject, { + params: { + token: getAuthToken() + } + }); +} + +export const addFirewall = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + addFirewallUri, formDataObject); +} + +export const getFirewallInfo = rule => { + return axios.get(BASE_URL + firewallInfoUri, { + params: { + rule, + token: getAuthToken() + } + }); +} + +export const updateFirewall = (data, rule) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + updateFirewallUri, formDataObject, { + params: { + rule, + token: getAuthToken() + } + }); +} \ No newline at end of file diff --git a/src/react/src/ControlPanelService/GeneratorOptions.js b/src/react/src/ControlPanelService/GeneratorOptions.js new file mode 100644 index 000000000..5153c9cfa --- /dev/null +++ b/src/react/src/ControlPanelService/GeneratorOptions.js @@ -0,0 +1,139 @@ +export const generatorOptions = i18n => { + return { + minutesRunCommandsOptions: [ + { name: i18n['every minute'] ?? 'every minute', value: '*' }, + { name: i18n['every two minutes'] ?? 'every two minutes', value: '*/2' }, + { name: `${i18n.every || 'every'} 5`, value: '*/5' }, + { name: `${i18n.every || 'every'} 10`, value: '*/10' }, + { name: `${i18n.every || 'every'} 15`, value: '*/15' }, + { name: `${i18n.every || 'every'} 30`, value: '*/30' } + ], + hoursRunCommandsOptions: [ + { name: i18n['every hour'] ?? 'every hour', value: '*' }, + { name: i18n['every two hours'] ?? 'every two hours', value: '*/2' }, + { name: `${i18n.every || 'every'} 6`, value: '*/6' }, + { name: `${i18n.every || 'every'} 12`, value: '*/12' } + ], + daysRunCommandsOptions: [ + { name: i18n['every day'] ?? 'every day', value: '*' }, + { name: i18n['every odd day'] ?? 'every odd day', value: '1-31/2' }, + { name: i18n['every even day'] ?? 'every even day', value: '*/2' }, + { name: `${i18n.every || 'every'} 3`, value: '*/3' }, + { name: `${i18n.every || 'every'} 5`, value: '*/5' }, + { name: `${i18n.every || 'every'} 10`, value: '*/10' }, + { name: `${i18n.every || 'every'} 15`, value: '*/15' } + ], + hoursOptions: [ + { name: '00', value: '0' }, + { name: '01', value: '1' }, + { name: '02', value: '2' }, + { name: '03', value: '3' }, + { name: '04', value: '4' }, + { name: '05', value: '5' }, + { name: '06', value: '6' }, + { name: '07', value: '7' }, + { name: '08', value: '8' }, + { name: '09', value: '9' }, + { name: '10', value: '10' }, + { name: '11', value: '11' }, + { name: '12', value: '12' }, + { name: '13', value: '13' }, + { name: '14', value: '14' }, + { name: '15', value: '15' }, + { name: '16', value: '16' }, + { name: '17', value: '17' }, + { name: '18', value: '18' }, + { name: '19', value: '19' }, + { name: '20', value: '20' }, + { name: '21', value: '21' }, + { name: '22', value: '22' }, + { name: '23', value: '23' } + ], + hourlyMinutesOptions: [ + { name: '00', value: '0' }, + { name: '15', value: '15' }, + { name: '30', value: '30' }, + { name: '45', value: '45' } + ], + dailyMinutesOptions: [ + { name: '00', value: '0' }, + { name: '01', value: '1' }, + { name: '02', value: '2' }, + { name: '05', value: '5' }, + { name: '10', value: '10' }, + { name: '15', value: '15' }, + { name: '20', value: '20' }, + { name: '25', value: '25' }, + { name: '30', value: '30' }, + { name: '35', value: '35' }, + { name: '40', value: '40' }, + { name: '45', value: '45' }, + { name: '50', value: '50' }, + { name: '55', value: '55' } + ], + weeklyRunCommandOptions: [ + { name: i18n['every day'] ?? 'every day', value: '*' }, + { name: i18n['weekdays (5 days)'] ?? 'weekdays (5 days)', value: '1,2,3,4,5' }, + { name: i18n['weekend (2 days)'] ?? 'weekend (2 days)', value: '0,6' }, + { name: i18n.Monday ?? 'Monday', value: '1' }, + { name: i18n.Tuesday ?? 'Tuesday', value: '2' }, + { name: i18n.Wednesday ?? 'Wednesday', value: '3' }, + { name: i18n.Thursday ?? 'Thursday', value: '4' }, + { name: i18n.Friday ?? 'Friday', value: '5' }, + { name: i18n.Saturday ?? 'Saturday', value: '6' }, + { name: i18n.Sunday ?? 'Sunday', value: '0' } + ], + monthlyRunCommandOptions: [ + { name: i18n['every month'] ?? 'every month', value: '*' }, + { name: i18n['every odd month'] ?? 'every odd month', value: '1-11/2' }, + { name: i18n['every even month'] ?? 'every even month', value: '*/2' }, + { name: `${i18n.every || 'every'} 3`, value: '*/3' }, + { name: `${i18n.every || 'every'} 6`, value: '*/6' }, + { name: i18n.Jan ?? 'Jan', value: '1' }, + { name: i18n.Feb ?? 'Feb', value: '2' }, + { name: i18n.Mar ?? 'Mar', value: '3' }, + { name: i18n.Apr ?? 'Apr', value: '4' }, + { name: i18n.May ?? 'May', value: '5' }, + { name: i18n.Jun ?? 'Jun', value: '6' }, + { name: i18n.Jul ?? 'Jul', value: '7' }, + { name: i18n.Aug ?? 'Aug', value: '8' }, + { name: i18n.Sep ?? 'Sep', value: '9' }, + { name: i18n.Oct ?? 'Oct', value: '10' }, + { name: i18n.Nov ?? 'Nov', value: '11' }, + { name: i18n.Dec ?? 'Dec', value: '12' } + ], + dateOptions: [ + { name: '1', value: '1' }, + { name: '2', value: '2' }, + { name: '3', value: '3' }, + { name: '4', value: '4' }, + { name: '5', value: '5' }, + { name: '6', value: '6' }, + { name: '7', value: '7' }, + { name: '8', value: '8' }, + { name: '9', value: '9' }, + { name: '10', value: '10' }, + { name: '11', value: '11' }, + { name: '12', value: '12' }, + { name: '13', value: '13' }, + { name: '14', value: '14' }, + { name: '15', value: '15' }, + { name: '16', value: '16' }, + { name: '17', value: '17' }, + { name: '18', value: '18' }, + { name: '19', value: '19' }, + { name: '20', value: '20' }, + { name: '21', value: '21' }, + { name: '22', value: '22' }, + { name: '23', value: '23' }, + { name: '24', value: '24' }, + { name: '25', value: '25' }, + { name: '26', value: '26' }, + { name: '27', value: '27' }, + { name: '28', value: '28' }, + { name: '29', value: '29' }, + { name: '30', value: '30' }, + { name: '31', value: '31' } + ] + } +} diff --git a/src/react/src/ControlPanelService/Ip.js b/src/react/src/ControlPanelService/Ip.js new file mode 100644 index 000000000..9a8904954 --- /dev/null +++ b/src/react/src/ControlPanelService/Ip.js @@ -0,0 +1,71 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/list/ip/index.php'; +const addIpApiUri = '/api/v1/add/ip/index.php'; +const additionalInfoUri = '/api/v1/add/ip/index.php'; +const ipInfoUri = '/api/v1/edit/ip/index.php'; +const updateIpUri = '/api/v1/edit/ip/index.php'; + +export const getIpList = () => { + return axios.get(BASE_URL + webApiUri); +} + +export const bulkAction = (action, internetProtocols) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + internetProtocols.forEach(internetProtocol => { + formData.append("ip[]", internetProtocol); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/ip/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const getAdditionalInfo = () => { + return axios.get(BASE_URL + additionalInfoUri); +} + +export const addInternetProtocol = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + addIpApiUri, formDataObject); +} + +export const getInternetProtocolInfo = ip => { + return axios.get(BASE_URL + ipInfoUri, { + params: { + ip, + token: getAuthToken() + } + }); +} + +export const updateInternetProtocol = (data, ip) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + updateIpUri, formDataObject, { + params: { + ip, + token: getAuthToken() + } + }); +} \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Languages.js b/src/react/src/ControlPanelService/Languages.js new file mode 100644 index 000000000..4b901d947 --- /dev/null +++ b/src/react/src/ControlPanelService/Languages.js @@ -0,0 +1,46 @@ +import axios from "axios"; + +const webApiUri = '/api/v1/languages.php'; +const BASE_URL = window.location.origin; + +export const getLanguages = () => { + return axios.get(BASE_URL + webApiUri); +} + +export const languagesMock = [ + "ar", + "az", + "bg", + "bs", + "cn", + "cz", + "da", + "de", + "el", + "en", + "es", + "fa", + "fi", + "fr", + "hu", + "id", + "it", + "ja", + "ka", + "ko", + "nl", + "no", + "pl", + "pt-BR", + "pt", + "ro", + "ru", + "se", + "sr", + "th", + "tr", + "tw", + "ua", + "ur", + "vi" +]; \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Logs.js b/src/react/src/ControlPanelService/Logs.js new file mode 100644 index 000000000..30f95f848 --- /dev/null +++ b/src/react/src/ControlPanelService/Logs.js @@ -0,0 +1,8 @@ +import axios from "axios"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/list/log/index.php'; + +export const getLogsList = () => { + return axios.get(BASE_URL + webApiUri); +} \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Mail.js b/src/react/src/ControlPanelService/Mail.js new file mode 100644 index 000000000..3f7e400e7 --- /dev/null +++ b/src/react/src/ControlPanelService/Mail.js @@ -0,0 +1,130 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/list/mail/index.php'; +const addMailApiUri = '/api/v1/add/mail/index.php'; +const mailInfoUri = '/api/v1/edit/mail/index.php'; +const updateMailUri = '/api/v1/edit/mail/index.php'; + +export const getMailList = () => { + return axios.get(BASE_URL + webApiUri); +} + +export const getMailAccountList = domain => { + return axios.get(`${BASE_URL}${webApiUri}?domain=${domain}`) +} + +export const getMailAccountInfo = (domain, account) => { + return axios.get(`${BASE_URL}${mailInfoUri}?domain=${domain}&account=${account}`) +} + +export const bulkAction = (action, domainNameSystems) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + domainNameSystems.forEach(domainNameSystem => { + formData.append("domain[]", domainNameSystem); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/mail/', formData); +}; + +export const bulkMailAccountAction = (action, domain, accounts = []) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + formData.append("domain", domain); + + accounts.forEach(account => { + formData.append("account[]", account); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/mail/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const addMail = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + addMailApiUri, formDataObject); +} + +export const addMailAccount = (data, domain) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(`${BASE_URL}${addMailApiUri}?domain=${domain}`, formDataObject); +} + +export const editMailAccount = (data, domain, account) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(`${BASE_URL}${updateMailUri}?domain=${domain}&account=${account}`, formDataObject); +} + +export const getMailInfo = domain => { + return axios.get(BASE_URL + mailInfoUri, { + params: { + domain, + token: getAuthToken() + } + }); +} + +export const updateMail = (data, domain) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + updateMailUri, formDataObject, { + params: { + domain, + token: getAuthToken() + } + }); +} + +export const mailInfoBlockSelectOptions = i18n => [ + { + value: i18n['Use server hostname'], + type: 'hostname', + }, + { + value: i18n['Use domain hostname'], + type: 'domain', + }, + { + value: i18n['Use STARTTLS'], + type: 'starttls', + }, + { + value: i18n['Use SSL / TLS'], + type: 'ssl', + }, + { + value: i18n['No encryption'], + type: 'no_encryption', + } +]; \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Notifications.js b/src/react/src/ControlPanelService/Notifications.js new file mode 100644 index 000000000..894d5bab1 --- /dev/null +++ b/src/react/src/ControlPanelService/Notifications.js @@ -0,0 +1,24 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; +let BASE_URL = window.location.origin; +let getNotificationsUri = '/api/v1/list/notifications/index.php'; +let deleteNotificationsUri = '/api/v1/delete/notification/index.php'; + +export const getAppNotifications = () => { + return axios.get(BASE_URL + getNotificationsUri, { + params: { + ajax: 1, + token: getAuthToken() + } + }); +} + +export const deleteNotification = id => { + return axios.get(BASE_URL + deleteNotificationsUri, { + params: { + 'delete': 1, + 'notification_id': id, + token: getAuthToken() + } + }); +} \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Package.js b/src/react/src/ControlPanelService/Package.js new file mode 100644 index 000000000..ca8619b2b --- /dev/null +++ b/src/react/src/ControlPanelService/Package.js @@ -0,0 +1,70 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/list/package/index.php'; +const additionalPackageInfoUri = '/api/v1/add/package/index.php'; +const addPackageUri = '/api/v1/add/package/index.php'; +const packageInfoUri = '/api/v1/edit/package/index.php'; +const updatePackageUri = '/api/v1/edit/package/index.php'; + +export const getPackageList = () => { + return axios.get(BASE_URL + webApiUri); +} + +export const bulkAction = (action, backups) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + backups.forEach(backup => { + formData.append("package[]", backup); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/package/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const addPackage = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + addPackageUri, formDataObject); +} + +export const getAdditionalPackageInfo = () => { + return axios.get(BASE_URL + additionalPackageInfoUri); +} + +export const getPackageInfo = item => { + return axios.get(BASE_URL + packageInfoUri, { + params: { + package: item, + token: getAuthToken() + } + }); +} + +export const updatePackage = (data, item) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + updatePackageUri, formDataObject, { + params: { + package: item + } + }); +} diff --git a/src/react/src/ControlPanelService/RRD.js b/src/react/src/ControlPanelService/RRD.js new file mode 100644 index 000000000..5c836dba7 --- /dev/null +++ b/src/react/src/ControlPanelService/RRD.js @@ -0,0 +1,12 @@ +import axios from "axios"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/list/rrd/index.php'; + +export const getRrdList = () => { + return axios.get(BASE_URL + webApiUri); +} + +export function generateImagePath(period, type, rrd) { + return `/api/v1/list/rrd/image.php?/rrd/${type}/${period}-${rrd}.png`; +} diff --git a/src/react/src/ControlPanelService/ResetPassword.js b/src/react/src/ControlPanelService/ResetPassword.js new file mode 100644 index 000000000..d353cd6c9 --- /dev/null +++ b/src/react/src/ControlPanelService/ResetPassword.js @@ -0,0 +1,26 @@ +import axios from "axios"; + +const BASE_URL = window.location.origin; +const resetPasswordUri = '/api/v1/reset/index.php'; + +export const resetPassword = (user = '', code = '', password = '', confirmPassword = '') => { + const formData = new FormData(); + + if (password) { + formData.append('password', password); + } + + if (confirmPassword) { + formData.append('password_confirm', confirmPassword); + } + + if (user) { + formData.append('user', user); + } + + if (code) { + formData.append('code', code); + } + + return axios.post(BASE_URL + resetPasswordUri, formData); +}; diff --git a/src/react/src/ControlPanelService/Search.js b/src/react/src/ControlPanelService/Search.js new file mode 100644 index 000000000..c0f2fc884 --- /dev/null +++ b/src/react/src/ControlPanelService/Search.js @@ -0,0 +1,17 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/search/'; + +export const getSearchResultsList = term => { + return axios.get(BASE_URL + webApiUri + '?q=' + term); +} + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} diff --git a/src/react/src/ControlPanelService/Select.js b/src/react/src/ControlPanelService/Select.js new file mode 100644 index 000000000..34923b04b --- /dev/null +++ b/src/react/src/ControlPanelService/Select.js @@ -0,0 +1,72 @@ +export const values = (select = {}) => { + return { + usersList: [ + { value: 'rebuild', name: select.rebuild }, + { value: 'rebuild web', name: select['rebuild web'] }, + { value: 'rebuild dns', name: select['rebuild dns'] }, + { value: 'rebuild mail', name: select['rebuild mail'] }, + { value: 'rebuild db', name: select['rebuild db'] }, + { value: 'rebuild cron', name: select['rebuild cron'] }, + { value: 'update counters', name: select['update counters'] }, + { value: 'suspend', name: select.suspend }, + { value: 'unsuspend', name: select.unsuspend }, + { value: 'delete', name: select.delete } + ], + webList: [ + { value: 'suspend', name: select.suspend }, + { value: 'unsuspend', name: select.unsuspend }, + { value: 'delete', name: select.delete } + ], + dnsList: [ + { value: 'suspend', name: select.suspend }, + { value: 'unsuspend', name: select.unsuspend }, + { value: 'delete', name: select.delete } + ], + mailList: [ + { value: 'suspend', name: select.suspend }, + { value: 'unsuspend', name: select.unsuspend }, + { value: 'delete', name: select.delete } + ], + dbList: [ + { value: 'suspend', name: select.suspend }, + { value: 'unsuspend', name: select.unsuspend }, + { value: 'delete', name: select.delete } + ], + cronList: [ + { value: 'add-cron-reports', name: select['turn on notifications'] }, + { value: 'delete-cron-reports', name: select['turn off notifications'] }, + { value: 'suspend', name: select.suspend }, + { value: 'unsuspend', name: select.unsuspend }, + { value: 'delete', name: select.delete } + ], + backupList: [ + { value: 'delete', name: select.delete } + ], + packagesList: [ + { value: 'delete', name: select.delete } + ], + internetProtocolsList: [ + { value: 'reread IP', name: select['reread IP'] }, + { value: 'delete', name: select.delete } + ], + updatesList: [ + { value: 'update', name: select.update } + ], + firewallList: [ + { value: 'suspend', name: select.suspend }, + { value: 'unsuspend', name: select.unsuspend }, + { value: 'delete', name: select.delete } + ], + serverList: [ + { value: 'stop', name: select.stop }, + { value: 'start', name: select.start }, + { value: 'restart', name: select.restart } + ], + backupDetailList: [ + { value: 'restore', name: select.restore } + ], + banList: [ + { value: 'delete', name: select.delete } + ] + } +}; \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Server.js b/src/react/src/ControlPanelService/Server.js new file mode 100644 index 000000000..8b26491d5 --- /dev/null +++ b/src/react/src/ControlPanelService/Server.js @@ -0,0 +1,80 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/list/server/index.php'; +const serverAdditionalInfoUri = '/api/v1/edit/server/index.php'; + +export const getServersList = () => { + return axios.get(BASE_URL + webApiUri); +} + +export const bulkAction = (action, services) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + services.forEach(service => { + formData.append("service[]", service); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/service/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const getServerAdditionalInfo = () => { + return axios.get(BASE_URL + serverAdditionalInfoUri, { + params: { + token: getAuthToken() + } + }); +} + +export const updateService = (data, uri = '') => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + `/api/v1/edit/server/${uri}/index.php`, formDataObject, { + params: { + token: getAuthToken() + } + }); +} + +export const getServiceInfo = service => { + return axios.get(`${BASE_URL}/api/v1/edit/server/${service}/index.php`); +} + +export const getServiceLogs = service => { + return axios.get(`${BASE_URL}${webApiUri}?${service}`); +} + +export const services = [ + 'apache2', + 'clamd', + 'cron', + 'crond', + 'exim', + 'exim4', + 'fail2ban', + 'iptables', + 'mariadb', + 'mysqld', + 'named', + 'php-fpm', + 'php5-fpm', + 'proftpd', + 'spamassassin', + 'spamd', + 'vsftpd', +]; \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Statistics.js b/src/react/src/ControlPanelService/Statistics.js new file mode 100644 index 000000000..8d039d866 --- /dev/null +++ b/src/react/src/ControlPanelService/Statistics.js @@ -0,0 +1,8 @@ +import axios from "axios"; + +const BASE_URL = window.location.origin; +const webApiUri = '/api/v1/list/stats/index.php'; + +export const getStatisticsList = user => { + return axios.get(BASE_URL + webApiUri + '?user=' + user); +} \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Updates.js b/src/react/src/ControlPanelService/Updates.js new file mode 100644 index 000000000..be5478e4c --- /dev/null +++ b/src/react/src/ControlPanelService/Updates.js @@ -0,0 +1,47 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const deleteAutoUpdateUri = '/api/v1/delete/cron/autoupdate/'; +const addAutoUpdateUri = '/api/v1/add/cron/autoupdate/'; +const webApiUri = '/api/v1/list/updates/index.php'; +const BASE_URL = window.location.origin; + +export const getUpdatesList = () => { + return axios.get(BASE_URL + webApiUri); +} + +export const bulkAction = (action, updates) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + updates.forEach(update => { + formData.append("pkg[]", update); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/vesta/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const enableAutoUpdate = () => { + return axios.get(`${BASE_URL}${addAutoUpdateUri}`, { + params: { + token: getAuthToken() + } + }); +}; + +export const disableAutoUpdate = () => { + return axios.get(`${BASE_URL}${deleteAutoUpdateUri}`, { + params: { + token: getAuthToken() + } + }); +}; \ No newline at end of file diff --git a/src/react/src/ControlPanelService/UserNS.js b/src/react/src/ControlPanelService/UserNS.js new file mode 100644 index 000000000..c0fb1aaf4 --- /dev/null +++ b/src/react/src/ControlPanelService/UserNS.js @@ -0,0 +1,8 @@ +import axios from "axios"; + +const BASE_URL = window.location.origin; +const userNSApiUri = '/api/v1/list-user-ns.php'; + +export const getUserNS = () => { + return axios.get(BASE_URL + userNSApiUri); +} \ No newline at end of file diff --git a/src/react/src/ControlPanelService/Users.js b/src/react/src/ControlPanelService/Users.js new file mode 100644 index 000000000..1de526756 --- /dev/null +++ b/src/react/src/ControlPanelService/Users.js @@ -0,0 +1,73 @@ +import axios from 'axios'; +import { getAuthToken } from 'src/utils/token'; + +const BASE_URL = window.location.origin; +const usersUri = '/api/v1/list/user/index.php'; +const addUsersUri = '/api/v1/add/user/index.php'; +const userInfoUri = '/api/v1/edit/user/index.php'; +const updateUserUri = '/api/v1/edit/user/index.php'; + +export const getUsersList = () => { + return axios.get(BASE_URL + usersUri, { + params: { + token: getAuthToken() + } + }); +} + +export const bulkAction = (action, selectedUsers) => { + const formData = new FormData(); + formData.append("token", getAuthToken()); + formData.append("action", action); + + selectedUsers.forEach(user => { + formData.append("user[]", user); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/user/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const addUser = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + formDataObject.append("token", getAuthToken()); + formDataObject.append("ok", "Add"); + + return axios.post(BASE_URL + addUsersUri, formDataObject); +} + +export const getUserInfo = username => { + return axios.get(BASE_URL + userInfoUri, { + params: { + user: username, + token: getAuthToken() + } + }); +} + +export const updateUser = (data, user) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + updateUserUri, formDataObject, { + params: { + user, + token: getAuthToken() + } + }); +} diff --git a/src/react/src/ControlPanelService/Web.js b/src/react/src/ControlPanelService/Web.js new file mode 100644 index 000000000..19361fd0e --- /dev/null +++ b/src/react/src/ControlPanelService/Web.js @@ -0,0 +1,106 @@ +import axios from "axios"; +import { getAuthToken } from "src/utils/token"; + +const BASE_URL = window.location.origin; +const addWebUri = '/api/v1/add/web/index.php'; +const webApiUri = '/api/v1/list/web/index.php'; +const webStatsUri = '/api/v1/web-stats.php'; +const domainInfoUri = '/api/v1/edit/web/index.php'; +const generateCSRUri = '/api/v1/generate/ssl/index.php'; +const updateDomainUri = '/api/v1/edit/web/index.php'; + +export const getWebList = () => { + return axios.get(BASE_URL + webApiUri); +} + +export const bulkAction = (action, webDomains) => { + const formData = new FormData(); + formData.append("action", action); + formData.append("token", getAuthToken()); + + webDomains.forEach(webDomain => { + formData.append("domain[]", webDomain); + }); + + return axios.post(BASE_URL + '/api/v1/bulk/web/', formData); +}; + +export const handleAction = uri => { + return axios.get(BASE_URL + uri, { + params: { + token: getAuthToken() + } + }); +} + +export const addWeb = data => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + addWebUri, formDataObject); +} + +export const getWebDomainInfo = domain => { + return axios.get(BASE_URL + addWebUri, { + params: { + token: getAuthToken() + } + }); +} + +export const getWebStats = () => { + return axios.get(BASE_URL + webStatsUri); +} + +export const getDomainInfo = domain => { + return axios.get(BASE_URL + domainInfoUri, { + params: { + domain, + token: getAuthToken() + } + }); +} + +export const updateWebDomain = (data, domain) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + updateDomainUri, formDataObject, { + params: { + domain, + token: getAuthToken() + } + }); +} + +export const getCsrInitialData = domain => { + if (domain) { + return axios.get(BASE_URL + generateCSRUri, { + params: { + domain + } + }); + } else { + return axios.get(BASE_URL + generateCSRUri); + } +} + +export const generateCSR = (data) => { + let formDataObject = new FormData(); + + for (let key in data) { + formDataObject.append(key, data[key]); + } + + return axios.post(BASE_URL + generateCSRUri, formDataObject, { + params: { + token: getAuthToken() + } + }); +} diff --git a/src/react/src/ControlPanelService/WebLogs.js b/src/react/src/ControlPanelService/WebLogs.js new file mode 100644 index 000000000..fd3504796 --- /dev/null +++ b/src/react/src/ControlPanelService/WebLogs.js @@ -0,0 +1,7 @@ +import axios from "axios"; + +const BASE_URL = window.location.origin; + +export const getWebLogs = uri => { + return axios.get(BASE_URL + '/api/v1' +uri); +} \ No newline at end of file diff --git a/src/react/src/FileManagerHelper.js b/src/react/src/FileManagerHelper.js new file mode 100644 index 000000000..fa1940efe --- /dev/null +++ b/src/react/src/FileManagerHelper.js @@ -0,0 +1,131 @@ +import axios from "axios"; +import QueryString from "qs"; +const server = window.location.origin + "/file_manager/fm_api.php?"; + +export function validateAction(url) { + return axios.get(url); +} + +export function cacheData(currentUser, history, rootDir) { + const parsedQueryString = QueryString.parse(history.location.search, { ignoreQueryPrefix: true }); + + if (parsedQueryString.path) { + localStorage.setItem("activeWindow", "left"); + localStorage.setItem("leftListPath", parsedQueryString.path); + localStorage.setItem("rightListPath", parsedQueryString.path); + return; + } + + if (localStorage.getItem("lastUser") === null || currentUser !== localStorage.getItem("lastUser")) { + localStorage.setItem("lastUser", currentUser); + localStorage.setItem("activeWindow", "left"); + localStorage.setItem("leftListPath", rootDir); + localStorage.setItem("rightListPath", rootDir); + return; + } + + if (localStorage.getItem("activeWindow") === null || localStorage.getItem("leftListPath") === null || localStorage.getItem("rightListPath") === null) { + let path = history.location.search.substring(6).split('/'); + localStorage.setItem("activeWindow", "left"); + localStorage.setItem("leftListPath", path); + localStorage.setItem("rightListPath", rootDir); + return; + } +} + +export function changeDirectoryOnLoading(server, list) { + return axios.get(`${server}dir=${encodePath(localStorage.getItem(list))}&action=cd`); +} + +export function changeDirectory(server, path) { + return axios.get(`${server}dir=${encodePath(path)}&action=cd`); +} + +export function getData(path) { + return axios.get(`${server}dir=%2F${path}&action=cd`); +} + +export function checkExistingFileName(selectedFiles, activeWindow, leftListData, rightListData) { + let selectedFileNames = []; + let existingFileNames = []; + let newFiles = []; + + for (let i = 0; i < selectedFiles.length; i++) { + selectedFileNames.push(selectedFiles[i]); + } + + if (activeWindow === "left") { + for (let i = 0; i < selectedFileNames.length; i++) { + if (leftListData.map((item) => { return item.name }).includes(selectedFileNames[i].name)) { + existingFileNames.push(selectedFileNames[i]); + } else { + newFiles.push(selectedFileNames[i]); + } + } + } else { + for (let i = 0; i < selectedFileNames.length; i++) { + if (rightListData.map((item) => { return item.name }).includes(selectedFileNames[i].name)) { + existingFileNames.push(selectedFileNames[i]); + } else { + newFiles.push(selectedFileNames[i]); + } + } + } + + return { existingFileNames, newFiles }; +} + +export function encodePath(path) { + let splitPath = path.split('/'); + let encodedPath = splitPath.join('%2F'); + return encodedPath; +} + +export function activeWindowPath() { + if (localStorage.getItem("activeWindow") === "left") { + let currentPath = localStorage.getItem("leftListPath"); + return currentPath; + } else if (localStorage.getItem("activeWindow") === "right") { + let currentPath = localStorage.getItem("rightListPath"); + return currentPath; + } +} + +export function deleteItems(url, path, selection) { + if (!selection.length) { + return false; + } + + const promisesArray = selection.map(item => + validateAction(`${url}item=${path}%2F${item}&dir=${path}&action=delete_files`) + .then(() => { }) + ); + + return Promise.all(promisesArray); +} + +export function moveItems(url, path, targetPath, selection) { + if (!selection.length) { + return false; + } + + const promisesArray = selection.map(item => + validateAction(`${url}item=${path}%2F${item}&target_name=${targetPath}&action=move_file`) + .then(() => { }) + ); + + return Promise.all(promisesArray); +} + +export function copyItems(url, path, targetPath, selection) { + if (!selection.length) { + return false; + } + + const promisesArray = selection.map(item => + validateAction(`${url}item=${path}%2F${item}&filename=${item}&dir=${path}&dir_target=${targetPath}&action=copy_file`) + .then(() => { }) + ); + + return Promise.all(promisesArray); +} \ No newline at end of file diff --git a/src/react/src/actions/ControlPanelContent/controlPanelContentActions.js b/src/react/src/actions/ControlPanelContent/controlPanelContentActions.js new file mode 100644 index 000000000..9888d695a --- /dev/null +++ b/src/react/src/actions/ControlPanelContent/controlPanelContentActions.js @@ -0,0 +1,15 @@ +import { ADD_CPANEL_FOCUSED_ELEMENT, REMOVE_CPANEL_FOCUSED_ELEMENT } from './controlPanelContentTypes'; + +export const addControlPanelContentFocusedElement = value => { + return { + type: ADD_CPANEL_FOCUSED_ELEMENT, + value + }; +}; + +export const removeControlPanelContentFocusedElement = () => { + return { + type: REMOVE_CPANEL_FOCUSED_ELEMENT, + value: '' + }; +}; \ No newline at end of file diff --git a/src/react/src/actions/ControlPanelContent/controlPanelContentTypes.js b/src/react/src/actions/ControlPanelContent/controlPanelContentTypes.js new file mode 100644 index 000000000..f127d6583 --- /dev/null +++ b/src/react/src/actions/ControlPanelContent/controlPanelContentTypes.js @@ -0,0 +1,2 @@ +export const ADD_CPANEL_FOCUSED_ELEMENT = 'ADD_CPANEL_FOCUSED_ELEMENT'; +export const REMOVE_CPANEL_FOCUSED_ELEMENT = 'REMOVE_CPANEL_FOCUSED_ELEMENT'; \ No newline at end of file diff --git a/src/react/src/actions/MainNavigation/mainNavigationActions.js b/src/react/src/actions/MainNavigation/mainNavigationActions.js new file mode 100644 index 000000000..936be0532 --- /dev/null +++ b/src/react/src/actions/MainNavigation/mainNavigationActions.js @@ -0,0 +1,29 @@ +import { ADD_FOCUSED_ELEMENT, ADD_ACTIVE_ELEMENT, REMOVE_FOCUSED_ELEMENT, REMOVE_ACTIVE_ELEMENT } from './mainNavigationTypes'; + +export const addFocusedElement = value => { + return { + type: ADD_FOCUSED_ELEMENT, + value + }; +}; + +export const removeFocusedElement = () => { + return { + type: REMOVE_FOCUSED_ELEMENT, + value: '' + }; +}; + +export const addActiveElement = value => { + return { + type: ADD_ACTIVE_ELEMENT, + value + }; +}; + +export const removeActiveElement = () => { + return { + type: REMOVE_ACTIVE_ELEMENT, + value: '' + }; +}; \ No newline at end of file diff --git a/src/react/src/actions/MainNavigation/mainNavigationTypes.js b/src/react/src/actions/MainNavigation/mainNavigationTypes.js new file mode 100644 index 000000000..5411d49a5 --- /dev/null +++ b/src/react/src/actions/MainNavigation/mainNavigationTypes.js @@ -0,0 +1,4 @@ +export const ADD_FOCUSED_ELEMENT = 'ADD_FOCUSED_ELEMENT'; +export const REMOVE_FOCUSED_ELEMENT = 'REMOVE_FOCUSED_ELEMENT'; +export const ADD_ACTIVE_ELEMENT = 'ADD_ACTIVE_ELEMENT'; +export const REMOVE_ACTIVE_ELEMENT = 'REMOVE_ACTIVE_ELEMENT'; \ No newline at end of file diff --git a/src/react/src/actions/MenuCounters/menuCounterActions.js b/src/react/src/actions/MenuCounters/menuCounterActions.js new file mode 100644 index 000000000..5d4255dc0 --- /dev/null +++ b/src/react/src/actions/MenuCounters/menuCounterActions.js @@ -0,0 +1,35 @@ +import { REFRESH_COUNTERS } from './menuCounterTypes'; +import { checkAuth } from 'src/services/session'; +import { setAuthToken } from 'src/utils/token'; +import { REFRESH_PANEL } from '../Panel/panelTypes'; + +export const refreshCounters = () => (dispatch, getState) => { + return new Promise((resolve, reject) => { + checkAuth() + .then(res => { + const { data, token, panel } = res.data; + + if (token) setAuthToken(token); + + dispatch({ + type: REFRESH_COUNTERS, + value: { + user: data + } + }); + + dispatch({ + type: REFRESH_PANEL, + value: { + panel + } + }); + + resolve(token); + }) + .catch(err => { + reject(); + console.error(err); + }); + }); +} diff --git a/src/react/src/actions/MenuCounters/menuCounterTypes.js b/src/react/src/actions/MenuCounters/menuCounterTypes.js new file mode 100644 index 000000000..e5175d6b0 --- /dev/null +++ b/src/react/src/actions/MenuCounters/menuCounterTypes.js @@ -0,0 +1 @@ +export const REFRESH_COUNTERS = 'REFRESH_COUNTERS'; \ No newline at end of file diff --git a/src/react/src/actions/Notification/notificationActions.js b/src/react/src/actions/Notification/notificationActions.js new file mode 100644 index 000000000..eae604b49 --- /dev/null +++ b/src/react/src/actions/Notification/notificationActions.js @@ -0,0 +1,15 @@ +import { ADD_NOTIFICATIONS, REMOVE_NOTIFICATIONS } from './notificationTypes'; + +export const addNotifications = value => { + return { + type: ADD_NOTIFICATIONS, + value + }; +}; + +export const removeNotifications = () => { + return { + type: REMOVE_NOTIFICATIONS, + value: [] + }; +}; diff --git a/src/react/src/actions/Notification/notificationTypes.js b/src/react/src/actions/Notification/notificationTypes.js new file mode 100644 index 000000000..1aa46d00d --- /dev/null +++ b/src/react/src/actions/Notification/notificationTypes.js @@ -0,0 +1,2 @@ +export const ADD_NOTIFICATIONS = 'ADD_NOTIFICATIONS'; +export const REMOVE_NOTIFICATIONS = 'REMOVE_NOTIFICATIONS'; diff --git a/src/react/src/actions/Panel/panelTypes.js b/src/react/src/actions/Panel/panelTypes.js new file mode 100644 index 000000000..3c5615340 --- /dev/null +++ b/src/react/src/actions/Panel/panelTypes.js @@ -0,0 +1 @@ +export const REFRESH_PANEL = 'REFRESH_PANEL'; diff --git a/src/react/src/actions/Session/sessionActions.js b/src/react/src/actions/Session/sessionActions.js new file mode 100644 index 000000000..5f1823c57 --- /dev/null +++ b/src/react/src/actions/Session/sessionActions.js @@ -0,0 +1,273 @@ +import { LOGIN, LOGOUT, LOGGED_OUT_AS, CHECK_AUTH, RESET_PASSWORD } from './sessionTypes'; +import { checkAuth, signIn, signInAs, signOut } from 'src/services/session'; +import { resetPassword } from 'src/ControlPanelService/ResetPassword'; +import { resetAuthToken, setAuthToken } from 'src/utils/token'; +import { REFRESH_COUNTERS } from '../MenuCounters/menuCounterTypes'; +import { SET_USER_SESSION } from '../UserSession/userSessionTypes'; +import { REFRESH_PANEL } from '../Panel/panelTypes'; + +const LOGOUT_RESPONSE = 'logged_out'; +const LOGOUT_AS_RESPONSE = 'logged_out_as'; + +export const login = (user, password) => dispatch => { + return new Promise((resolve, reject) => { + signIn({ user, password }).then((response) => { + const { error, session, token, panel, data, user, i18n } = response.data; + + if (token) setAuthToken(token); + + dispatch({ + type: LOGIN, + value: { + token: token || '', + i18n: i18n || {}, + userName: user, + error + }, + }); + dispatch({ + type: REFRESH_PANEL, + value: { + panel + } + }); + dispatch({ + type: REFRESH_COUNTERS, + value: { + user: data, + } + }); + dispatch({ + type: SET_USER_SESSION, + value: session + }); + resolve(token); + }, (error) => { + reject(error); + }); + }); +} + +export const reset = ({ user = '', code = '', password = '', password_confirm = '' }) => dispatch => { + return new Promise((resolve, reject) => { + resetPassword(user, code, password, password_confirm).then((response) => { + const { error, session, token, panel, user } = response.data; + + dispatch({ + type: RESET_PASSWORD, + value: { + token, + userName: user, + error + }, + }); + dispatch({ + type: REFRESH_PANEL, + value: { + panel + } + }); + dispatch({ + type: REFRESH_COUNTERS, + value: { + user: {}, + } + }); + dispatch({ + type: SET_USER_SESSION, + value: session + }); + resolve(token); + }, (error) => { + reject(error); + }); + }); +} + +export const loginAs = username => dispatch => { + return new Promise((resolve, reject) => { + signInAs(username).then((response) => { + const { error, token, session, panel, data, user, i18n } = response.data; + if (token) setAuthToken(token); + + dispatch({ + type: LOGIN, + value: { + userName: user, + i18n, + token, + error + } + }); + dispatch({ + type: REFRESH_PANEL, + value: { + panel + } + }); + dispatch({ + type: REFRESH_COUNTERS, + value: { + user: data, + } + }); + dispatch({ + type: SET_USER_SESSION, + value: session + }); + + resolve(token); + }, (error) => { + console.error(error); + reject(); + }); + }); +} + +export const logout = () => (dispatch, getState) => { + return new Promise((resolve, reject) => { + signOut().then((response) => { + const { logout_response, error, userName, user, i18n, session, panel } = response.data; + + if (logout_response === LOGOUT_RESPONSE) { + resetAuthToken(); + + dispatch({ + type: LOGOUT, + value: { + userName: '', + token: '', + session: {}, + i18n: [], + error, + }, + }); + dispatch({ + type: REFRESH_PANEL, + value: { + panel: {} + } + }); + dispatch({ + type: REFRESH_COUNTERS, + value: { + user: {}, + } + }); + dispatch({ + type: SET_USER_SESSION, + value: {} + }); + + resolve(); + } else if (logout_response === LOGOUT_AS_RESPONSE) { + dispatch({ + type: LOGGED_OUT_AS, + value: { + userName, + token: '', + i18n, + error, + }, + }); + dispatch({ + type: REFRESH_PANEL, + value: { + panel + } + }); + dispatch({ + type: REFRESH_COUNTERS, + value: { + user, + } + }); + dispatch({ + type: SET_USER_SESSION, + value: session + }); + + resolve(); + } else { + resolve(`Error while signing out: ${logout_response}`); + } + }, (error) => { + console.error(error); + reject(); + }); + }); +} + +export const checkAuthHandler = () => (dispatch, getState) => { + return new Promise((resolve, reject) => { + checkAuth() + .then(res => { + const { user, data, session, panel, error, i18n, token } = res.data; + + if (token) setAuthToken(token); + + dispatch({ + type: CHECK_AUTH, + value: { + userName: user, + i18n, + token, + error + } + }); + dispatch({ + type: REFRESH_PANEL, + value: { + panel + } + }); + dispatch({ + type: REFRESH_COUNTERS, + value: { + user: data, + } + }); + dispatch({ + type: SET_USER_SESSION, + value: session + }); + + resolve(token); + }) + .catch(err => { + reject(); + console.error(err); + }); + }); +} + +export const refreshUserSession = () => (dispatch, getState) => { + return new Promise((resolve, reject) => { + checkAuth() + .then(res => { + const { session, token } = res.data; + + if (token) setAuthToken(token); + dispatch({ + type: SET_USER_SESSION, + value: session + }); + + resolve(token); + }) + .catch(err => { + reject(); + console.error(err); + }); + }); +} + +export const removeToken = () => { + return { + type: LOGOUT, + value: { + token: '', + error: '' + } + } +} diff --git a/src/react/src/actions/Session/sessionTypes.js b/src/react/src/actions/Session/sessionTypes.js new file mode 100644 index 000000000..2dfd6c1e5 --- /dev/null +++ b/src/react/src/actions/Session/sessionTypes.js @@ -0,0 +1,6 @@ +export const LOGIN = 'LOGIN'; +export const LOGOUT = 'LOGOUT'; +export const LOGIN_AS = 'LOGIN_AS'; +export const CHECK_AUTH = 'CHECK_AUTH'; +export const LOGGED_OUT_AS = 'LOGGED_OUT_AS'; +export const RESET_PASSWORD = 'RESET_PASSWORD'; \ No newline at end of file diff --git a/src/react/src/actions/UserSession/userSessionActions.js b/src/react/src/actions/UserSession/userSessionActions.js new file mode 100644 index 000000000..a59b04773 --- /dev/null +++ b/src/react/src/actions/UserSession/userSessionActions.js @@ -0,0 +1,8 @@ +import { SET_USER_SESSION } from './userSessionTypes'; + +export const setUserSession = value => { + return { + type: SET_USER_SESSION, + value + }; +}; diff --git a/src/react/src/actions/UserSession/userSessionTypes.js b/src/react/src/actions/UserSession/userSessionTypes.js new file mode 100644 index 000000000..56d1b41f5 --- /dev/null +++ b/src/react/src/actions/UserSession/userSessionTypes.js @@ -0,0 +1 @@ +export const SET_USER_SESSION = 'SET_USER_SESSION'; \ No newline at end of file diff --git a/src/react/src/components/Backup/Backup.jsx b/src/react/src/components/Backup/Backup.jsx new file mode 100644 index 000000000..b1c8d0d18 --- /dev/null +++ b/src/react/src/components/Backup/Backup.jsx @@ -0,0 +1,85 @@ +import React, { } from 'react'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import ListItem from '../ControlPanel/ListItem/ListItem'; +import Container from '../ControlPanel/Container/Container'; +import { faFileDownload } from '@fortawesome/free-solid-svg-icons' +import './Backup.scss'; +import { Link } from 'react-router-dom'; +import { useSelector } from 'react-redux'; + +const Backup = props => { + const { data } = props; + const { i18n } = useSelector(state => state.session); + const token = localStorage.getItem("token"); + + const toggleFav = (starred) => { + if (starred) { + props.toggleFav(props.data.NAME, 'add'); + } else { + props.toggleFav(props.data.NAME, 'delete'); + } + } + + const checkItem = () => { + props.checkItem(props.data.NAME); + } + + const handleDelete = () => { + props.handleModal(data.delete_conf, `/api/v1/delete/backup/?backup=${data.NAME}`); + } + + return ( + + + +
{data.NAME}
+
+ +
{i18n['Backup Size']}: {data.SIZE}{i18n.mb}
+ + +
{i18n.Type}: {data.TYPE}
+ + +
{i18n['Run Time']}: {data.RUNTIME} minute
+ +
+ +
+ + {data.UPDATED === 'no' && } + + + +
+ + {i18n['configure restore settings']} + {data.FOCUSED ? : } + +
+ +
+ +
+ +
+ + ); +} + +export default Backup; \ No newline at end of file diff --git a/src/react/src/components/Backup/Backup.scss b/src/react/src/components/Backup/Backup.scss new file mode 100644 index 000000000..447105840 --- /dev/null +++ b/src/react/src/components/Backup/Backup.scss @@ -0,0 +1,7 @@ +.backups-wrapper .list-item .c-1 div > span { + padding-left: 15px; +} + +.backups-restore-details .list-item .star { + display: none; +} \ No newline at end of file diff --git a/src/react/src/components/Backup/Exclusion/Edit/index.jsx b/src/react/src/components/Backup/Exclusion/Edit/index.jsx new file mode 100644 index 000000000..ffc3ad1f4 --- /dev/null +++ b/src/react/src/components/Backup/Exclusion/Edit/index.jsx @@ -0,0 +1,133 @@ +import React, { useEffect, useState } from 'react'; +import { addActiveElement, removeFocusedElement } from "src/actions/MainNavigation/mainNavigationActions"; +import { updateBackupExclusions, getBackupExclusionsInfo } from 'src/ControlPanelService/Backup'; +import TextArea from 'src/components/ControlPanel/AddItemLayout/Form/TextArea/TextArea'; +import AddItemLayout from 'src/components/ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Toolbar from 'src/components/MainNav/Toolbar/Toolbar'; +import Spinner from 'src/components/Spinner/Spinner'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import { Helmet } from 'react-helmet'; + +import './style.scss'; +import HtmlParser from 'react-html-parser'; + +const EditBackupExclusions = () => { + const token = localStorage.getItem("token"); + const { i18n } = useSelector(state => state.session); + const history = useHistory(); + const dispatch = useDispatch(); + const [errorMessage, setErrorMessage] = useState(''); + const [okMessage, setOkMessage] = useState(''); + const [state, setState] = useState({ + data: {}, + loading: false + }); + + useEffect(() => { + dispatch(addActiveElement('/list/backup/')); + dispatch(removeFocusedElement()); + + setState({ ...state, loading: true }); + fetchData(); + }, []); + + const fetchData = () => { + getBackupExclusionsInfo() + .then(response => { + setState({ + ...state, + data: response.data, + loading: false + }); + }) + .catch(err => console.error(err)); + } + + const submitFormHandler = event => { + event.preventDefault(); + let updatedExclusions = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + updatedExclusions[name] = value; + } + + updatedExclusions['token'] = token; + updatedExclusions['save'] = 'save'; + + if (Object.keys(updatedExclusions).length !== 0 && updatedExclusions.constructor === Object) { + setState({ ...state, loading: true }); + + updateBackupExclusions(updatedExclusions) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + setErrorMessage(error_msg || ''); + setOkMessage(ok_msg || ''); + } + }) + .then(() => fetchData()) + .catch(err => console.error(err)); + } + } + + return ( +
+ + {`Vesta - ${i18n.BACKUP}`} + + +
+
{i18n['Editing Backup Exclusions']}
+
+ + {errorMessage ? : ''} {errorMessage} + +
+
+ + {okMessage ? : ''} {HtmlParser(okMessage)} + +
+ + + {state.loading ? : +
submitFormHandler(event)} id="edit-backup-exclusions"> + +
+ ); +} + +export default TextArea; diff --git a/src/react/src/components/ControlPanel/AddItemLayout/Form/TextArea/TextArea.scss b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextArea/TextArea.scss new file mode 100644 index 000000000..e69de29bb diff --git a/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInput/TextInput.jsx b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInput/TextInput.jsx new file mode 100644 index 000000000..a254a6079 --- /dev/null +++ b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInput/TextInput.jsx @@ -0,0 +1,35 @@ +import React, { useEffect, useState } from 'react'; + +const TextInput = ({ id, name, title, optionalTitle = '', type = 'text', onChange = () => { }, value = '', disabled = false }) => { + const [inputValue, setInputValue] = useState(''); + + useEffect(() => { + if (value) { + setInputValue(value); + } + }, [value]); + + const changeInputHandler = event => { + setInputValue(event.target.value); + onChange(event); + } + + return ( +
+ + +
+ ); +} + +export default TextInput; diff --git a/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInput/TextInput.scss b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInput/TextInput.scss new file mode 100644 index 000000000..e69de29bb diff --git a/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithExtraButton/TextInputWithExtraButton.jsx b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithExtraButton/TextInputWithExtraButton.jsx new file mode 100644 index 000000000..bab4c6698 --- /dev/null +++ b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithExtraButton/TextInputWithExtraButton.jsx @@ -0,0 +1,44 @@ +import React, { useEffect, useState } from 'react'; + +const TextInputWithExtraButton = props => { + const [state, setState] = useState({ + value: '', + previousValue: '' + }); + + useEffect(() => { + setState({ ...state, value: props.value }); + }, [props.value]); + + useEffect(() => { + setState({ ...state, value: props.value, previousValue: props.value }); + }, []); + + const changeValue = event => { + let inputValue = event.target.value; + + setState({ ...state, value: inputValue, previousValue: inputValue }); + } + + return ( +
+ +
+ + {props.children} +
+
+ ); +} + +export default TextInputWithExtraButton; \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithExtraButton/TextInputWithExtraButton.scss b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithExtraButton/TextInputWithExtraButton.scss new file mode 100644 index 000000000..e69de29bb diff --git a/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithTextOnTheRight/TextInputWithTextOnTheRight.jsx b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithTextOnTheRight/TextInputWithTextOnTheRight.jsx new file mode 100644 index 000000000..1b7f9d0d6 --- /dev/null +++ b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithTextOnTheRight/TextInputWithTextOnTheRight.jsx @@ -0,0 +1,36 @@ +import React, { useEffect, useState } from 'react'; + +import './TextInputWithTextOnTheRight.scss'; + +const TextInputWithTextOnTheRight = ({ id, title, name, defaultValue = '', optionalTitle = '', disabled = false }) => { + const [inputValue, setInputValue] = useState(''); + + useEffect(() => { + if (defaultValue) { + setInputValue(defaultValue); + } + }, [defaultValue]); + + return ( +
+ +
+ setInputValue(event.target.value)} + disabled={disabled} + name={name} /> + {`${inputValue}`} +
+
+ ); +} + +export default TextInputWithTextOnTheRight; \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithTextOnTheRight/TextInputWithTextOnTheRight.scss b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithTextOnTheRight/TextInputWithTextOnTheRight.scss new file mode 100644 index 000000000..311fc502a --- /dev/null +++ b/src/react/src/components/ControlPanel/AddItemLayout/Form/TextInputWithTextOnTheRight/TextInputWithTextOnTheRight.scss @@ -0,0 +1,11 @@ +.form-group.text-on-the-right { + .input-wrapper { + display: flex; + align-items: center; + + span { + margin-left: 15px; + color: #777; + } + } +} \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/Container/Container.jsx b/src/react/src/components/ControlPanel/Container/Container.jsx new file mode 100644 index 000000000..1ab24f8a3 --- /dev/null +++ b/src/react/src/components/ControlPanel/Container/Container.jsx @@ -0,0 +1,12 @@ +import React from 'react'; +import './Container.scss'; + +const Container = props => { + return( +
+ {props.children} +
+ ); +} + +export default Container; \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/Container/Container.scss b/src/react/src/components/ControlPanel/Container/Container.scss new file mode 100644 index 000000000..13ca12e1a --- /dev/null +++ b/src/react/src/components/ControlPanel/Container/Container.scss @@ -0,0 +1,47 @@ +.l-col { + padding-left: 15px; +} + +.r-col { + font-size: 13px; +} + +.w-14 { + width: 14.3%; +} + +.w-20 { + width: 20%; +} + +.w-25 { + width: 25%; +} + +.w-30 { + width: 30%; +} + +.w-35 { + width: 35%; +} + +.w-40 { + width: 40%; +} + +.w-45 { + width: 45%; +} + +.w-50 { + width: 50%; +} + +.w-60 { + width: 60%; +} + +.w-85 { + width: 85%; +} \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/Hotkeys/Hotkeys.jsx b/src/react/src/components/ControlPanel/Hotkeys/Hotkeys.jsx new file mode 100644 index 000000000..6a8dbea6f --- /dev/null +++ b/src/react/src/components/ControlPanel/Hotkeys/Hotkeys.jsx @@ -0,0 +1,107 @@ +import React, { useEffect } from 'react'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import './Hotkeys.scss'; +import { useSelector } from 'react-redux'; + +const Hotkeys = props => { + const { i18n } = useSelector(state => state.session); + + useEffect(() => { + window.addEventListener("keyup", toggleShortcutsLit); + + return () => window.removeEventListener("keyup", toggleShortcutsLit); + }, [props.reference]); + + const toggleShortcutsLit = event => { + let isSearchInputFocused = document.querySelector('input:focus') || document.querySelector('textarea:focus'); + + if (event.keyCode === 72 && !isSearchInputFocused) { + props.toggleHotkeys(); + } + } + + return ( +
+
+
{i18n.Shortcuts}
+
props.toggleHotkeys()}>
+
+
+
    +
  • + a + {i18n['Add New object']} +
    • +
  • + Ctrl + Open + {i18n['Save Form']} +
    • +
  • + Ctrl + Backspace + {i18n['Cancel saving form']} +
    • +
  • + 1 + {i18n['Go to USER list']} +
    • +
  • + 2 + {i18n['Go to WEB list']} +
    • +
  • + 3 + {i18n['Go to DNS list']} +
    • +
  • + 4 + {i18n['Go to MAIL list']} +
    • +
  • + 5 + {i18n['Go to DB list']} +
    • +
  • + 6 + {i18n['Go to CRON list']} +
    • +
  • + 7 + {i18n['Go to BACKUP list']} +
    • +
+
    +
  • + f + {i18n['Focus on search']} +
    • +
  • + h + {i18n['Display/Close shortcuts']} +
    • +
  • + + {i18n['Move backward through top menu']} +
    • +
  • + + {i18n['Move forward through top menu']} +
    • +
  • + Enter + {i18n['Enter focused element']} +
    • +
  • + + {i18n['Move up through elements list']} +
    • +
  • + + {i18n['Move down through elements list']} +
    • +
+
+
+ ); +} + +export default Hotkeys; \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/Hotkeys/Hotkeys.scss b/src/react/src/components/ControlPanel/Hotkeys/Hotkeys.scss new file mode 100644 index 000000000..254d5b1ab --- /dev/null +++ b/src/react/src/components/ControlPanel/Hotkeys/Hotkeys.scss @@ -0,0 +1,78 @@ +$secondary: #fcac04; + +.hotkeys-list { + position: fixed; + bottom: 0; + right: 0; + display: flex; + flex-direction: column; + transform: translateX(-45%); + width: 53%; + background: #222e44de; + font-size: 13px; + + .head { + display: flex; + justify-content: space-between; + align-items: center; + border-bottom: 1px solid $secondary; + + .name { + text-transform: uppercase; + padding: 5px 0 5px 10px; + font-size: 12px; + font-weight: bold; + color: $secondary; + letter-spacing: 2px; + padding: 15px; + } + + .close { + padding: 12px; + opacity: 1 !important; + + svg { + color: $secondary; + } + + &:hover { + cursor: pointer; + background: #222e44; + } + } + } + + .body { + display: flex; + + ul { + padding: 25px 10px; + margin: 0; + width: 50%; + list-style: none; + margin-left: 3rem; + + li { + padding: 5px; + + span.name { + margin-right: 15px; + color: $secondary; + font-weight: bold; + } + + span.description { + color: white; + } + } + + li.space-top { + padding-top: 30px; + } + } + } +} + +.hide { + display: none; +} \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/ListItem/ListItem.jsx b/src/react/src/components/ControlPanel/ListItem/ListItem.jsx new file mode 100644 index 000000000..8d5d1cd99 --- /dev/null +++ b/src/react/src/components/ControlPanel/ListItem/ListItem.jsx @@ -0,0 +1,90 @@ +import React, { Component, useEffect, useState } from 'react'; +import Container from '../Container/Container'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import { useSelector } from 'react-redux'; +import './ListItem.scss'; + +const ListItem = (props) => { + const { i18n } = useSelector(state => state.session); + const [state, setState] = useState({ starred: false }); + + useEffect(() => { + if (props.hasOwnProperty('starred')) { + setState({ ...state, starred: Boolean(props.starred) }); + } + }, [props.starred]); + + const printDate = date => { + if (date) { + let newDate = new Date(date); + let day = newDate.getDate(); + let month = newDate.getMonth() + 1; + let year = newDate.getFullYear(); + let months = ['Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec']; + + return
{day}   {months[month - 1]}   {year}
; + } + } + + const toggleItem = () => { + props.checkItem(); + } + + const starItem = () => { + setState({ ...state, starred: !state.starred }); + props.toggleFav(!state.starred); + } + + const className = () => { + const { starred } = state; + const { checked, outdated, suspended, stopped, focused, sysInfo } = props; + let className = 'list-item'; + + if (checked) { + className += ' toggled'; + } + + if (starred) { + className += ' starred'; + } + + if (outdated) { + className += ' outdated'; + } + + if (suspended || stopped) { + className += ' suspended'; + } + + if (focused) { + className += ' focused'; + } + + if (sysInfo) { + className += ' sys-info'; + } + + return className; + } + + return ( +
+ + {printDate(props.date)} +
+
+ {props.leftNameText} +
+
+
+
+
+ {props.suspended &&
{i18n.suspended}
} + {props.stopped &&
{i18n.stopped}
} + + {props.children} +
+ ); +} + +export default ListItem; diff --git a/src/react/src/components/ControlPanel/ListItem/ListItem.scss b/src/react/src/components/ControlPanel/ListItem/ListItem.scss new file mode 100644 index 000000000..850271ce1 --- /dev/null +++ b/src/react/src/components/ControlPanel/ListItem/ListItem.scss @@ -0,0 +1,156 @@ +@import 'src/utils/scss/variables'; + +.list-item { + display: flex; + justify-content: flex-start; + align-items: flex-start; + padding-left: 15px; + font-size: 18px; + position: relative; + padding: 25px 0; + border-left: 2px solid white; + border-bottom: 1px solid #ddd; + color: rgb(104, 104, 104); + + &:hover .l-col div.star div svg, + &:hover .actions { + opacity: 1; + } + + .l-col { + .suspended { + letter-spacing: 3px; + } + + .text-status { + font-size: 10px; + } + + div.star { + display: flex; + align-items: center; + + div.checkbox { + margin: 0 25% 4px 0; + } + } + } + + .r-col { + .stats { + div > span { + width: 50%; + text-align: left; + } + + .c-2 div > span { + width: 50%; + } + } + + div.bandwidth span, + div.disk span { + width: auto; + } + } + + .date { + font-size: 13px; + margin: 20px 0 10px; + } +} + +.list-item.toggled { + background: #feef9a; +} + +.list-item.starred { + border-left: 2px solid $primary; + + .l-col div.star { + div > svg { + opacity: 1; + color: $primary; + } + } +} + +.list-item.suspended { + background: #eaeaea; + color: #c0c0c0; + + .r-col div, .r-col span { + color: #c0c0c0 !important; + } +} + +.list-item.suspended.toggled { + background: #f2eab8; + color: #b2ac87; + + .l-col, + .r-col .name, + .r-col .stats { + color: #b2ac87 !important; + } +} + +.list-item.outdated { + background: #ffcaca; + border-left: 5px solid #ff6f6f; +} + +.list-item.toggled.outdated { + background: #755d5d; + color: black; + + .stat { + color: black; + } +} + +.list-item.stopped { + background: #eaeaea; +} + +.list-item.focused { + border-left: 2px solid $secondaryLight; + + .l-col div.star { + div > svg { + color: $secondaryLight; + } + } + + .actions { + opacity: 1; + + div > a, + div > button { + padding-top: 6.5px; + padding-bottom: 6.5px; + + .shortcut-button { + border-radius: 50%; + width: 25px; + height: 25px; + margin-left: 15px; + background: $secondaryLight; + color: white; + display: flex; + justify-content: center; + align-items: center; + font-size: 14px; + } + + .shortcut-button.html-unicode { + align-items: flex-end; + } + + .shortcut-button.del { + text-transform: capitalize; + font-size: 10px; + } + } + } +} \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/LoginLayout/LoginLayout.jsx b/src/react/src/components/ControlPanel/LoginLayout/LoginLayout.jsx new file mode 100644 index 000000000..c2e5c90c1 --- /dev/null +++ b/src/react/src/components/ControlPanel/LoginLayout/LoginLayout.jsx @@ -0,0 +1,14 @@ +import React from 'react'; + +import '../AddItemLayout/AddItemLayout.scss'; +import './LoginLayout.scss'; + +const LoginLayout = ({ children }) => { + return ( +
+ {children} +
+ ); +} + +export default LoginLayout; \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/LoginLayout/LoginLayout.scss b/src/react/src/components/ControlPanel/LoginLayout/LoginLayout.scss new file mode 100644 index 000000000..f7bcbe6a1 --- /dev/null +++ b/src/react/src/components/ControlPanel/LoginLayout/LoginLayout.scss @@ -0,0 +1,4 @@ +.login-layout { + margin-top: 1rem; + padding: 2rem 3rem; +} \ No newline at end of file diff --git a/src/react/src/components/ControlPanel/Modal/Modal.jsx b/src/react/src/components/ControlPanel/Modal/Modal.jsx new file mode 100644 index 000000000..0947a11c7 --- /dev/null +++ b/src/react/src/components/ControlPanel/Modal/Modal.jsx @@ -0,0 +1,33 @@ +import React from 'react'; +import { useSelector } from 'react-redux'; +import './Modal.scss'; + +const Modal = ({ show, text, onSave, onCancel, showSaveButton = true, showCancelButton = true }) => { + const { i18n } = useSelector(state => state.session); + + return ( +
+ +
+ ) +}; + +export default Modal; diff --git a/src/react/src/components/ControlPanel/Modal/Modal.scss b/src/react/src/components/ControlPanel/Modal/Modal.scss new file mode 100644 index 000000000..fb42315a4 --- /dev/null +++ b/src/react/src/components/ControlPanel/Modal/Modal.scss @@ -0,0 +1,20 @@ +@import 'src/utils/scss/variables'; + +div.modal { + z-index: 2; +} + +div.content .modal .modal-content { + width: 75%; + + .modal-header button.close { + color: white; + } + + .modal-footer { + .btn-primary { + background: $primary; + border: 1px solid $primary; + } + } +} diff --git a/src/react/src/components/CronJob/Add/AddCronJob.jsx b/src/react/src/components/CronJob/Add/AddCronJob.jsx new file mode 100644 index 000000000..e9d52c12c --- /dev/null +++ b/src/react/src/components/CronJob/Add/AddCronJob.jsx @@ -0,0 +1,199 @@ +import React, { useEffect, useState } from 'react'; + +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import { addCronJob } from '../../../ControlPanelService/Cron'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import Generator from '../Generator/Generator'; +import { useHistory } from 'react-router-dom'; +import Spinner from '../../Spinner/Spinner'; +import { useDispatch, useSelector } from 'react-redux'; + +import './AddCronJob.scss'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const AddCronJob = props => { + const { i18n } = useSelector(state => state.session); + const token = localStorage.getItem("token"); + const history = useHistory(); + const dispatch = useDispatch(); + const [state, setState] = useState({ + loading: false, + okMessage: '', + errorMessage: '', + generatedCronJob: { + h_min: '*', + h_hour: '*', + h_day: '*', + h_wday: '*', + h_month: '*' + } + }); + + useEffect(() => { + dispatch(addActiveElement('/list/cron/')); + dispatch(removeFocusedElement()); + }, []); + + const submitFormHandler = event => { + event.preventDefault(); + let newCronJob = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + newCronJob[name] = value; + } + + if (Object.keys(newCronJob).length !== 0 && newCronJob.constructor === Object) { + setState({ ...state, loading: true }); + addCronJob(newCronJob) + .then(result => { + if (result.status === 200) { + const { error_msg: errorMessage, ok_msg: okMessage } = result.data; + + if (errorMessage) { + setState({ ...state, errorMessage, okMessage, loading: false }); + } else { + dispatch(refreshCounters()).then(() => { + setState({ ...state, okMessage, errorMessage: '', loading: false }); + }); + } + } + }) + .catch(err => console.error(err)); + } + } + + const saveGeneratedCronJob = generatedCronJob => { + setState({ + ...state, + generatedCronJob + }); + } + + const changeInput = input => { + let updatedGeneratedCronJob = { + ...state.generatedCronJob, + [input.id]: input.value + }; + + setState({ + ...state, + generatedCronJob: updatedGeneratedCronJob + }); + } + + return ( +
+ + {`Vesta - ${i18n.CRON}`} + + +
+
{i18n['Adding Cron Job']}
+
+ + {state.errorMessage ? : ''} + {state.errorMessage} +
+
+ + {state.okMessage ? : ''} + {HtmlParser(state.okMessage)} + +
+ + + {state.loading ? : ( + submitFormHandler(event)}> + + + +
+ + +
+ +
+ +
+
+ + changeInput(event.target)} + value={state.generatedCronJob.h_min} + name="v_min" /> +
+ +
+ + changeInput(event.target)} + value={state.generatedCronJob.h_hour} + name="v_hour" /> +
+ +
+ + changeInput(event.target)} + value={state.generatedCronJob.h_day} + name="v_day" /> +
+ +
+ + changeInput(event.target)} + value={state.generatedCronJob.h_month} + name="v_month" /> +
+ +
+ + changeInput(event.target)} + value={state.generatedCronJob.h_wday} + name="v_wday" /> +
+
+ +
+ +
+ +
+ +
+ + +
+ + )} + +
+ ); +} + +export default AddCronJob; \ No newline at end of file diff --git a/src/react/src/components/CronJob/Add/AddCronJob.scss b/src/react/src/components/CronJob/Add/AddCronJob.scss new file mode 100644 index 000000000..d96fdf014 --- /dev/null +++ b/src/react/src/components/CronJob/Add/AddCronJob.scss @@ -0,0 +1,31 @@ +.edit-template.add-cron { + form { + .form-group { + width: 100%; + + input { + width: inherit; + } + } + + .form-group.command { + width: 100%; + } + + .cron-form-body { + display: flex; + + .body-col-1 { + width: 30%; + } + + .body-col-2 { + display: flex; + justify-content: flex-start; + align-items: flex-start; + padding: 1.7rem 1rem; + width: 70%; + } + } + } +} \ No newline at end of file diff --git a/src/react/src/components/CronJob/CronJob.jsx b/src/react/src/components/CronJob/CronJob.jsx new file mode 100644 index 000000000..0d4c8099d --- /dev/null +++ b/src/react/src/components/CronJob/CronJob.jsx @@ -0,0 +1,96 @@ +import React from 'react'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import ListItem from '../ControlPanel/ListItem/ListItem'; +import Container from '../ControlPanel/Container/Container'; +import './CronJob.scss'; +import { Link } from 'react-router-dom'; +import { useSelector } from 'react-redux'; + +const CronJob = props => { + const { data } = props; + const { i18n } = useSelector(state => state.session); + const token = localStorage.getItem("token"); + + const toggleFav = (starred) => { + if (starred) { + props.toggleFav(props.data.NAME, 'add'); + } else { + props.toggleFav(props.data.NAME, 'delete'); + } + } + + const checkItem = () => { + props.checkItem(props.data.NAME); + } + + const handleSuspend = () => { + let suspendedStatus = data.SUSPENDED === 'yes' ? 'unsuspend' : 'suspend' === 'yes' ? 'unsuspend' : 'suspend'; + props.handleModal(data.suspend_conf, `/api/v1/${suspendedStatus}/cron/index.php?job=${data.NAME}`); + } + + const handleDelete = () => { + props.handleModal(data.delete_conf, `/api/v1/delete/cron/index.php?job=${data.NAME}`); + } + + return ( + + + +
{data.CMD}
+
+ +
{i18n.Min} {data.MIN}
+ + +
{i18n.Hour} {data.HOUR}
+ + +
{i18n.Day} {data.DAY}
+ + +
{i18n.Month} {data.MONTH}
+ + +
{i18n['Day of week']} {data.WDAY}
+ +
+ +
+ +
+ + {i18n.edit} + {data.FOCUSED ? : } + +
+ +
+ +
+ +
+ +
+ +
+ + ); +} + +export default CronJob; \ No newline at end of file diff --git a/src/react/src/components/CronJob/CronJob.scss b/src/react/src/components/CronJob/CronJob.scss new file mode 100644 index 000000000..4c4f86c20 --- /dev/null +++ b/src/react/src/components/CronJob/CronJob.scss @@ -0,0 +1,13 @@ +.cron-jobs-list.r-col .name { + font-size: 25px; +} + +.cron-col > div { + display: flex; + flex-direction: column; + + span { + font-size: 18px; + font-weight: bolder; + } +} \ No newline at end of file diff --git a/src/react/src/components/CronJob/Edit/EditCronJob.jsx b/src/react/src/components/CronJob/Edit/EditCronJob.jsx new file mode 100644 index 000000000..87ba1fed9 --- /dev/null +++ b/src/react/src/components/CronJob/Edit/EditCronJob.jsx @@ -0,0 +1,209 @@ +import React, { useEffect, useState } from 'react'; +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import { getCronJobInfo, updateCronJob } from '../../../ControlPanelService/Cron'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Spinner from '../../../components/Spinner/Spinner'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import Generator from '../Generator/Generator'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import QS from 'qs'; + +import './EditCronJob.scss'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const EditMail = props => { + const token = localStorage.getItem("token"); + const { i18n } = useSelector(state => state.session); + const history = useHistory(); + const dispatch = useDispatch(); + const [errorMessage, setErrorMessage] = useState(''); + const [okMessage, setOkMessage] = useState(''); + const [state, setState] = useState({ + data: {}, + loading: false, + generatedCronJob: { + h_min: '*', + h_hour: '*', + h_day: '*', + h_wday: '*', + h_month: '*' + } + }); + + useEffect(() => { + let queryParams = QS.parse(history.location.search, { ignoreQueryPrefix: true }); + const { job } = queryParams; + + dispatch(addActiveElement('/list/cron/')); + dispatch(removeFocusedElement()); + + if (job) { + setState({ ...state, loading: true }); + fetchData(job) + } + }, []); + + const fetchData = job => { + getCronJobInfo(job) + .then(response => { + setState({ + ...state, + generatedCronJob: { + ...state.generatedCronJob, + h_min: response.data.min, + h_hour: response.data.hour, + h_day: response.data.day, + h_wday: response.data.wday, + h_month: response.data.month + }, + data: response.data, + loading: false + }); + }) + .catch(err => { + setState({ ...state, loading: false }); + console.error(err); + }); + } + + const submitFormHandler = event => { + event.preventDefault(); + let updatedJob = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + updatedJob[name] = value; + } + + if (Object.keys(updatedJob).length !== 0 && updatedJob.constructor === Object) { + setState({ ...state, loading: true }); + + updateCronJob(updatedJob, state.data.job) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + if (error_msg) { + setOkMessage(''); + setErrorMessage(error_msg); + } else { + dispatch(refreshCounters()).then(() => { + setOkMessage(ok_msg); + setErrorMessage(''); + }); + } + } + }) + .then(() => fetchData(state.data.job)) + .catch(err => console.error(err)); + } + } + + const saveGeneratedCronJob = generatedCronJob => { + setState({ + ...state, + generatedCronJob + }); + } + + const changeInput = input => { + let updatedGeneratedCronJob = { + ...state.generatedCronJob, + [input.id]: input.value + }; + + setState({ + ...state, + generatedCronJob: updatedGeneratedCronJob + }); + } + + return ( +
+ + {`Vesta - ${i18n.CRON}`} + + +
+
{i18n['Editing Cron Job']}
+
+ + {errorMessage ? : ''} {errorMessage} + +
+
+ + {okMessage ? : ''} {HtmlParser(okMessage)} + +
+ + + {state.loading ? : +
submitFormHandler(event)} id="edit-cron"> + + + + + +
+ +
+ + + + + + + + + +
+ +
+ +
+ +
+ +
+ + +
+ + + } +
+
+ ); +} + +export default EditMail; \ No newline at end of file diff --git a/src/react/src/components/CronJob/Edit/EditCronJob.scss b/src/react/src/components/CronJob/Edit/EditCronJob.scss new file mode 100644 index 000000000..53a774ad6 --- /dev/null +++ b/src/react/src/components/CronJob/Edit/EditCronJob.scss @@ -0,0 +1,39 @@ +.edit-cron { + form { + .form-group { + width: 100%; + + input { + width: inherit; + } + } + + .form-group.command { + width: 100%; + } + + .cron-form-body { + display: flex; + + .body-col-1 { + width: 30%; + + input { + width: 100%; + } + } + + .body-col-2 { + display: flex; + justify-content: flex-start; + align-items: flex-start; + padding: 1.7rem 1rem; + width: 70%; + } + } + } +} + +#edit-cron > .form-group input { + width: 95% !important; +} \ No newline at end of file diff --git a/src/react/src/components/CronJob/Generator/Generator.jsx b/src/react/src/components/CronJob/Generator/Generator.jsx new file mode 100644 index 000000000..a70dc4a31 --- /dev/null +++ b/src/react/src/components/CronJob/Generator/Generator.jsx @@ -0,0 +1,75 @@ +import React, { useEffect, useRef, useState } from 'react'; + +import RunCommandSelect from './RunCommandSelect/RunCommandSelect'; +import SelectsWrapper from './OtherSelects/SelectsWrapper'; +import { Link, useHistory } from 'react-router-dom'; +import QS from 'qs'; + +import './Generator.scss'; +import { useSelector } from 'react-redux'; + +const Generator = props => { + const formElement = useRef(null); + const { i18n } = useSelector(state => state.session); + const history = useHistory(); + const [state, setState] = useState({ + activeTab: '1' + }); + + useEffect(() => { + let parsedQuery = QS.parse(history.location.search, { ignoreQueryPrefix: true }); + let activeTab = parsedQuery.activeTab || '1'; + + setState({ ...state, activeTab }); + }, [history.location.search]); + + const activeClassName = tab => { + return state.activeTab === tab ? 'active' : ''; + } + + const emulateFormSubmit = () => { + let generatedCronJob = {}; + + for (let i = 0; i <= 4; i++) { + let iterableFormElement = formElement.current[i]; + + generatedCronJob[iterableFormElement.name] = iterableFormElement.value; + } + + props.generatedCronJob(generatedCronJob); + } + + const formatLink = tab => { + const { job, mode } = props; + + return `/${mode}/cron/?${!!job ? `job=${job}&` : ''}activeTab=${tab}`; + } + + return ( +
+
+ {i18n.Minutes} + {i18n.Hourly} + {i18n.Daily} + {i18n.Weekly} + {i18n.Monthly} +
+ +
+ +
+ + + + +
+ +
+ + +
+
+ ); +} + +export default Generator; \ No newline at end of file diff --git a/src/react/src/components/CronJob/Generator/Generator.scss b/src/react/src/components/CronJob/Generator/Generator.scss new file mode 100644 index 000000000..c8dde332b --- /dev/null +++ b/src/react/src/components/CronJob/Generator/Generator.scss @@ -0,0 +1,110 @@ +@import 'src/utils/scss/variables'; + +.cron-job-generator { + border: 1px solid #d9d9d9; + padding: 1rem 1.5rem; + margin-left: 2rem; + width: 90%; + + .header { + display: flex; + padding: .4rem 0; + + a { + color: #222222; + text-transform: uppercase; + font-size: 11px; + font-weight: bolder; + margin-right: 2.3rem; + text-decoration: none; + + &:hover { + color: $secondaryLight; + } + + &:active { + color: $primaryActive; + } + } + + a.active { + color: $secondaryActive; + } + } + + .body { + padding: 2rem 0 .4rem; + + form { + + .form-group { + display: flex; + align-items: center; + + label { + width: 26%; + font-size: 13px; + margin: 0; + } + + input { + width: auto; + } + } + + .form-group.minute select { + width: 70px; + } + + .form-group select, + .form-group textarea { + border-radius: 0; + + &:hover { + border-color: #909090; + } + + &:focus, + &:active { + outline: none; + border-color: $primaryActive; + box-shadow: unset; + } + } + + .form-group select { + padding: .4rem .25rem; + border-color: #d9d9d9; + color: #555; + } + + .form-actions { + button { + background: $primary; + color: white; + border-radius: 3px; + padding: .35rem 1.1rem; + font-size: 14px; + + &:hover { + color: $hoverButtonText; + background: $primaryLight; + } + + &:active { + color: $activeButtonText; + background: $primaryActive; + } + } + } + + .form-group.show { + display: block; + } + + .form-group.hide { + display: none; + } + } + } +} \ No newline at end of file diff --git a/src/react/src/components/CronJob/Generator/OtherSelects/FifthTabSelects.jsx b/src/react/src/components/CronJob/Generator/OtherSelects/FifthTabSelects.jsx new file mode 100644 index 000000000..82c3036c0 --- /dev/null +++ b/src/react/src/components/CronJob/Generator/OtherSelects/FifthTabSelects.jsx @@ -0,0 +1,47 @@ +import React from 'react'; +import { useSelector } from 'react-redux'; +import { generatorOptions } from '../../../../ControlPanelService/GeneratorOptions'; + +export default function FifthTabSelects() { + const { i18n } = useSelector(state => state.session); + const { dailyMinutesOptions, hoursOptions, dateOptions } = generatorOptions(i18n); + + const renderDate = () => { + return dateOptions.map((option, index) => ); + } + + const renderHours = () => { + return hoursOptions.map((option, index) => ); + } + + const renderMinutes = () => { + return dailyMinutesOptions.map((option, index) => ); + } + + return ( +
+ + +
+ + +
+ +
+ + +
+ +
+ + +
+
+ ); +} \ No newline at end of file diff --git a/src/react/src/components/CronJob/Generator/OtherSelects/FourthTabSelects.jsx b/src/react/src/components/CronJob/Generator/OtherSelects/FourthTabSelects.jsx new file mode 100644 index 000000000..6b713e2af --- /dev/null +++ b/src/react/src/components/CronJob/Generator/OtherSelects/FourthTabSelects.jsx @@ -0,0 +1,37 @@ +import React from 'react'; +import { useSelector } from 'react-redux'; +import { generatorOptions } from '../../../../ControlPanelService/GeneratorOptions'; + +export default function FourthTabSelects() { + const { i18n } = useSelector(state => state.session); + const { dailyMinutesOptions, hoursOptions } = generatorOptions(i18n); + + const renderHours = () => { + return hoursOptions.map((option, index) => ); + } + + const renderMinutes = () => { + return dailyMinutesOptions.map((option, index) => ); + } + + return ( +
+ + + +
+ + +
+ +
+ + +
+
+ ); +} \ No newline at end of file diff --git a/src/react/src/components/CronJob/Generator/OtherSelects/SecondTabSelects.jsx b/src/react/src/components/CronJob/Generator/OtherSelects/SecondTabSelects.jsx new file mode 100644 index 000000000..589afbfe2 --- /dev/null +++ b/src/react/src/components/CronJob/Generator/OtherSelects/SecondTabSelects.jsx @@ -0,0 +1,27 @@ +import React from 'react'; +import { useSelector } from 'react-redux'; +import { generatorOptions } from '../../../../ControlPanelService/GeneratorOptions'; + +export default function SecondTabSelects() { + const { i18n } = useSelector(state => state.session); + const { hourlyMinutesOptions } = generatorOptions(i18n); + + const renderOptions = () => { + return hourlyMinutesOptions.map((option, index) => ); + } + + return ( +
+ + + + +
+ + +
+
+ ); +} \ No newline at end of file diff --git a/src/react/src/components/CronJob/Generator/OtherSelects/SelectsWrapper.jsx b/src/react/src/components/CronJob/Generator/OtherSelects/SelectsWrapper.jsx new file mode 100644 index 000000000..7d66054f6 --- /dev/null +++ b/src/react/src/components/CronJob/Generator/OtherSelects/SelectsWrapper.jsx @@ -0,0 +1,44 @@ +import React, { useEffect, useState } from 'react'; + +import SecondTabSelects from './SecondTabSelects'; +import ThirdTabSelects from './ThirdTabSelects'; +import FourthTabSelects from './FourthTabSelects'; +import FifthTabSelects from './FifthTabSelects'; + +import './SelectsWrapper.scss'; + +const OtherSelects = props => { + const [state, setState] = useState({ + activeTab: '' + }); + + useEffect(() => { + setState({ ...state, activeTab: props.activeTab }); + }, [props.activeTab]); + + const renderSelects = () => { + switch (state.activeTab) { + case '1': return ( +
+ + + + +
+ ) + case '2': return ; + case '3': return ; + case '4': return ; + case '5': return ; + default: break; + } + } + + return ( +
+ {renderSelects()} +
+ ); +} + +export default OtherSelects; diff --git a/src/react/src/components/CronJob/Generator/OtherSelects/SelectsWrapper.scss b/src/react/src/components/CronJob/Generator/OtherSelects/SelectsWrapper.scss new file mode 100644 index 000000000..05812b215 --- /dev/null +++ b/src/react/src/components/CronJob/Generator/OtherSelects/SelectsWrapper.scss @@ -0,0 +1,60 @@ +.cron-form-body { + .third-tab-selects, + .fourth-tab-selects { + display: flex; + + div.hour { + select { + width: 70px; + margin-left: 4.8rem; + } + } + + div.minute { + label { + margin: 0; + } + + select { + margin: 0; + } + } + } + + .fifth-tab-selects { + display: flex; + + > div { + width: 10%; + + select { + width: 70px; + } + } + + > div.date { + margin: 0 0 1rem 0; + } + + > div.minute { + width: 200px; + } + + > div.hour { + width: 155px; + margin-left: 1rem; + + select { + margin-left: .75rem; + } + } + + > div.date { + width: 240px; + + select { + margin-left: 5.85rem; + } + } + } +} \ No newline at end of file diff --git a/src/react/src/components/CronJob/Generator/OtherSelects/ThirdTabSelects.jsx b/src/react/src/components/CronJob/Generator/OtherSelects/ThirdTabSelects.jsx new file mode 100644 index 000000000..69d73fd62 --- /dev/null +++ b/src/react/src/components/CronJob/Generator/OtherSelects/ThirdTabSelects.jsx @@ -0,0 +1,37 @@ +import React from 'react'; +import { useSelector } from 'react-redux'; +import { generatorOptions } from '../../../../ControlPanelService/GeneratorOptions'; + +export default function ThirdTabSelects() { + const { i18n } = useSelector(state => state.session); + const { dailyMinutesOptions, hoursOptions } = generatorOptions(i18n); + + const renderHours = () => { + return hoursOptions.map((option, index) => ); + } + + const renderOptions = () => { + return dailyMinutesOptions.map((option, index) => ); + } + + return ( +
+ + + +
+ + +
+ +
+ + +
+
+ ); +} \ No newline at end of file diff --git a/src/react/src/components/CronJob/Generator/RunCommandSelect/RunCommandSelect.jsx b/src/react/src/components/CronJob/Generator/RunCommandSelect/RunCommandSelect.jsx new file mode 100644 index 000000000..a79cb54d0 --- /dev/null +++ b/src/react/src/components/CronJob/Generator/RunCommandSelect/RunCommandSelect.jsx @@ -0,0 +1,50 @@ +import React, { useEffect, useState } from 'react'; +import { useSelector } from 'react-redux'; +import { generatorOptions } from '../../../../ControlPanelService/GeneratorOptions'; + +const RunCommandSelect = props => { + const { i18n } = useSelector(state => state.session); + + const [state, setState] = useState({ + activeTab: '' + }); + + useEffect(() => { + setState({ ...state, activeTab: props.activeTab }); + }, [props]); + + const renderOptions = () => { + const { daysRunCommandsOptions, hoursRunCommandsOptions, minutesRunCommandsOptions, monthlyRunCommandOptions, weeklyRunCommandOptions } = generatorOptions(i18n); + + switch (state.activeTab) { + case '1': return minutesRunCommandsOptions.map(option => ); + case '2': return hoursRunCommandsOptions.map(option => ); + case '3': return daysRunCommandsOptions.map(option => ); + case '4': return weeklyRunCommandOptions.map(option => ); + case '5': return monthlyRunCommandOptions.map(option => ); + default: break; + } + } + + const selectName = () => { + switch (state.activeTab) { + case '1': return 'h_min'; + case '2': return 'h_hour'; + case '3': return 'h_day'; + case '4': return 'h_wday'; + case '5': return 'h_month'; + default: break; + } + } + + return ( +
+ + +
+ ); +} + +export default RunCommandSelect; \ No newline at end of file diff --git a/src/react/src/components/CronJob/Generator/RunCommandSelect/RunCommandSelect.scss b/src/react/src/components/CronJob/Generator/RunCommandSelect/RunCommandSelect.scss new file mode 100644 index 000000000..e69de29bb diff --git a/src/react/src/components/DNSRecord/Add/AddDNSRecord.jsx b/src/react/src/components/DNSRecord/Add/AddDNSRecord.jsx new file mode 100644 index 000000000..084a7b580 --- /dev/null +++ b/src/react/src/components/DNSRecord/Add/AddDNSRecord.jsx @@ -0,0 +1,145 @@ +import React, { useEffect, useState } from 'react'; + +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import SelectInput from 'src/components/ControlPanel/AddItemLayout/Form/SelectInput/SelectInput'; +import TextInput from 'src/components/ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import { addDomainNameSystemRecord } from '../../../ControlPanelService/Dns'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import Spinner from '../../Spinner/Spinner'; +import { useDispatch, useSelector } from 'react-redux'; + +import './AddDNSRecord.scss' +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +export default function AddDNSRecord(props) { + const { i18n } = useSelector(state => state.session); + const dispatch = useDispatch(); + const token = localStorage.getItem("token"); + const history = useHistory(); + const [state, setState] = useState({ + data: {}, + selectOptions: [ + 'A', + 'AAAA', + 'NS', + 'CNAME', + 'MX', + 'TXT', + 'SRV', + 'DNSKEY', + 'KEY', + 'IPSECKEY', + 'PTR', + 'SPF', + 'TLSA', + 'CAA' + ], + loading: false, + okMessage: '', + errorMessage: '', + }); + + useEffect(() => { + dispatch(addActiveElement(`/list/dns/`)); + dispatch(removeFocusedElement()); + }, []); + + const submitFormHandler = event => { + event.preventDefault(); + let newDnsRecord = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + newDnsRecord[name] = value; + } + + newDnsRecord['ok_rec'] = 'add'; + newDnsRecord['token'] = token; + newDnsRecord['v_domain'] = props.domain; + + if (Object.keys(newDnsRecord).length !== 0 && newDnsRecord.constructor === Object) { + setState({ ...state, loading: true }); + addDomainNameSystemRecord(newDnsRecord) + .then(result => { + if (result.status === 200) { + const { error_msg: errorMessage, ok_msg: okMessage } = result.data; + + if (errorMessage) { + setState({ ...state, errorMessage, okMessage, loading: false }); + } else { + dispatch(refreshCounters()).then(() => { + setState({ ...state, okMessage, errorMessage: '', loading: false }); + }); + } + } + }) + .catch(err => console.error(err)); + } + } + + return ( +
+ + {`Vesta - ${i18n.DNS}`} + + +
+
{i18n['Adding DNS Record']}
+
+ + {state.errorMessage ? : ''} + {state.errorMessage} +
+
+ + {state.okMessage ? : ''} + {HtmlParser(state.okMessage)} + +
+ + + {state.loading ? : ( +
submitFormHandler(event)}> + + + + + + + + + + +
+ + +
+ + )} +
+
+ ); +} \ No newline at end of file diff --git a/src/react/src/components/DNSRecord/Add/AddDNSRecord.scss b/src/react/src/components/DNSRecord/Add/AddDNSRecord.scss new file mode 100644 index 000000000..e69de29bb diff --git a/src/react/src/components/DNSRecord/DNSRecord.jsx b/src/react/src/components/DNSRecord/DNSRecord.jsx new file mode 100644 index 000000000..11170ad8b --- /dev/null +++ b/src/react/src/components/DNSRecord/DNSRecord.jsx @@ -0,0 +1,86 @@ +import React from 'react'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Container from '../ControlPanel/Container/Container'; +import ListItem from '../ControlPanel/ListItem/ListItem'; +import { Link } from 'react-router-dom'; +import { useSelector } from 'react-redux'; + +export default function DnsRecord({ data, domain, handleModal, ...props }) { + const { i18n } = useSelector(state => state.session); + + const toggleFav = (starred) => { + if (starred) { + props.toggleFav(data.NAME, 'add'); + } else { + props.toggleFav(data.NAME, 'delete'); + } + } + + const checkItem = () => { + props.checkItem(data.NAME); + } + + const handleDelete = () => { + handleModal(data.delete_conf, `/api/v1/delete/dns/?domain=${domain}&record_id=${data.ID}`); + } + + const handleSuspend = () => { + handleModal(data.suspend_conf, `/api/v1/${data.suspend_action}/dns/?domain=${domain}&record_id=${data.ID}`); + } + + return ( + + + +
{data.dnsRecord}
+
+
+ + {`${data.RECORD.substring(0, 12)}${data.RECORD.length > 12 ? '...' : ''}`} + + + {data.TYPE} + + + {data.PRIORITY} + + + {data.VALUE} + +
+ +
+
+ + {i18n.edit} + {data.FOCUSED ? : } + +
+ +
+ +
+ +
+ +
+
+ + ); +} \ No newline at end of file diff --git a/src/react/src/components/DNSRecord/DNSRecord.scss b/src/react/src/components/DNSRecord/DNSRecord.scss new file mode 100644 index 000000000..e69de29bb diff --git a/src/react/src/components/DNSRecord/Edit/EditDNSRecord.jsx b/src/react/src/components/DNSRecord/Edit/EditDNSRecord.jsx new file mode 100644 index 000000000..0df612db9 --- /dev/null +++ b/src/react/src/components/DNSRecord/Edit/EditDNSRecord.jsx @@ -0,0 +1,182 @@ +import React, { useEffect, useState } from 'react'; +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import SelectInput from 'src/components/ControlPanel/AddItemLayout/Form/SelectInput/SelectInput'; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { updateDNS, getDNSRecordInfo } from 'src/ControlPanelService/Dns'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Spinner from '../../../components/Spinner/Spinner'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import QS from 'qs'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +export default function EditDNSRecord(props) { + const token = localStorage.getItem("token"); + const { i18n } = useSelector(state => state.session); + const dispatch = useDispatch(); + const history = useHistory(); + const [errorMessage, setErrorMessage] = useState(''); + const [okMessage, setOkMessage] = useState(''); + const [state, setState] = useState({ + data: {}, + selectOptions: [ + 'A', + 'AAAA', + 'NS', + 'CNAME', + 'MX', + 'TXT', + 'SRV', + 'DNSKEY', + 'KEY', + 'IPSECKEY', + 'PTR', + 'SPF', + 'TLSA', + 'CAA' + ], + loading: false + }); + + useEffect(() => { + const { domain, record_id } = props; + + dispatch(addActiveElement('/list/dns/')); + dispatch(removeFocusedElement()); + + if (domain && record_id) { + setState({ ...state, loading: true }); + fetchData(domain, record_id); + } + }, []); + + const fetchData = (domain, record_id) => { + getDNSRecordInfo(domain, record_id) + .then(response => { + setState({ + ...state, + data: response.data, + loading: false + }); + }) + .catch(err => console.error(err)); + } + + const submitFormHandler = event => { + event.preventDefault(); + let updatedRecord = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + updatedRecord[name] = value; + } + + updatedRecord['v_domain'] = state.data.domain; + updatedRecord['v_record_id'] = props.record_id; + updatedRecord['v_type'] = state.data.type; + + if (Object.keys(updatedRecord).length !== 0 && updatedRecord.constructor === Object) { + setState({ ...state, loading: true }); + + updateDNS(updatedRecord, props.domain, props.record_id) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + if (error_msg) { + setOkMessage(''); + setErrorMessage(error_msg); + } else { + dispatch(refreshCounters()).then(() => { + setOkMessage(ok_msg); + setErrorMessage(''); + }); + } + } + }) + .then(() => fetchData(props.domain, props.record_id)) + .catch(err => console.error(err)); + } + } + + return ( +
+ + {`Vesta - ${i18n.DNS}`} + + +
+
{i18n['Editing DNS Record']}
+
+ + {errorMessage ? : ''} {errorMessage} + +
+
+ + {okMessage ? : ''} {HtmlParser(okMessage)} + +
+ + + {state.loading ? : +
submitFormHandler(event)} id="edit-dns-rec"> + + + + + + + + + + + + + + + +
+ + +
+ + + } +
+
+ ); +} \ No newline at end of file diff --git a/src/react/src/components/Database/Add/AddDatabase.jsx b/src/react/src/components/Database/Add/AddDatabase.jsx new file mode 100644 index 000000000..31ae1b7cf --- /dev/null +++ b/src/react/src/components/Database/Add/AddDatabase.jsx @@ -0,0 +1,220 @@ +import React, { memo, useEffect, useState } from 'react'; + +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import { dbCharsets, addDatabase, getDbOptionalInfo } from '../../../ControlPanelService/Db'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import Password from '../../ControlPanel/AddItemLayout/Form/Password/Password'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import Spinner from '../../Spinner/Spinner'; +import { useDispatch, useSelector } from 'react-redux'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; +import './AddDatabase.scss' + +const AddDatabase = memo(props => { + const { i18n } = useSelector(state => state.session); + const token = localStorage.getItem("token"); + const dispatch = useDispatch(); + const history = useHistory(); + const [state, setState] = useState({ + loading: false, + okMessage: '', + errorMessage: '', + dbTypes: [], + dbHosts: [], + dbCharsets: [], + user: '', + maxCharLength: '', + databaseInputValue: '', + databaseUserInputValue: '', + prefixI18N: '' + }); + + useEffect(() => { + dispatch(addActiveElement('/list/db/')); + dispatch(removeFocusedElement()); + + setState({ ...state, loading: true }); + + getDbOptionalInfo() + .then(result => { + if (result.status === 200) { + setState({ + ...state, + dbCharsets, + user: result.data.user, + dbTypes: result.data.dbTypes, + prefixI18N: result.data.prefixI18N, + maxCharLength: result.data.maxCharLength, + dbHosts: result.data.dbHosts, + loading: false + }); + } + }) + .catch(err => console.err(err)); + }, []); + + const renderDatabaseTypesOptions = () => { + return state.dbTypes.map((dbType, index) => ) + } + + const renderDatabaseHostsOptions = () => { + return state.dbHosts.map((dbHost, index) => ) + } + + const renderDatabaseCharsetOptions = () => { + return state.dbCharsets.map((dbCharset, index) => + + ); + } + + const databaseUserInputHandler = value => { + setState({ ...state, databaseUserInputValue: value }); + } + + const databaseInputHandler = value => { + setState({ ...state, databaseInputValue: value }); + } + + const submitFormHandler = event => { + event.preventDefault(); + let newDatabase = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + newDatabase[name] = value; + } + + newDatabase['v_database'] = state.databaseInputValue; + newDatabase['v_dbuser'] = state.databaseUserInputValue; + + if (Object.keys(newDatabase).length !== 0 && newDatabase.constructor === Object) { + setState({ ...state, loading: true }); + addDatabase(newDatabase) + .then(result => { + if (result.status === 200) { + const { error_msg: errorMessage, ok_msg: okMessage } = result.data; + + if (errorMessage) { + setState({ ...state, errorMessage, okMessage: '', loading: false }); + } else { + dispatch(refreshCounters()).then(() => { + setState({ ...state, okMessage, errorMessage: '', loading: false }); + }); + } + } + }) + .catch(err => console.error(err)); + } + } + + return ( +
+ + {`Vesta - ${i18n.DB}`} + + +
+
{i18n['Adding database']}
+
+ + {state.errorMessage ? : ''} + {state.errorMessage} +
+
+ + {state.okMessage ? : ''} + {HtmlParser(state.okMessage)} + +
+ + + {state.loading ? : ( +
submitFormHandler(event)}> + + + + {HtmlParser(state.prefixI18N)} + +
+ +
+ databaseInputHandler(event.target.value)} + value={state.databaseInputValue} + name="v_database" /> + {`${state.user}_${state.databaseInputValue}`} +
+
+ +
+
+ + ({state.maxCharLength}) +
+
+ databaseUserInputHandler(event.target.value)} + name="v_dbuser" /> + {`${state.user}_${state.databaseUserInputValue}`} +
+
+ + + +
+ + +
+ +
+ + +
+ +
+ + +
+ +
+ + +
+ +
+ + +
+ + )} +
+
+ ); +}); + +export default AddDatabase; diff --git a/src/react/src/components/Database/Add/AddDatabase.scss b/src/react/src/components/Database/Add/AddDatabase.scss new file mode 100644 index 000000000..ff9bf4f2b --- /dev/null +++ b/src/react/src/components/Database/Add/AddDatabase.scss @@ -0,0 +1,45 @@ +.edit-template.add-db { + form { + span.italic { + font-style: italic; + } + + .form-group { + .label-wrapper { + display: flex; + + span.italic { + margin-left: 1.5rem; + color: #555; + } + } + + .input-wrapper { + display: flex; + align-items: center; + + span.italic { + font-size: 15px; + font-weight: bold; + margin-left: 1.5rem; + color: #777; + } + } + + .input-wrapper { + span.italic { + font-weight: normal; + } + } + } + + .form-group.database { + margin-top: 1rem; + } + + span.prefix { + color: #777; + font-style: italic; + } + } +} \ No newline at end of file diff --git a/src/react/src/components/Database/Database.jsx b/src/react/src/components/Database/Database.jsx new file mode 100644 index 000000000..91e7aa641 --- /dev/null +++ b/src/react/src/components/Database/Database.jsx @@ -0,0 +1,93 @@ +import React from 'react'; +import ListItem from '../ControlPanel/ListItem/ListItem'; +import Container from '../ControlPanel/Container/Container'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import { Link } from 'react-router-dom'; +import { useSelector } from 'react-redux'; + +const Database = props => { + const { data } = props; + const { i18n } = useSelector(state => state.session); + const token = localStorage.getItem("token"); + + const toggleFav = (starred) => { + if (starred) { + props.toggleFav(data.NAME, 'add'); + } else { + props.toggleFav(data.NAME, 'delete'); + } + } + + const checkItem = () => { + props.checkItem(data.NAME); + } + + const handleSuspend = () => { + let suspendedStatus = data.SUSPENDED === 'yes' ? 'unsuspend' : 'suspend' === 'yes' ? 'unsuspend' : 'suspend'; + props.handleModal(data.suspend_conf, `/api/v1/${suspendedStatus}/db/index.php?database=${data.NAME}`); + } + + const handleDelete = () => { + props.handleModal(data.delete_conf, `/api/v1/delete/db/index.php?database=${data.NAME}`); + } + + return ( + + + +
{data.DATABASE}
+
+
+ +
+ {i18n.Disk}: {data.U_DISK}{i18n.mb} +
+
+ + +
{i18n.User}: {data.DBUSER}
+
{i18n.Charset}: {data.CHARSET}
+ + +
{i18n.Host}: {data.HOST}
+
{i18n.Type}: {data.TYPE}
+ +
+ +
+
+ + {i18n.edit} + {data.FOCUSED ? : } + +
+ +
+ +
+ +
+ +
+
+ + ); +} + +export default Database; \ No newline at end of file diff --git a/src/react/src/components/Database/Database.scss b/src/react/src/components/Database/Database.scss new file mode 100644 index 000000000..506b04e72 --- /dev/null +++ b/src/react/src/components/Database/Database.scss @@ -0,0 +1,3 @@ +.r-col .c-2.w-45 { + margin: 15px 1rem 0 5rem; +} \ No newline at end of file diff --git a/src/react/src/components/Database/Edit/EditDatabase.jsx b/src/react/src/components/Database/Edit/EditDatabase.jsx new file mode 100644 index 000000000..1a8499574 --- /dev/null +++ b/src/react/src/components/Database/Edit/EditDatabase.jsx @@ -0,0 +1,164 @@ +import React, { useEffect, useState } from 'react'; +import TextInputWithTextOnTheRight from '../../ControlPanel/AddItemLayout/Form/TextInputWithTextOnTheRight/TextInputWithTextOnTheRight'; +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import { getDatabaseInfo, updateDatabase } from '../../../ControlPanelService/Db'; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import Password from '../../ControlPanel/AddItemLayout/Form/Password/Password'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Spinner from '../../../components/Spinner/Spinner'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import QS from 'qs'; + +import './EditDatabase.scss'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const EditDatabase = props => { + const token = localStorage.getItem("token"); + const { i18n, userName } = useSelector(state => state.session); + const history = useHistory(); + const dispatch = useDispatch(); + const [errorMessage, setErrorMessage] = useState(''); + const [okMessage, setOkMessage] = useState(''); + const [state, setState] = useState({ + data: {}, + loading: false, + databaseUserInputValue: '' + }); + + useEffect(() => { + let queryParams = QS.parse(history.location.search, { ignoreQueryPrefix: true }); + const { database } = queryParams; + + dispatch(addActiveElement('/list/db/')); + dispatch(removeFocusedElement()); + + if (database) { + setState({ ...state, loading: true }); + fetchData(database); + } + }, []); + + const fetchData = database => { + getDatabaseInfo(database) + .then(response => { + setState({ + ...state, + data: response.data, + databaseUserInputValue: response.data.dbuser.split('_').splice(1).join('_'), + loading: false + }); + }) + .catch(err => { + setState({ ...state, loading: false }); + console.error(err); + }); + } + + const submitFormHandler = event => { + event.preventDefault(); + let updatedDatabase = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + updatedDatabase[name] = value; + } + + updatedDatabase['v_database'] = state.data.database; + updatedDatabase['v_dbuser'] = `${userName}_${state.databaseUserInputValue}`; + + if (Object.keys(updatedDatabase).length !== 0 && updatedDatabase.constructor === Object) { + setState({ ...state, loading: true }); + + updateDatabase(updatedDatabase, state.data.database) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + if (error_msg) { + setOkMessage(''); + setErrorMessage(error_msg); + } else { + dispatch(refreshCounters()).then(() => { + setOkMessage(ok_msg); + setErrorMessage(''); + }); + } + } + }) + .then(() => fetchData(state.data.database)) + .catch(err => console.error(err)); + } + } + + const databaseUserInputHandler = value => { + setState({ ...state, databaseUserInputValue: value }); + } + + return ( +
+ + {`Vesta - ${i18n.DB}`} + + +
+
{i18n['Editing Database']}
+
+ + {errorMessage ? : ''} {errorMessage} + +
+
+ + {okMessage ? : ''} {HtmlParser(okMessage)} + +
+ + + {state.loading ? : +
submitFormHandler(event)} id="edit-db"> + + + + + +
+
+ +
+
+ databaseUserInputHandler(event.target.value)} + name="v_dbuser" /> + {`${userName}_${state.databaseUserInputValue}`} +
+
+ + + + + + + + + +
+ + +
+ + + } +
+
+ ); +} + +export default EditDatabase; \ No newline at end of file diff --git a/src/react/src/components/Database/Edit/EditDatabase.scss b/src/react/src/components/Database/Edit/EditDatabase.scss new file mode 100644 index 000000000..eef3c7568 --- /dev/null +++ b/src/react/src/components/Database/Edit/EditDatabase.scss @@ -0,0 +1,9 @@ +.input-wrapper { + display: flex; + align-items: center; + + span.italic { + margin-left: 15px; + color: #777; + } +} \ No newline at end of file diff --git a/src/react/src/components/DomainNameSystem/Add/AddDomainNameSystem.jsx b/src/react/src/components/DomainNameSystem/Add/AddDomainNameSystem.jsx new file mode 100644 index 000000000..7a3c61c1c --- /dev/null +++ b/src/react/src/components/DomainNameSystem/Add/AddDomainNameSystem.jsx @@ -0,0 +1,152 @@ +import React, { useEffect, useState } from 'react'; + +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { getUserNS } from '../../../ControlPanelService/UserNS'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import Spinner from '../../Spinner/Spinner'; +import { useDispatch, useSelector } from 'react-redux'; + +import './AddDomainNameSystem.scss'; +import AdvancedOptions from './AdvancedOptions/AdvancedOptions'; +import { addDomainNameSystem } from '../../../ControlPanelService/Dns'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const AddDomainNameSystem = props => { + const { i18n } = useSelector(state => state.session); + const dispatch = useDispatch(); + const token = localStorage.getItem("token"); + const history = useHistory(); + const [state, setState] = useState({ + loading: false, + showAdvancedOptions: false, + okMessage: '', + domain: '', + errorMessage: '', + userNS: [] + }); + + useEffect(() => { + dispatch(addActiveElement('/list/dns/')); + dispatch(removeFocusedElement()); + + setState({ ...state, loading: true }); + getUserNS() + .then(result => { + if (result.data.length) { + setState({ ...state, userNS: result.data, loading: false }); + } + }) + .catch(err => console.error(err)); + }, []); + + const submitFormHandler = event => { + event.preventDefault(); + let domainNameSystem = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + domainNameSystem[name] = value; + } + + if (Object.keys(domainNameSystem).length !== 0 && domainNameSystem.constructor === Object) { + setState({ ...state, loading: true }); + addDomainNameSystem(domainNameSystem) + .then(result => { + if (result.status === 200) { + const { error_msg: errorMessage, ok_msg: okMessage } = result.data; + + if (errorMessage) { + setState({ ...state, errorMessage, okMessage, loading: false }); + } else { + dispatch(refreshCounters()).then(() => { + setState({ ...state, okMessage, errorMessage: '', loading: false }); + }); + } + } + }) + .catch(err => console.error(err)); + } + } + + const renderAdvancedOptions = () => { + if (state.showAdvancedOptions) { + return ; + } + } + + const showAdvancedOption = () => { + setState({ ...state, showAdvancedOptions: !state.showAdvancedOptions }); + } + + return ( +
+ + {`Vesta - ${i18n.DNS}`} + + +
+
{i18n['Adding DNS Domain'] ?? 'Adding DNS Domain'}
+
+ + {state.errorMessage ? : ''} + {state.errorMessage} +
+
+ + {state.okMessage ? : ''} + {HtmlParser(state.okMessage)} + +
+ + + + {state.loading ? : ( +
submitFormHandler(event)}> + + + +
+ + +
+ +
+ + +
+ +
+ +
+ + {renderAdvancedOptions()} + +
+ + +
+
+ )} + +
+ ); +} + +export default AddDomainNameSystem; \ No newline at end of file diff --git a/src/react/src/components/DomainNameSystem/Add/AddDomainNameSystem.scss b/src/react/src/components/DomainNameSystem/Add/AddDomainNameSystem.scss new file mode 100644 index 000000000..f8c8be1e1 --- /dev/null +++ b/src/react/src/components/DomainNameSystem/Add/AddDomainNameSystem.scss @@ -0,0 +1,5 @@ +.add-dns form .advanced-options-button { + svg { + margin-left: 5px; + } +} \ No newline at end of file diff --git a/src/react/src/components/DomainNameSystem/Add/AdvancedOptions/AdvancedOptions.jsx b/src/react/src/components/DomainNameSystem/Add/AdvancedOptions/AdvancedOptions.jsx new file mode 100644 index 000000000..a6acebf88 --- /dev/null +++ b/src/react/src/components/DomainNameSystem/Add/AdvancedOptions/AdvancedOptions.jsx @@ -0,0 +1,110 @@ +import React, { useEffect, useState } from 'react'; +import dayjs from 'dayjs'; + +import './AdvancedOptions.scss'; +import { useSelector } from 'react-redux'; + +const AdvancedOptions = props => { + const { i18n } = useSelector(state => state.session); + const [state, setState] = useState({ + nameServersAmount: [], + userNS: props.userNS + }); + + useEffect(() => { + if (props.userNS.length) { + let initNameServersAmount = props.userNS.map((userNS, index) => index + 1); + setState({ ...state, nameServersAmount: initNameServersAmount }); + } + }, []); + + const renderNameServerInputs = () => { + return state.nameServersAmount.map((nameServer, index) => { + return ( +
+ + +
+ ); + }); + } + + const onDeleteNameServer = index => { + let nameServersDuplicate = [...state.nameServersAmount]; + + nameServersDuplicate.splice(index - 1, 1); + + setState({ ...state, nameServersAmount: nameServersDuplicate }); + } + + const addNameServer = () => { + let nameServersLength = state.nameServersAmount.length; + let nameServersDuplicate = [...state.nameServersAmount]; + + nameServersDuplicate.push(nameServersLength + 1); + + setState({ ...state, nameServersAmount: nameServersDuplicate }); + } + + const addNameServerClassName = () => { + return state.nameServersAmount.length === 8 ? 'hide' : 'show optional'; + } + + const getCurrentDatePlusYear = () => { + let currentDatePlusYear = dayjs().add(1, 'year').format('YYYY-MM-DD'); + return currentDatePlusYear; + } + + return ( +
+
+ + +
+ +
+ + +
+ +
+ + {renderNameServerInputs()} +
+ + +
+ ); +} + +export default AdvancedOptions; \ No newline at end of file diff --git a/src/react/src/components/DomainNameSystem/Add/AdvancedOptions/AdvancedOptions.scss b/src/react/src/components/DomainNameSystem/Add/AdvancedOptions/AdvancedOptions.scss new file mode 100644 index 000000000..f2f97588f --- /dev/null +++ b/src/react/src/components/DomainNameSystem/Add/AdvancedOptions/AdvancedOptions.scss @@ -0,0 +1,17 @@ +.edit-item form { + div.name-server-input-wrapper { + display: flex; + align-items: center; + margin: 10px 0; + + button { + margin-left: 10px; + } +} + +.exp-date .optional { + font-size: 12px; + padding: 0 0 0 6px; + font-weight: normal; +} +} \ No newline at end of file diff --git a/src/react/src/components/DomainNameSystem/DomainNameSystem.jsx b/src/react/src/components/DomainNameSystem/DomainNameSystem.jsx new file mode 100644 index 000000000..3d3375b61 --- /dev/null +++ b/src/react/src/components/DomainNameSystem/DomainNameSystem.jsx @@ -0,0 +1,105 @@ +import React from 'react'; +import ListItem from '../ControlPanel/ListItem/ListItem'; +import Container from '../ControlPanel/Container/Container'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import './DomainNameSystem.scss'; +import { Link } from 'react-router-dom'; +import { useSelector } from 'react-redux'; + +const DomainNameSystem = props => { + const { data } = props; + const { i18n } = useSelector(state => state.session); + const token = localStorage.getItem("token"); + + const toggleFav = (starred) => { + if (starred) { + props.toggleFav(props.data.NAME, 'add'); + } else { + props.toggleFav(props.data.NAME, 'delete'); + } + } + + const checkItem = () => { + props.checkItem(props.data.NAME); + } + + const handleSuspend = () => { + let suspendedStatus = data.SUSPENDED === 'yes' ? 'unsuspend' : 'suspend' === 'yes' ? 'unsuspend' : 'suspend'; + props.handleModal(data.suspend_conf, `/api/v1/${suspendedStatus}/dns/index.php?domain=${data.NAME}`); + } + + const handleDelete = () => { + props.handleModal(data.delete_conf, `/api/v1/delete/dns/index.php?domain=${data.NAME}`); + } + + return ( + + +
{data.NAME} / {data.RECORDS}
+
+
+ +
{data.IP}
+
{data.SOA}
+ + +
{i18n.TTL}: {data.TTL}
+
{i18n.Serial}: {data.SERIAL}
+ + +
{i18n.Template}: {data.TPL}
+
{i18n.Expire}: {data.EXP}
+ +
+ +
+
+ + {data.RECORDS_I18N} + {data.FOCUSED ? L : } + +
+ +
+ + {i18n['add record']} + {data.FOCUSED ? N : } + +
+ +
+ + {i18n.edit} + {data.FOCUSED ? : } + +
+ +
+ +
+ +
+ +
+
+ + ); +} + +export default DomainNameSystem; \ No newline at end of file diff --git a/src/react/src/components/DomainNameSystem/DomainNameSystem.scss b/src/react/src/components/DomainNameSystem/DomainNameSystem.scss new file mode 100644 index 000000000..4693e7c66 --- /dev/null +++ b/src/react/src/components/DomainNameSystem/DomainNameSystem.scss @@ -0,0 +1,15 @@ +span.dns-records { + padding-left: 25px; + font-size: 18px; + font-weight: normal; + font-style: italic; + color: gray; +} + +.r-col { + .stats { + .c-2.w-30 { + padding-left: 0; + } + } +} \ No newline at end of file diff --git a/src/react/src/components/DomainNameSystem/Edit/EditDomainNameSystem.jsx b/src/react/src/components/DomainNameSystem/Edit/EditDomainNameSystem.jsx new file mode 100644 index 000000000..1a4e79006 --- /dev/null +++ b/src/react/src/components/DomainNameSystem/Edit/EditDomainNameSystem.jsx @@ -0,0 +1,153 @@ +import React, { useEffect, useState } from 'react'; +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import SelectInput from '../../ControlPanel/AddItemLayout/Form/SelectInput/SelectInput'; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { getDNSInfo, updateDNS } from '../../../ControlPanelService/Dns'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Spinner from '../../../components/Spinner/Spinner'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import QS from 'qs'; + +import './EditDomainNameSystem.scss'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const EditDomainNameSystem = props => { + const token = localStorage.getItem("token"); + const { i18n } = useSelector(state => state.session); + const history = useHistory(); + const dispatch = useDispatch(); + const [errorMessage, setErrorMessage] = useState(''); + const [okMessage, setOkMessage] = useState(''); + const [state, setState] = useState({ + data: {}, + loading: false + }); + + useEffect(() => { + let queryParams = QS.parse(history.location.search, { ignoreQueryPrefix: true }); + const { domain } = queryParams; + + dispatch(addActiveElement('/list/dns/')); + dispatch(removeFocusedElement()); + + if (domain) { + setState({ ...state, loading: true }); + fetchData(domain); + } + }, []); + + const fetchData = domain => { + getDNSInfo(domain) + .then(response => { + setState({ + ...state, + data: response.data, + loading: false + }); + }) + .catch(err => { + setState({ ...state, loading: false }); + console.error(err) + }); + } + + const submitFormHandler = event => { + event.preventDefault(); + let updatedDomain = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + updatedDomain[name] = value; + } + + updatedDomain['v_domain'] = state.data.domain; + + if (Object.keys(updatedDomain).length !== 0 && updatedDomain.constructor === Object) { + setState({ ...state, loading: true }); + + updateDNS(updatedDomain, state.data.domain) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + if (error_msg) { + setErrorMessage(error_msg); + setOkMessage(''); + } else { + dispatch(refreshCounters()).then(() => { + setErrorMessage(''); + setOkMessage(ok_msg); + }); + } + } + }) + .then(() => fetchData(state.data.domain)) + .catch(err => console.error(err)); + } + } + + return ( +
+ + {`Vesta - ${i18n.DNS}`} + + +
+
{i18n['Editing DNS Domain']}
+
+ + {errorMessage ? : ''} {errorMessage} + +
+
+ + {okMessage ? : ''} {HtmlParser(okMessage)} + +
+ + + {state.loading ? : +
submitFormHandler(event)} id="edit-dns"> + + + + + + + + + + + + + + + +
+ + +
+ + + } +
+
+ ); +} + +export default EditDomainNameSystem; \ No newline at end of file diff --git a/src/react/src/components/DomainNameSystem/Edit/EditDomainNameSystem.scss b/src/react/src/components/DomainNameSystem/Edit/EditDomainNameSystem.scss new file mode 100644 index 000000000..36562311d --- /dev/null +++ b/src/react/src/components/DomainNameSystem/Edit/EditDomainNameSystem.scss @@ -0,0 +1,7 @@ +.edit-dns { + .label-wrapper { + span { + text-transform: uppercase !important; + } + } +} \ No newline at end of file diff --git a/src/react/src/components/Firewall/Add/AddFirewall.jsx b/src/react/src/components/Firewall/Add/AddFirewall.jsx new file mode 100644 index 000000000..15a3e438f --- /dev/null +++ b/src/react/src/components/Firewall/Add/AddFirewall.jsx @@ -0,0 +1,136 @@ +import React, { useEffect, useState } from 'react'; + +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import SelectInput from '../../ControlPanel/AddItemLayout/Form/SelectInput/SelectInput'; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { addFirewall } from '../../../ControlPanelService/Firewalls'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; + +import './AddFirewall.scss'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const AddFirewall = props => { + const token = localStorage.getItem("token"); + const { i18n } = useSelector(state => state.session); + const dispatch = useDispatch(); + const history = useHistory(); + const [state, setState] = useState({ + loading: false, + actions: [ + 'DROP', + 'ACCEPT' + ], + protocols: [ + 'TCP', + 'UDP', + 'ICMP' + ], + okMessage: '', + errorMessage: '' + }); + + useEffect(() => { + dispatch(addActiveElement('/list/firewall/')); + dispatch(removeFocusedElement()); + }, []); + + const submitFormHandler = event => { + event.preventDefault(); + let newFirewall = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + newFirewall[name] = value; + } + + if (Object.keys(newFirewall).length !== 0 && newFirewall.constructor === Object) { + setState({ ...state, loading: true }); + addFirewall(newFirewall) + .then(result => { + if (result.status === 200) { + const { error_msg: errorMessage, ok_msg: okMessage } = result.data; + + if (errorMessage) { + setState({ ...state, errorMessage, okMessage, loading: false }); + } else { + dispatch(refreshCounters()).then(() => { + setState({ ...state, okMessage, errorMessage: '', loading: false }); + }); + } + } + }) + .catch(err => console.error(err)); + } + } + + return ( +
+ + {`Vesta - ${i18n.FIREWALL}`} + + +
+
{i18n['Adding Firewall Rule']}
+
+ + {state.errorMessage ? : ''} + {state.errorMessage} +
+
+ + {state.okMessage ? : ''} + {HtmlParser(state.okMessage)} + +
+ + +
submitFormHandler(event)}> + + + + + + + + + + + + + +
+ + +
+ +
+
+ ); +} + +export default AddFirewall; \ No newline at end of file diff --git a/src/react/src/components/Firewall/Add/AddFirewall.scss b/src/react/src/components/Firewall/Add/AddFirewall.scss new file mode 100644 index 000000000..aff53e9fd --- /dev/null +++ b/src/react/src/components/Firewall/Add/AddFirewall.scss @@ -0,0 +1,9 @@ +.content .edit-template.add-firewall { + .toolbar .search-toolbar-name { + width: fit-content; + } + + label.label-wrapper[for=ip] span { + text-transform: unset !important; + } +} \ No newline at end of file diff --git a/src/react/src/components/Firewall/Add/Banlist/index.jsx b/src/react/src/components/Firewall/Add/Banlist/index.jsx new file mode 100644 index 000000000..35c75b2ce --- /dev/null +++ b/src/react/src/components/Firewall/Add/Banlist/index.jsx @@ -0,0 +1,121 @@ +import React, { useEffect, useState } from 'react'; +import { addActiveElement, removeFocusedElement } from "src/actions/MainNavigation/mainNavigationActions"; +import AddItemLayout from 'src/components/ControlPanel/AddItemLayout/AddItemLayout'; +import { getBanIps, addBanIp } from 'src/ControlPanelService/Firewalls'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Spinner from 'src/components/Spinner/Spinner'; +import Toolbar from '../../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import { Helmet } from 'react-helmet'; +import HtmlParser from 'react-html-parser'; + +const AddBanIP = () => { + const { i18n } = useSelector(state => state.session); + const userLanguage = localStorage.getItem("language"); + const history = useHistory(); + const dispatch = useDispatch(); + const [state, setState] = useState({ + banIps: [], + errorMessage: '', + okMessage: '', + loading: false + }); + + useEffect(() => { + dispatch(addActiveElement('/list/firewall/')); + dispatch(removeFocusedElement()); + + setState({ ...state, loading: true }); + + getBanIps() + .then(result => { + setState({ ...state, ip: result.data.ip, chain: result.data.chain, loading: false }); + }); + }, []); + + const submitFormHandler = event => { + event.preventDefault(); + let newUser = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + newUser[name] = value; + } + + if (Object.keys(newUser).length !== 0 && newUser.constructor === Object) { + setState({ ...state, loading: true }); + addBanIp(newUser) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + if (error_msg) { + setState({ ...state, errorMessage: error_msg, okMessage: '', loading: false }); + } else if (ok_msg) { + setState({ ...state, errorMessage: '', okMessage: ok_msg, loading: false }); + } else { + setState({ ...state, loading: false }); + } + } + }) + .catch(err => console.error(err)); + } + } + + const renderChainOptions = () => { + return ['SSH', 'WEB', 'FTP', 'DNS', 'MAIL', 'DB', 'VESTA'].map((chain, index) => ( + + )); + } + + return ( +
+ + {`Vesta - ${i18n.FIREWALL}`} + + +
+
{i18n['Adding IP Address to Banlist']}
+
{state.errorMessage ? : ''} {state.errorMessage}
+
+ {state.okMessage ? : ''} {HtmlParser(state.okMessage)} +
+ + + {state.loading ? : +
submitFormHandler(event)} id="add-user"> + + +
+ + +
+ +
+ + +
+ +
+ + +
+ +
+ } + +
+ ); +} + +export default AddBanIP; diff --git a/src/react/src/components/Firewall/Ban/index.jsx b/src/react/src/components/Firewall/Ban/index.jsx new file mode 100644 index 000000000..bcf3721e7 --- /dev/null +++ b/src/react/src/components/Firewall/Ban/index.jsx @@ -0,0 +1,53 @@ +import React from 'react'; +import ListItem from 'src/components/ControlPanel/ListItem/ListItem'; +import Container from 'src/components/ControlPanel/Container/Container'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import { useSelector } from 'react-redux'; + +const Ban = ({ data, ...props }) => { + const { i18n } = useSelector(state => state.session); + + const checkItem = () => { + props.checkItem(data.NAME); + } + + const handleDelete = () => { + props.handleModal(data.delete_confirmation, `/api/v1/delete/firewall/banlist/?ip=${data.NAME}&chain=${data.CHAIN}`); + } + + return ( + + +
+ +
{data.DATE}   {data.TIME}
+ + +
+ + +
{data.CHAIN}
+ + +
{data.NAME}
+ +
+ +
+
+ +
+
+ + ); +} + +export default Ban; \ No newline at end of file diff --git a/src/react/src/components/Firewall/Edit/EditFirewall.jsx b/src/react/src/components/Firewall/Edit/EditFirewall.jsx new file mode 100644 index 000000000..1f64606a3 --- /dev/null +++ b/src/react/src/components/Firewall/Edit/EditFirewall.jsx @@ -0,0 +1,162 @@ +import React, { useEffect, useState } from 'react'; +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import { getFirewallInfo, updateFirewall } from '../../../ControlPanelService/Firewalls'; +import SelectInput from '../../ControlPanel/AddItemLayout/Form/SelectInput/SelectInput'; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Spinner from '../../../components/Spinner/Spinner'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import QS from 'qs'; + +import './EditFirewall.scss'; +import { Helmet } from 'react-helmet'; +import HtmlParser from 'react-html-parser'; + +const EditFirewall = props => { + const token = localStorage.getItem("token"); + const { i18n } = useSelector(state => state.session); + const history = useHistory(); + const dispatch = useDispatch(); + const [errorMessage, setErrorMessage] = useState(''); + const [okMessage, setOkMessage] = useState(''); + const [state, setState] = useState({ + data: {}, + loading: false + }); + + useEffect(() => { + let queryParams = QS.parse(history.location.search, { ignoreQueryPrefix: true }); + const { rule } = queryParams; + + dispatch(addActiveElement('/list/firewall/')); + dispatch(removeFocusedElement()); + + if (rule) { + setState({ ...state, loading: true }); + fetchData(rule); + } + }, []); + + const fetchData = rule => { + getFirewallInfo(rule) + .then(response => { + setState({ + ...state, + data: response.data, + loading: false + }); + }) + .catch(err => { + setState({ ...state, loading: false }); + console.error(err); + }); + } + + const submitFormHandler = event => { + event.preventDefault(); + let updatedDomain = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + updatedDomain[name] = value; + } + + if (Object.keys(updatedDomain).length !== 0 && updatedDomain.constructor === Object) { + setState({ ...state, loading: true }); + + updateFirewall(updatedDomain, state.data.rule) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + setErrorMessage(error_msg || ''); + setOkMessage(ok_msg || ''); + } + }) + .then(() => fetchData(state.data.rule)) + .catch(err => console.error(err)); + } + } + + return ( +
+ + {`Vesta - ${i18n.FIREWALL}`} + + +
+
{i18n['Editing Firewall Rule']}
+
+ + {errorMessage ? : ''} {errorMessage} + +
+
+ + {okMessage ? : ''} {HtmlParser(okMessage)} + +
+ + + {state.loading ? : +
submitFormHandler(event)} id="edit-firewall"> + + + +
+ + +
+ +
+ + +
+ + + + + + + +
+ + +
+ + + } +
+
+ ); +} + +export default EditFirewall; \ No newline at end of file diff --git a/src/react/src/components/Firewall/Edit/EditFirewall.scss b/src/react/src/components/Firewall/Edit/EditFirewall.scss new file mode 100644 index 000000000..352827b89 --- /dev/null +++ b/src/react/src/components/Firewall/Edit/EditFirewall.scss @@ -0,0 +1,11 @@ +.edit-firewall { + form { + .form-group { + .label-wrapper { + span { + text-transform: initial; + } + } + } + } +} \ No newline at end of file diff --git a/src/react/src/components/Firewall/Firewall.jsx b/src/react/src/components/Firewall/Firewall.jsx new file mode 100644 index 000000000..c74f1a7b8 --- /dev/null +++ b/src/react/src/components/Firewall/Firewall.jsx @@ -0,0 +1,91 @@ +import React from 'react'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Container from '../ControlPanel/Container/Container'; +import ListItem from '../ControlPanel/ListItem/ListItem'; +import { Link } from 'react-router-dom'; +import './Firewall.scss'; +import { useSelector } from 'react-redux'; + +const Firewall = ({ data, ...props }) => { + const { i18n } = useSelector(state => state.session); + + const toggleFav = (starred) => { + if (starred) { + props.toggleFav(data.NAME, 'add'); + } else { + props.toggleFav(data.NAME, 'delete'); + } + } + + const checkItem = () => { + props.checkItem(data.NAME); + } + + const handleSuspend = () => { + let suspendedStatus = data.SUSPENDED === 'yes' ? 'unsuspend' : 'suspend'; + props.handleModal(data.suspend_conf, `/api/v1/${suspendedStatus}/firewall/index.php?rule=${data.NAME}`); + } + + const handleDelete = () => { + props.handleModal(data.delete_conf, `/api/v1/delete/firewall/index.php?rule=${data.NAME}`); + } + + return ( + + + +
+ +
{data.ACTION}
+ + +
{data.PROTOCOL} / {data.COMMENT}
+ + +
+ + +
{data.PORT}
+ + +
{data.IP}
+ +
+ +
+
+ + {i18n.edit} + {data.FOCUSED ? : } + +
+ +
+ +
+ +
+ +
+
+ + ); +} + +export default Firewall; diff --git a/src/react/src/components/Firewall/Firewall.scss b/src/react/src/components/Firewall/Firewall.scss new file mode 100644 index 000000000..f2095528b --- /dev/null +++ b/src/react/src/components/Firewall/Firewall.scss @@ -0,0 +1,20 @@ +.firewalls .list-item { + .l-col .date { + display: none; + } + + .r-col .stats { + margin-top: 15px; + + .cron-col { + div span { + font-weight: unset; + font-size: 13px; + } + + div span.stat { + font-weight: bold; + } + } + } +} \ No newline at end of file diff --git a/src/react/src/components/ForgotPassword/index.jsx b/src/react/src/components/ForgotPassword/index.jsx new file mode 100644 index 000000000..fda24c711 --- /dev/null +++ b/src/react/src/components/ForgotPassword/index.jsx @@ -0,0 +1,191 @@ +import React, { useEffect, useState } from 'react'; + +import TextInput from 'src/components/ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import Password from 'src/components/ControlPanel/AddItemLayout/Form/Password/Password'; +import LoginLayout from 'src/components/ControlPanel/LoginLayout/LoginLayout'; +import { resetPassword } from 'src/ControlPanelService/ResetPassword'; +import { Link, useHistory, useLocation } from 'react-router-dom'; +import { reset } from 'src/actions/Session/sessionActions'; +import { useDispatch, useSelector } from 'react-redux'; +import Spinner from 'src/components/Spinner/Spinner'; +import ReactHtmlParser from 'react-html-parser'; +import { Helmet } from 'react-helmet'; +import QueryString from 'qs'; + +export default function ForgotPassword() { + const { i18n } = useSelector(state => state.session); + const dispatch = useDispatch(); + const history = useHistory(); + const [loading, setLoading] = useState(false); + const [state, setState] = useState({ + action: '', + user: '', + code: '', + }); + const session = useSelector(state => state.session); + const location = useLocation(); + const [errorMessage, setErrorMessage] = useState(''); + + useEffect(() => { + const parsedQueryString = QueryString.parse(location.search, { ignoreQueryPrefix: true }); + + setState({ + ...state, + action: parsedQueryString.action || '', + user: parsedQueryString.user || '', + code: parsedQueryString.code || '' + }); + }, []); + + useEffect(() => { + if (session.error) { + setErrorMessage(session.error); + return; + } + + if (session.token && session.userName) { + history.push('/list/user/'); + } + }, [session]); + + const submitHandler = event => { + event.preventDefault(); + + if (!state.code && !state.user) return; + + if (!state.action && state.user) { + completeStep1(); + return; + } + + if (state.action === 'code' && state.user && state.code) { + completeStep2(); + return; + } + + setLoading(true); + const data = { user: state.user, code: state.code }; + + for (var [name, value] of (new FormData(event.target)).entries()) { + data[name] = value; + } + + dispatch(reset(data)) + .then(res => { + if (res.error) { + setErrorMessage(res.error); + } else { + history.push('/login'); + setErrorMessage(''); + } + + setLoading(false); + }); + } + + const changeInputHandler = event => { + const { value, name } = event.target; + + setState({ ...state, [name]: value }); + } + + const completeStep1 = () => { + if (!state.user) return; + setLoading(true); + + resetPassword(state.user) + .then(res => { + setErrorMessage(res.data.error || ''); + setState({ ...state, action: 'code' }); + setLoading(false); + }) + .catch(error => { + console.error(error); + setLoading(false); + }); + } + + const completeStep2 = () => { + setState({ ...state, action: 'confirm' }); + } + + return ( +
+ + {`Vesta - ${i18n['RESET PASSWORD']}`} + + {loading && } +
+ +
+
+ + Logo + +
+
+ { + !state.action && ( + <> + + +
+ + +
+ + ) + } + + { + state.action === 'code' && ( + <> + {ReactHtmlParser(i18n['RESET_CODE_SENT'])}
+ + + +
+ + +
+ + ) + } + + { + state.action === 'confirm' && ( + <> + + + + +
+ + +
+ + ) + } + +
{errorMessage}
+
+
+ + + vestacp.com + + +
+
+ ); +} diff --git a/src/react/src/components/Hotkeys/Hotkeys.jsx b/src/react/src/components/Hotkeys/Hotkeys.jsx new file mode 100644 index 000000000..84795f7d2 --- /dev/null +++ b/src/react/src/components/Hotkeys/Hotkeys.jsx @@ -0,0 +1,127 @@ +import React, { useEffect } from 'react'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import { useSelector } from 'react-redux'; +import './Hotkeys.scss'; + +const Hotkeys = props => { + const { i18n } = useSelector(state => state.session); + + useEffect(() => { + window.addEventListener("keyup", toggleShortcutsLit); + + return () => window.removeEventListener("keyup", toggleShortcutsLit); + }, [props.reference]); + + const toggleShortcutsLit = event => { + let isSearchInputFocused = document.querySelector('input:focus') || document.querySelector('textarea:focus'); + + if (event.keyCode === 72 && !isSearchInputFocused) { + props.toggleHotkeys(); + } + } + + return ( +
+
+
{i18n.Shortcuts}
+
props.toggleHotkeys()}>
+
+
+
    +
  • + u + {i18n['Upload']} +
    • +
  • + n + {i18n['New File']} +
    • +
  • + F6 + {i18n['New Folder']} +
    • +
  • + d + {i18n['Download']} +
    • +
  • + F2 / Shift + F6 + {i18n['Rename']} +
    • +
  • + m + {i18n['Move']} +
    • +
  • + F5 + {i18n['Copy']} +
    • +
  • + F8 / Del + {i18n['Delete']} +
    • +
  • + F2 + {i18n['Save File (in text editor)']} +
    • +
  • + h + {i18n['Display/Close shortcuts']} +
    • +
  • + Esc + {i18n['Close Popup / Cancel']} +
    • +
  • + F10 + {i18n['Close Preview / Editor']} +
    • +
+
    +
  • + + {i18n['Move Cursor Up']} +
    • +
  • + + {i18n['Move Cursor Down']} +
    • +
  • + + {i18n['Switch to Left Tab']} +
    • +
  • + + {i18n['Switch to Right Tab']} +
    • +
  • + a + {i18n['Archive']} +
    • +
  • + Enter + {i18n['Open File / Enter Directory']} +
    • +
  • + F3 + {i18n['Edit File']} +
    • +
  • + Backspace + {i18n['Go to Parent Directory']} +
    • +
  • + Ctr + Click + {i18n['Add File to the Current Selection']} +
    • +
  • + Shift + Cursor up/down + {i18n['Select Bunch of Files']} +
    • +
+
+
+ ); +} + +export default Hotkeys; diff --git a/src/react/src/components/Hotkeys/Hotkeys.scss b/src/react/src/components/Hotkeys/Hotkeys.scss new file mode 100644 index 000000000..254d5b1ab --- /dev/null +++ b/src/react/src/components/Hotkeys/Hotkeys.scss @@ -0,0 +1,78 @@ +$secondary: #fcac04; + +.hotkeys-list { + position: fixed; + bottom: 0; + right: 0; + display: flex; + flex-direction: column; + transform: translateX(-45%); + width: 53%; + background: #222e44de; + font-size: 13px; + + .head { + display: flex; + justify-content: space-between; + align-items: center; + border-bottom: 1px solid $secondary; + + .name { + text-transform: uppercase; + padding: 5px 0 5px 10px; + font-size: 12px; + font-weight: bold; + color: $secondary; + letter-spacing: 2px; + padding: 15px; + } + + .close { + padding: 12px; + opacity: 1 !important; + + svg { + color: $secondary; + } + + &:hover { + cursor: pointer; + background: #222e44; + } + } + } + + .body { + display: flex; + + ul { + padding: 25px 10px; + margin: 0; + width: 50%; + list-style: none; + margin-left: 3rem; + + li { + padding: 5px; + + span.name { + margin-right: 15px; + color: $secondary; + font-weight: bold; + } + + span.description { + color: white; + } + } + + li.space-top { + padding-top: 30px; + } + } + } +} + +.hide { + display: none; +} \ No newline at end of file diff --git a/src/react/src/components/Hotkeys/HotkeysButton.jsx b/src/react/src/components/Hotkeys/HotkeysButton.jsx new file mode 100644 index 000000000..6934915b9 --- /dev/null +++ b/src/react/src/components/Hotkeys/HotkeysButton.jsx @@ -0,0 +1,13 @@ +import React from 'react'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import './Hotkeys.scss' + +const HotkeysButton = (props) => { + return ( +
+ +
+ ); +} + +export default HotkeysButton; \ No newline at end of file diff --git a/src/react/src/components/InternetProtocol/Add/AddInternetProtocol.jsx b/src/react/src/components/InternetProtocol/Add/AddInternetProtocol.jsx new file mode 100644 index 000000000..a1d32f6d2 --- /dev/null +++ b/src/react/src/components/InternetProtocol/Add/AddInternetProtocol.jsx @@ -0,0 +1,151 @@ +import React, { useEffect, useState } from 'react'; + +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import { addInternetProtocol, getAdditionalInfo } from '../../../ControlPanelService/Ip'; +import SelectInput from '../../ControlPanel/AddItemLayout/Form/SelectInput/SelectInput'; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import Checkbox from '../../ControlPanel/AddItemLayout/Form/Checkbox/Checkbox'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import Spinner from '../../Spinner/Spinner'; +import { useDispatch, useSelector } from 'react-redux'; + +import './AddInternetProtocol.scss'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const AddInternetProtocol = props => { + const token = localStorage.getItem("token"); + const { i18n, userName } = useSelector(state => state.session); + const dispatch = useDispatch(); + const history = useHistory(); + const [state, setState] = useState({ + loading: false, + dedicated: true, + okMessage: '', + errorMessage: '', + interfaces: [], + users: [] + }); + + useEffect(() => { + dispatch(addActiveElement('/list/ip/')); + dispatch(removeFocusedElement()); + + setState({ ...state, loading: true }); + + fetchData(); + }, []); + + const submitFormHandler = event => { + event.preventDefault(); + let newIp = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + newIp[name] = value; + } + + if (Object.keys(newIp).length !== 0 && newIp.constructor === Object) { + setState({ ...state, loading: true }); + addInternetProtocol(newIp) + .then(result => { + if (result.status === 200) { + const { error_msg: errorMessage, ok_msg: okMessage } = result.data; + + if (errorMessage) { + setState({ ...state, errorMessage, okMessage, loading: false }); + } else { + dispatch(refreshCounters()).then(() => { + setState({ ...state, okMessage, errorMessage: '', loading: false }); + }); + } + } + }) + .catch(err => console.error(err)); + } + } + + const fetchData = () => { + getAdditionalInfo() + .then(result => { + setState({ ...state, interfaces: result.data.interfaces, users: result.data.users, loading: false }); + }) + .catch(err => console.error(err)); + } + + const onChangeDedicated = value => { + setState({ ...state, dedicated: value }); + } + + return ( +
+ + {`Vesta - ${i18n.IP}`} + + +
+
{i18n['Adding Package']}
+
+ + {state.errorMessage ? : ''} + {state.errorMessage} +
+
+ + {state.okMessage ? : ''} + {HtmlParser(state.okMessage)} + +
+ + + {state.loading ? : ( +
submitFormHandler(event)}> + + + + + + + + + + + + + { + !state.dedicated + ? ( +
+ +
+ ) + : null + } + + + + + +
+ + +
+ + )} +
+
+ ); +} + +export default AddInternetProtocol; \ No newline at end of file diff --git a/src/react/src/components/InternetProtocol/Add/AddInternetProtocol.scss b/src/react/src/components/InternetProtocol/Add/AddInternetProtocol.scss new file mode 100644 index 000000000..3fd53d254 --- /dev/null +++ b/src/react/src/components/InternetProtocol/Add/AddInternetProtocol.scss @@ -0,0 +1,19 @@ +div.edit-item { + form { + label.label-wrapper { + align-items: center; + + span { + text-transform: lowercase; + } + } + + div.assigned-user { + padding-left: 25px; + + select { + width: 48.4%; + } + } + } +} \ No newline at end of file diff --git a/src/react/src/components/InternetProtocol/Edit/EditInternetProtocol.jsx b/src/react/src/components/InternetProtocol/Edit/EditInternetProtocol.jsx new file mode 100644 index 000000000..7b525877e --- /dev/null +++ b/src/react/src/components/InternetProtocol/Edit/EditInternetProtocol.jsx @@ -0,0 +1,162 @@ +import React, { useEffect, useState } from 'react'; + +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import { getInternetProtocolInfo, updateInternetProtocol } from '../../../ControlPanelService/Ip'; +import SelectInput from '../../ControlPanel/AddItemLayout/Form/SelectInput/SelectInput'; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import Checkbox from '../../ControlPanel/AddItemLayout/Form/Checkbox/Checkbox'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Spinner from '../../../components/Spinner/Spinner'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import QS from 'qs'; + +import './EditInternetProtocol.scss'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const EditInternetProtocol = () => { + const token = localStorage.getItem("token"); + const { i18n } = useSelector(state => state.session); + const history = useHistory(); + const dispatch = useDispatch(); + const [errorMessage, setErrorMessage] = useState(''); + const [okMessage, setOkMessage] = useState(''); + const [state, setState] = useState({ + data: {}, + loading: false, + dedicated: false + }); + + useEffect(() => { + let queryParams = QS.parse(history.location.search, { ignoreQueryPrefix: true }); + const { ip } = queryParams; + + dispatch(addActiveElement('/list/ip/')); + dispatch(removeFocusedElement()); + + if (ip) { + setState({ ...state, loading: true }); + fetchData(ip); + } + }, []); + + const fetchData = ip => { + getInternetProtocolInfo(ip) + .then(response => { + setState({ + ...state, + data: response.data, + dedicated: !response.data.dedicated, + loading: false + }); + }) + .catch(err => { + setState({ ...state, loading: false }); + console.error(err) + }); + } + + const submitFormHandler = event => { + event.preventDefault(); + let updatedIP = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + updatedIP[name] = value; + } + + updatedIP['token'] = token; + updatedIP['save'] = 'save'; + updatedIP['v_ip'] = state.data.ip; + + if (Object.keys(updatedIP).length !== 0 && updatedIP.constructor === Object) { + setState({ ...state, loading: true }); + + updateInternetProtocol(updatedIP, state.data.ip) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + if (error_msg) { + setErrorMessage(error_msg); + setOkMessage(''); + } else { + dispatch(refreshCounters()).then(() => { + setErrorMessage(''); + setOkMessage(ok_msg); + }); + } + } + }) + .then(() => fetchData(state.data.ip)) + .catch(err => console.error(err)); + } + } + + const onChangeDedicated = value => { + setState({ ...state, dedicated: value }); + } + + return ( +
+ + {`Vesta - ${i18n.IP}`} + + +
+
{i18n['Editing IP Address']}
+
+ + {errorMessage ? : ''} {errorMessage} + +
+
+ + {okMessage ? : ''} {HtmlParser(okMessage)} + +
+ + + {state.loading ? : +
submitFormHandler(event)} id="edit-ip"> + + + + + + + + + { + !state.dedicated && ( +
+ +
+ ) + } + + + + + +
+ + +
+ + + } +
+
+ ); +} + +export default EditInternetProtocol; \ No newline at end of file diff --git a/src/react/src/components/InternetProtocol/Edit/EditInternetProtocol.scss b/src/react/src/components/InternetProtocol/Edit/EditInternetProtocol.scss new file mode 100644 index 000000000..fa65bb0ae --- /dev/null +++ b/src/react/src/components/InternetProtocol/Edit/EditInternetProtocol.scss @@ -0,0 +1,8 @@ +.edit-ip { + form { + .dedicated-form-group { + transform: translateX(3rem); + margin-bottom: 2rem; + } + } +} \ No newline at end of file diff --git a/src/react/src/components/InternetProtocol/InternetProtocol.jsx b/src/react/src/components/InternetProtocol/InternetProtocol.jsx new file mode 100644 index 000000000..fbdda12e6 --- /dev/null +++ b/src/react/src/components/InternetProtocol/InternetProtocol.jsx @@ -0,0 +1,76 @@ +import React from 'react'; +import ListItem from '../ControlPanel/ListItem/ListItem'; +import Container from '../ControlPanel/Container/Container'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import { Link } from 'react-router-dom'; +import { useSelector } from 'react-redux'; +import './InternetProtocol.scss'; + +const InternetProtocol = props => { + const { data } = props; + const { i18n } = useSelector(state => state.session); + + const toggleFav = (starred) => { + if (starred) { + props.toggleFav(data.NAME, 'add'); + } else { + props.toggleFav(data.NAME, 'delete'); + } + } + + const checkItem = () => { + props.checkItem(data.NAME); + } + + const handleDelete = () => { + props.handleModal(data.delete_conf, `/api/v1/delete/ip/?ip=${data.NAME}`); + } + + return ( + + + +
{data.NAT ? <>{data.NAT} {data.NAME} : data.NAME}
+
+
+ +
{data.NETMASK}
+
{data.INTERFACE}
+ + +
{i18n.Domains}: {data.U_WEB_DOMAINS}
+
{i18n.Status}: {data.STATUS}
+ + +
{i18n.Owner}: {data.OWNER}
+
{i18n.Users}: {data.U_SYS_USERS.replace(/,/g, ', ')}
+ +
+ +
+
+ + {i18n.edit} + {data.FOCUSED ? : } + +
+ +
+ +
+
+ + ); +} + +export default InternetProtocol; diff --git a/src/react/src/components/InternetProtocol/InternetProtocol.scss b/src/react/src/components/InternetProtocol/InternetProtocol.scss new file mode 100644 index 000000000..a9a18c10b --- /dev/null +++ b/src/react/src/components/InternetProtocol/InternetProtocol.scss @@ -0,0 +1,8 @@ +.internetProtocols { + .ip-wrapper { + .name svg { + margin: 0 10px; + font-size: 20px; + } + } +} diff --git a/src/react/src/components/Lists/DirectoryList/DirectoryList.jsx b/src/react/src/components/Lists/DirectoryList/DirectoryList.jsx new file mode 100644 index 000000000..34239f309 --- /dev/null +++ b/src/react/src/components/Lists/DirectoryList/DirectoryList.jsx @@ -0,0 +1,338 @@ +import React, { Component } from 'react'; +import PropTypes from 'prop-types'; +import Spinner from '../../Spinner/Spinner'; +import Path from '../../Path/Path'; +import Row from '../Row/Row'; +import '../List.scss'; + +class DirectoryList extends Component { + constructor(props) { + super(props); + this.state = { + orderType: "descending", + sortingType: "Type", + itemsSelected: [], + listingItems: [], + cursor: 0 + }; + } + + static propTypes = { + changePathAfterToggle: PropTypes.func, + openCertainDirectory: PropTypes.func, + openDirectory: PropTypes.func, + passSelection: PropTypes.func, + modalVisible: PropTypes.bool, + changePath: PropTypes.func, + addToPath: PropTypes.func, + history: PropTypes.object, + isActive: PropTypes.bool, + cursor: PropTypes.number, + passData: PropTypes.func, + download: PropTypes.func, + moveBack: PropTypes.func, + onClick: PropTypes.func, + loading: PropTypes.bool, + path: PropTypes.string, + list: PropTypes.string, + data: PropTypes.array + } + + UNSAFE_componentWillMount = () => { + if (localStorage.getItem(`${this.props.list}Sorting`) && localStorage.getItem(`${this.props.list}Order`)) { + this.setState({ sortingType: localStorage.getItem(`${this.props.list}Sorting`), orderType: localStorage.getItem(`${this.props.list}Order`) }); + } + } + + componentDidMount = () => { + document.addEventListener("keydown", this.handleLiSelection); + document.addEventListener("keydown", this.moveBackOnButton); + } + + componentWillUnmount = () => { + document.removeEventListener("keydown", this.handleLiSelection); + document.removeEventListener("keydown", this.moveBackOnButton); + } + + cacheSorting = () => { + localStorage.setItem(`${this.props.list}Sorting`, this.state.sortingType); + localStorage.setItem(`${this.props.list}Order`, this.state.orderType); + } + + moveBackOnButton = (e) => { + if (e.keyCode === 8 && !this.props.modalVisible && this.props.isActive) { + this.moveBack(); + } + } + + moveBack = () => { + if (this.isHomeDirectory()) { + return; + } + + this.props.moveBack(); + } + + isHomeDirectory = () => { + return this.props.path === this.props.rootDir; + } + + toggleActiveList = () => { + const { history, path, list, onClick, changePathAfterToggle, isActive } = this.props; + + if (!isActive) { + onClick(list); + changePathAfterToggle(path); + history.push({ + pathname: '/list/directory/', + search: `?path=${path}` + }); + this.cacheActiveWindowAndPaths(); + this.passData(); + } + } + + cacheActiveWindowAndPaths = () => { + localStorage.setItem("activeWindow", this.props.list); + localStorage.setItem(`${this.props.list}ListPath`, this.props.path); + localStorage.setItem(`${this.props.list}ListPath`, this.props.path); + } + + isSelected = (i) => { + return this.state.itemsSelected.indexOf(i) !== -1; + } + + addToSelection(i) { + const { itemsSelected } = this.state; + const result = [...itemsSelected]; + const duplicate = itemsSelected.indexOf(i); + if (duplicate !== -1) { + result.splice(duplicate, 1); + } else { + if (i === "") { + return; + } + + result.push(i) + } + + this.setState({ itemsSelected: result }); + this.props.passSelection(result); + } + + handleLiSelection = (e) => { + const { isActive, modalVisible, changePath, path } = this.props; + const { cursor } = this.state; + const { listing } = this.getDataBySortingType() + + if (!isActive || modalVisible) { + return; + } + + if (e.keyCode === 40) { + if (cursor === listing.length - 1) { + return; + } + + if (e.shiftKey) { + let name = listing[cursor].name; + this.addToSelection(name); + } + + this.setState({ cursor: cursor + 1 }); + this.passData(); + changePath(path); + } + + if (e.keyCode === 38) { + if (cursor === 0) { + return; + } + + if (e.shiftKey) { + let name = listing[cursor - 1].name; + this.addToSelection(name); + } + + this.setState({ cursor: cursor - 1 }); + this.passData(); + changePath(path); + } + } + + resetData = () => { + this.setState({ cursor: 0, itemsSelected: [] }); + } + + passData = () => { + const { passData: passDataToParent } = this.props; + const { firstItem, listing } = this.getDataBySortingType() + if (this.state.cursor === 0) { + const { name, permissions, type } = firstItem; + passDataToParent(this.state.cursor, name, permissions, type); + } else { + const { name, permissions, type } = listing[this.state.cursor - 1]; + passDataToParent(this.state.cursor, name, permissions, type); + } + } + + openDirectory = (name) => { + const { history, path, addToPath, openDirectory } = this.props; + + history.push({ + pathname: '/list/directory/', + search: `?path=${path}/${name}` + }); + addToPath(name); + openDirectory(); + this.setState({ cursor: 0 }); + } + + openCertainDirectory = (path) => { + const { history, openCertainDirectory, changePath } = this.props; + + if (this.isHomeDirectory()) { + return; + } + + history.push({ + pathname: '/list/directory/', + search: `?path=${path}` + }); + changePath(path); + openCertainDirectory(); + } + + changeSorting = (sortingType, orderType) => { + this.setState({ sortingType, orderType }, () => this.cacheSorting()); + } + + sortByType = (a, b) => { + if (this.state.orderType === "descending" && a.name !== "") { + return a.type.localeCompare(b.type); + } else if (this.state.orderType === "ascending" && b.name !== "") { + return b.type.localeCompare(a.type); + } + } + + sortBySize = (a, b) => { + if (this.state.orderType === "descending" && a.name !== "") { + return a.size - b.size; + } else if (this.state.orderType === "ascending" && b.name !== "") { + return b.size - a.size; + } + } + + sortByDate = (a, b) => { + if (this.state.orderType === "descending" && a.name !== "") { + return new Date(a.date) - new Date(b.date); + } else if (this.state.orderType === "ascending" && a.name !== "") { + return new Date(b.date) - new Date(a.date); + } + } + + sortByName = (a, b) => { + if (this.state.orderType === "descending" && a.name !== "") { + return a.name.localeCompare(b.name); + } else if (this.state.orderType === "ascending" && b.name !== "") { + return b.name.localeCompare(a.name); + } + } + + sortData = (a, b) => { + switch (this.state.sortingType) { + case "Type": return this.sortByType(a, b); + case "Size": return this.sortBySize(a, b); + case "Date": return this.sortByDate(a, b); + case "Name": return this.sortByName(a, b); + default: return this.sortByType(a, b); + } + } + + getDataBySortingType = () => { + let firstItem, listing = []; + this.props.data.listing.forEach(item => { + if (item.name === '' && item.type === 'd') { + firstItem = item + } else { + listing.push(item) + } + }) + if (this.state.sortingType !== 'Type') { + listing = [ + ...listing.filter(item => item.type === 'd').sort((a, b) => this.sortByName(a, b)), + ...listing.filter(item => item.type === 'f').sort((a, b) => this.sortData(a, b)) + ] + } else { + listing = listing.sort((a, b) => this.sortData(a, b)) + } + return { firstItem, listing } + } + + rows = () => { + const { isActive, modalVisible, path, download } = this.props; + const { cursor } = this.state; + const { listing, firstItem } = this.getDataBySortingType() + + if (listing.length || firstItem) { + return ( + <> + { + this.setState({ cursor }); + this.props.passData(cursor, name, permissions, type); + }} + openDirectory={this.moveBack} + modalVisible={modalVisible} + activeRow={0 === cursor} + isActiveList={isActive} + cursor={0} + data={firstItem} + path={path} /> + { + listing.map((item, key) => ( + { + this.setState({ cursor }); + this.props.passData(cursor, name, permissions, type); + }} + selectMultiple={() => this.addToSelection(item.name)} + selected={this.isSelected(item.name)} + openDirectory={this.openDirectory} + modalVisible={modalVisible} + activeRow={key + 1 === cursor} + isActiveList={isActive} + download={download} + cursor={key + 1} + data={item} + path={path} /> + )) + } + + ); + } + } + + render() { + const { isActive, path, loading } = this.props; + return ( +
+ +
+
    + {loading && isActive ? : this.rows()} +
+
+
+ ); + } +} + +export default DirectoryList; diff --git a/src/react/src/components/Lists/List.scss b/src/react/src/components/Lists/List.scss new file mode 100644 index 000000000..ae3a3ceb8 --- /dev/null +++ b/src/react/src/components/Lists/List.scss @@ -0,0 +1,56 @@ +.list { + width: 50%; + height: 100vh; + flex: 1 1 50%; + + .list-container { + margin-top: 10px; + height: calc(100% - 100px); + overflow: auto; + + ul { + margin-top: 5px; + padding: 0; + color: #3a3a3a; + + li { + display: block; + height: 34px; + line-height: 30px; + font-size: 15px; + margin-top: 2px; + list-style: none; + + span { + font-size: 13px; + } + + &:hover{ + background: #DEDEDE; + } + } + + li.active { + background: #FFDC5A; + + .marker { + float: left; + width: 4px; + height: 34px; + margin-right: 5px; + background: #79641a; + } + } + + li.selected { + background: #fdfdbb; + } + } + } +} + +@media screen and (max-width: 1200px){ + .permissions, .owner { + display: none; + } +} \ No newline at end of file diff --git a/src/react/src/components/Lists/Row/Row.jsx b/src/react/src/components/Lists/Row/Row.jsx new file mode 100644 index 000000000..c45c70e1a --- /dev/null +++ b/src/react/src/components/Lists/Row/Row.jsx @@ -0,0 +1,205 @@ +import React, { Component } from 'react'; +import { withRouter } from 'react-router-dom'; +import PropTypes from 'prop-types'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import { faJs, faCss3, faPhp, faHtml5, faSass } from '@fortawesome/free-brands-svg-icons'; +import './Row.scss'; +import { connect } from 'react-redux'; +import dayjs from 'dayjs' + +class Row extends Component { + static propTypes = { + selectMultiple: PropTypes.func, + selectOnClick: PropTypes.func, + openDirectory: PropTypes.func, + modalVisible: PropTypes.bool, + isActiveList: PropTypes.bool, + activeRow: PropTypes.bool, + selected: PropTypes.func, + download: PropTypes.func, + cursor: PropTypes.number, + path: PropTypes.string, + key: PropTypes.number, + data: PropTypes.array + } + + componentDidMount = () => { + document.addEventListener("keydown", this.openOnEnter); + } + + componentWillUnmount = () => { + document.removeEventListener("keydown", this.openOnEnter); + } + + openOnEnter = (e) => { + const { activeRow, data: { name, type }, isActiveList, modalVisible, openDirectory, cursor, download, path } = this.props; + + if (modalVisible || !activeRow || !isActiveList) { + return; + } + + if (e.keyCode === 13) { + if (this.isArchive(name) || type === "l") { + download(); + } else if (this.isFile(type) && cursor !== 0) { + this.changePath(path, name); + } else { + openDirectory(name); + } + } + } + + openItem = () => { + const { data: { type, name }, openDirectory, download, path, isActiveList } = this.props; + + if (!isActiveList) { + return; + } + + if (this.isArchive(name) || type === "l" || name.match('.mp4')) { + return download(); + } else if (this.isFile(type)) { + return this.changePath(path, name); + } else if (type === 'd') { + return openDirectory(name); + } + } + + changePath = (path, name) => { + this.props.history.push({ + pathname: '/list/directory/preview/', + search: `?path=${path}/${name}` + }); + } + + selectRow = (e) => { + const { data: { name, permissions, type }, selectMultiple, selectOnClick, cursor, activeRow } = this.props; + + if (e.ctrlKey && cursor !== 0) { + selectMultiple(); + } + + if (activeRow) { + return; + } + + selectOnClick(cursor, name, permissions, type); + } + + className = () => { + const { activeRow, selected, isActiveList } = this.props; + + if (isActiveList) { + let isActive = activeRow ? 'active' : ''; + let isSelected = selected ? 'selected' : ''; + return isActive.length ? isActive : isSelected; + } else { + let isActive = activeRow ? 'inactive' : ''; + let isSelected = selected ? 'inactive-selected' : ''; + return isActive.length ? isActive : isSelected; + } + } + + sizeFormatter = (bytes, decimals) => { + if (bytes === undefined || this.props.data.type === "d") { + return null; + }; + + if (bytes === "0") { + return 0 b; + } + + let k = 1024, + dm = decimals <= 0 ? 0 : decimals || 2, + sizes = ['b', 'kb', 'Mb', 'GB'], + i = Math.floor(Math.log(bytes) / Math.log(k)); + return ({parseFloat((bytes / Math.pow(k, i)).toFixed(dm))} {sizes[i]}); + } + + dateFormatter = (fDate) => { + if (fDate === undefined) { + return null; + } + + let date = new Date(fDate), + months = ['Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'], + getDay = date.getDate(), + getMonth = this.props.session.i18n[months[date.getMonth()]]; + return ({getMonth} {getDay}); + } + + timeFormatter = (date = new Date(), time) => { + const year = dayjs(date).year() + const currentYear = dayjs().year() + if (year === currentYear) return time + return year + } + + glyph = () => { + const { data: { type, name } } = this.props; + + if (type === 'd') { + return ; + } + + if (this.isFile(type)) { + if (this.isArchive(name)) { + return ; + } else if (name.match(/png|jpg|jpeg|gif/g)) { + return ; + } else if (name.match('.mp4') !== null) { + return ; + } else if (name.match('.txt')) { + return ; + } else if (name.match('.js')) { + return ; + } else if (name.match('.html')) { + return ; + } else if (name.match('.php')) { + return ; + } else if (name.match(/.scss/i)) { + return ; + } else if (name.match(/.css/i)) { + return ; + } else { + return ; + } + } + + if (type === "l") { + return ; + } + } + + isArchive(name) { + return name.match(/zip|tgz|tar.gz|gzip|tbz|tar.bz|gz|zip|tar|rar/g); + } + + isFile(type) { + return type === 'f'; + } + + render() { + const { data: { name, owner, permissions, size, date, time } } = this.props; + return ( +
  • + + {this.glyph()} + this.openItem(e)}>{this.props.cursor === 0 ? ".." : name} + {permissions} + {owner} + {this.sizeFormatter(size)} + {this.dateFormatter(date)} + {this.timeFormatter(date, time)} +
    • + ); + } +} + +function mapStateToProps(state) { + return { + session: state.session + } +} + +export default connect(mapStateToProps)(withRouter(Row)); diff --git a/src/react/src/components/Lists/Row/Row.scss b/src/react/src/components/Lists/Row/Row.scss new file mode 100644 index 000000000..3f56182a3 --- /dev/null +++ b/src/react/src/components/Lists/Row/Row.scss @@ -0,0 +1,181 @@ +@import 'src/utils/scss/variables'; + +.list .list-container ul li svg { + width: 25px; + vertical-align: top; + margin-top: 9px; + margin-left: 10px; +} + +.html5 { + color: #f16529; +} + +.file-alt { + color: #20d2d1; +} + +.list .list-container ul li { + .marker { + float: left; + width: 4px; + height: 34px; + margin-right: 5px; + } +} + +.list .list-container ul li .js { + width: 16px; + color: #f7df1c; + background: black; + margin: 9px 4px 0 15px; +} + +.php { + color: #777bb3; +} + +.css3 { + color: #0079cb; +} + +.sass { + color: #cd6699; +} + +.image { + color: #36afae; +} + +.folder-open { + color: #e29741; +} + +.file { + color: #11b1b1; +} + +.archive { + color: rgb(209, 206, 43); +} + +.download { + color: #929ca3; +} + +.fOwner, +.fPermissions, +.fSize, +.fDate, +.fTime { + font-size: 14px; + float: right; + width: 60px; + padding-top: 2px; +} + +.list .list-container ul li .fName { + margin-left: 5px; + width: 260px; + display: inline-block; + overflow: hidden; + text-overflow: clip; + + .name { + padding: 0 5px; + float: left; + margin-left: 5px; + line-height: 34px; + font-size: 15px; + white-space: nowrap; + transition: all ease-out 0.3s; + + &:hover { + transition: all ease-out 0.2s; + background: rgb(201, 199, 199); + border-radius: 4px; + cursor: pointer; + } + } +} + +.list .list-container ul li.active .fName .name:hover { + background: #f0b607; + color: black; +} + +.list .list-container ul li .fPermissions { + margin-left: 35px; + width: 50px; + color: #727272; + font-size: 11px; +} + +.list .list-container ul li .fDate .date { + color: #727272; + font-size: 11px; +} +.list .list-container ul li .fTime { + color: #727272; + font-size: 11px; + width: 54px; +} + +.fSize { + padding-right: 15px; + text-align: right; + width: 95px; +} + +.list .list-container ul li .fOwner { + color: #896417; + font-style: italic; + width: 50px; + font-size: 12px; + margin-right: 5px; +} + +.value { + color: $primary; +} + +.unit { + font-weight: bolder; + color: #727272; +} + +li.inactive { + .marker { + float: left; + width: 4px; + height: 34px; + margin-right: 5px; + background: rgb(163, 163, 163); + } + + background: rgb(201, 199, 199); +} + +.inactive-selected { + background: rgb(220, 220, 220); +} + +@media (max-width: 1320px) { + .list .list-container ul li { + .fName { + width: 210px; + } + .fSize { + width: 75px; + } + .fDate { + width: 40px; + } + .fTime { + width: 50px; + } + .fPermissions { + margin: 0; + } + } +} diff --git a/src/react/src/components/Log/Log.jsx b/src/react/src/components/Log/Log.jsx new file mode 100644 index 000000000..44736c08e --- /dev/null +++ b/src/react/src/components/Log/Log.jsx @@ -0,0 +1,31 @@ +import React from 'react'; +import Container from '../ControlPanel/Container/Container'; +import './Log.scss'; + +const Log = props => { + const { data } = props; + + const printDate = date => { + let newDate = new Date(date); + let day = newDate.getDate(); + let month = newDate.getMonth(); + let year = newDate.getFullYear(); + let months = ['Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec']; + + return
    {day}   {months[month]}   {year}
    ; + } + + return ( +
    + + {printDate(data.DATE)} + {data.TIME} + + +
    {data.CMD}
    +     +
    + ); +} + +export default Log; \ No newline at end of file diff --git a/src/react/src/components/Log/Log.scss b/src/react/src/components/Log/Log.scss new file mode 100644 index 000000000..c6478bab9 --- /dev/null +++ b/src/react/src/components/Log/Log.scss @@ -0,0 +1,38 @@ +.logs-list { + .toolbar { + padding: 6px 13%; + } + + .statistic-item { + .l-col { + font-size: 13px; + color: #888; + + .date { + margin: 1rem 0; + margin-bottom: 1.5rem; + } + } + + .r-col { + .name { + margin-top: .7rem; + font-size: 18px; + } + } + } + + .statistic-item.focused { + border-left: 2px solid #5edad0; + + div.name { + color: #5edad0; + } + } +} + +@media (max-width: 1350px) { + .logs-list .toolbar { + padding: 6px 9.5%; + } +} \ No newline at end of file diff --git a/src/react/src/components/Login/Login.scss b/src/react/src/components/Login/Login.scss new file mode 100644 index 000000000..5e6e5adeb --- /dev/null +++ b/src/react/src/components/Login/Login.scss @@ -0,0 +1,140 @@ +@import 'src/utils/scss/variables'; +@import 'src/utils/scss/breakpoints'; + +.login-page { + display: flex; + justify-content: center; + align-items: center; + width: 100%; + height: 100vh; + background-color: #eee; + + .login-form-wrapper { + background-color: #fff; + box-shadow: 0 2px 6px rgba(100, 100, 100, 0.3); + font-family: Arial,Helvetica,sans-serif; + margin: 0; + padding: 0; + text-align: left; + width: 575px; + + .login-layout { + position: relative; + + > span { + position: absolute; + bottom: 0; + right: 20px; + font-size: 11px; + + a { + color: #505050; + } + } + } + + form { + display: flex; + position: relative; + + > div { + input[type="text"], + input[type="password"] { + width: 100%; + } + } + + .c1 { + display: flex; + justify-content: center; + align-items: center; + width: 35%; + + img { + width: 110%; + } + } + + .c2 { + width: 65%; + margin-left: 3.5rem; + + .forgot-password { + font-size: 11px; + text-transform: uppercase; + letter-spacing: .75px; + text-decoration: none; + } + + button[type="submit"] { + background-color: $primary; + border: 1px solid $primary; + padding: 1px 16px 3px; + font-size: 13px; + height: 35px; + color: #fafafa; + border-radius: 3px; + + &:hover { + color: $primary; + border: 1px solid $primaryLight; + background-color: $primaryLight; + } + + &:active { + color: #fafafa; + border: 1px solid $primary; + background-color: $primary; + } + + .disabled { + cursor: not-allowed; + } + } + + div.error-message { + margin-top: 1rem; + color: #BE5ABF; + } + } + } + } + + @media (max-width: $tabletMax) { + .login-form-wrapper { + margin: 2rem; + + .login-layout { + form { + flex-direction: column; + justify-content: center; + align-items: center; + + .c1 { + width: 100%; + margin-bottom: 1.5rem; + + a { + text-align: center; + + img { + width: 75%; + } + } + } + + .c2 { + margin: 0; + width: 100%; + } + + .buttons-wrapper { + .add { + margin-bottom: 10px; + } + } + } + } + } + } +} diff --git a/src/react/src/components/Login/LoginForm.jsx b/src/react/src/components/Login/LoginForm.jsx new file mode 100644 index 000000000..47900a574 --- /dev/null +++ b/src/react/src/components/Login/LoginForm.jsx @@ -0,0 +1,107 @@ +import React, { useEffect, useState } from 'react'; + +import { Link, useHistory } from 'react-router-dom'; +import Spinner from '../Spinner/Spinner'; +import { useDispatch, useSelector } from 'react-redux'; +import { login } from '../../actions/Session/sessionActions'; +import LoginLayout from '../ControlPanel/LoginLayout/LoginLayout'; +import TextInput from '../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; + +import './Login.scss'; +import { Helmet } from 'react-helmet'; + +export default function LoginForm() { + const { i18n } = useSelector(state => state.session); + const dispatch = useDispatch(); + const history = useHistory(); + const [loading, setLoading] = useState(false); + const [formValues, setFormValues] = useState({ + user: '', + password: '' + }); + const session = useSelector(state => state.session); + const [errorMessage, setErrorMessage] = useState(''); + + useEffect(() => { + if (session.error) { + setErrorMessage(session.error); + return; + } + + if (session.token && session.userName) { + history.push('/list/user/'); + } + }, [session]); + + const submitHandler = event => { + event.preventDefault(); + const { user, password } = formValues; + + setLoading(true); + + dispatch(login(user, password)) + .then((res) => { + setLoading(false); + }); + } + + const changeInputHandler = event => { + const { value, name } = event.target; + + setFormValues({ + ...formValues, + [name]: value + }); + } + + return ( +
    + + {`Vesta - ${i18n.LOGIN ?? 'LOGIN'}`} + + {loading && } +
    + +
    +
    + + Logo + +
    +
    + + + + {i18n['forgot password'] ?? 'forgot password'} + + )} + name="password" + type="password" + id="password" /> + + + +
    {errorMessage}
    +
    +
    + + + vestacp.com + +     +
    +
    + ); +} diff --git a/src/react/src/components/Mail/Add/AddMail.jsx b/src/react/src/components/Mail/Add/AddMail.jsx new file mode 100644 index 000000000..92378a714 --- /dev/null +++ b/src/react/src/components/Mail/Add/AddMail.jsx @@ -0,0 +1,142 @@ +import React, { useEffect, useState } from 'react'; + +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import { addMail } from '../../../ControlPanelService/Mail'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import Spinner from '../../Spinner/Spinner'; +import { useDispatch, useSelector } from 'react-redux'; + +import './AddMail.scss' +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const AddMail = props => { + const { i18n } = useSelector(state => state.session); + const dispatch = useDispatch(); + const token = localStorage.getItem("token"); + const history = useHistory(); + const [state, setState] = useState({ + loading: false, + antiSpamChecked: true, + antiVirusChecked: true, + dkimChecked: true, + okMessage: '', + errorMessage: '', + }); + + useEffect(() => { + dispatch(addActiveElement('/list/mail/')); + dispatch(removeFocusedElement()); + }, []); + + const submitFormHandler = event => { + event.preventDefault(); + let newMailDomain = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + newMailDomain[name] = value; + } + + if (Object.keys(newMailDomain).length !== 0 && newMailDomain.constructor === Object) { + setState({ ...state, loading: true }); + addMail(newMailDomain) + .then(result => { + if (result.status === 200) { + const { error_msg: errorMessage, ok_msg: okMessage } = result.data; + + if (errorMessage) { + setState({ ...state, errorMessage, okMessage, loading: false }); + } else { + dispatch(refreshCounters()).then(() => { + setState({ ...state, okMessage, errorMessage: '', loading: false }); + }); + } + } + }) + .catch(err => console.error(err)); + } + } + + return ( +
    + + {`Vesta - ${i18n.MAIL}`} + + +
    +
    {i18n['Adding Mail Domain']}
    +
    + + {state.errorMessage ? : ''} + {state.errorMessage} +
    +
    + + {state.okMessage ? : ''} + {HtmlParser(state.okMessage)} + +
    +     + + {state.loading ? : ( +
    submitFormHandler(event)}> + + + +
    + + +
    + +
    +
    + setState({ ...state, antiSpamChecked: event.target.checked })} + checked={state.antiSpamChecked} /> + +
    +
    + +
    +
    + setState({ ...state, antiVirusChecked: event.target.checked })} + checked={state.antiVirusChecked} /> + +
    +
    + +
    +
    + setState({ ...state, dkimChecked: event.target.checked })} + checked={state.dkimChecked} /> + +
    +
    + +
    + + +
    +
    + )} +     +
    + ); +} + +export default AddMail; \ No newline at end of file diff --git a/src/react/src/components/Mail/Add/AddMail.scss b/src/react/src/components/Mail/Add/AddMail.scss new file mode 100644 index 000000000..e69de29bb diff --git a/src/react/src/components/Mail/Edit/EditMail.jsx b/src/react/src/components/Mail/Edit/EditMail.jsx new file mode 100644 index 000000000..13b801809 --- /dev/null +++ b/src/react/src/components/Mail/Edit/EditMail.jsx @@ -0,0 +1,152 @@ +import React, { useEffect, useState } from 'react'; +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import Checkbox from '../../ControlPanel/AddItemLayout/Form/Checkbox/Checkbox'; +import { getMailInfo, updateMail } from '../../../ControlPanelService/Mail'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Spinner from '../../../components/Spinner/Spinner'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import QS from 'qs'; + +import './EditMail.scss'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const EditMail = props => { + const token = localStorage.getItem("token"); + const { i18n } = useSelector(state => state.session); + const history = useHistory(); + const dispatch = useDispatch(); + const [errorMessage, setErrorMessage] = useState(''); + const [okMessage, setOkMessage] = useState(''); + const [state, setState] = useState({ + data: {}, + loading: false + }); + + useEffect(() => { + let queryParams = QS.parse(history.location.search, { ignoreQueryPrefix: true }); + const { domain } = queryParams; + + dispatch(addActiveElement('/list/mail/')); + dispatch(removeFocusedElement()); + + if (domain) { + setState({ ...state, loading: true }); + fetchData(domain); + } + }, []); + + const fetchData = domain => { + getMailInfo(domain) + .then(response => { + setState({ + ...state, + data: response.data, + loading: false + }); + }) + .catch(err => { + setState({ ...state, loading: false }); + console.error(err); + }); + } + + const submitFormHandler = event => { + event.preventDefault(); + let updatedDomain = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + updatedDomain[name] = value; + } + + updatedDomain['v_domain'] = state.data.domain; + + if (Object.keys(updatedDomain).length !== 0 && updatedDomain.constructor === Object) { + setState({ ...state, loading: true }); + + updateMail(updatedDomain, state.data.domain) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + if (error_msg) { + setErrorMessage(error_msg); + setOkMessage(''); + } else { + dispatch(refreshCounters()).then(() => { + setErrorMessage(''); + setOkMessage(ok_msg); + }); + } + } + }) + .then(() => fetchData(state.data.domain)) + .catch(err => console.error(err)); + } + } + + return ( +
    + + {`Vesta - ${i18n.MAIL}`} + + +
    +
    {i18n['Editing Mail Domain']}
    +
    + + {errorMessage ? : ''} {errorMessage} + +
    +
    + + {okMessage ? : ''} {HtmlParser(okMessage)} + +
    +     + + {state.loading ? : +
    submitFormHandler(event)} id="edit-mail"> + + + + + + + + + + + + + +
    + + +
    + + + } +
    +
    + ); +} + +export default EditMail; \ No newline at end of file diff --git a/src/react/src/components/Mail/Edit/EditMail.scss b/src/react/src/components/Mail/Edit/EditMail.scss new file mode 100644 index 000000000..e69de29bb diff --git a/src/react/src/components/Mail/Mail.jsx b/src/react/src/components/Mail/Mail.jsx new file mode 100644 index 000000000..d3c9d7127 --- /dev/null +++ b/src/react/src/components/Mail/Mail.jsx @@ -0,0 +1,115 @@ +import React, { Component } from 'react'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Container from '../ControlPanel/Container/Container'; +import ListItem from '../ControlPanel/ListItem/ListItem'; +import { Link } from 'react-router-dom'; +import './Mail.scss'; +import { useSelector } from 'react-redux'; + +const Mail = props => { + const { data } = props; + const { i18n } = useSelector(state => state.session); + const token = localStorage.getItem("token"); + const printStat = (stat, text) => { + if (text === 'no') { + return
    {stat}
    ; + } + + return
    {stat}: {text}
    ; + } + + const toggleFav = (starred) => { + if (starred) { + props.toggleFav(props.data.NAME, 'add'); + } else { + props.toggleFav(props.data.NAME, 'delete'); + } + } + + const checkItem = () => { + props.checkItem(props.data.NAME); + } + + const handleSuspend = () => { + let suspendedStatus = data.SUSPENDED === 'yes' ? 'unsuspend' : 'suspend' === 'yes' ? 'unsuspend' : 'suspend'; + props.handleModal(data.suspend_conf, `/api/v1/${suspendedStatus}/mail/index.php?domain=${data.NAME}`); + } + + const handleDelete = () => { + props.handleModal(data.delete_conf, `/api/v1/delete/mail/index.php?domain=${data.NAME}`); + } + + return ( + + + +
    {data.NAME}
    +
    + +
    + {i18n.Disk} + {data.U_DISK}{i18n.mb} +
    +
    +     + + {printStat(i18n['AntiVirus Support'], data.ANTIVIRUS)} + {printStat(i18n['DKIM Support'], data.DKIM)} + + + {printStat(i18n['AntiSpam Support'], data.ANTISPAM)} +
    {i18n['Catchall email']}: {data.CATCHALL}
    +     +
    +     +
    +
    + + {data.list_accounts_button} + {data.FOCUSED ? L : } + +
    + +
    + + {i18n['add account']} + {data.FOCUSED ? N : } + +
    + +
    + + {i18n.edit} + {data.FOCUSED ? : } + +
    + +
    + +
    + +
    + +
    +
    +     + ); +} + +export default Mail; \ No newline at end of file diff --git a/src/react/src/components/Mail/Mail.scss b/src/react/src/components/Mail/Mail.scss new file mode 100644 index 000000000..452bf075f --- /dev/null +++ b/src/react/src/components/Mail/Mail.scss @@ -0,0 +1,7 @@ +.crossed { + text-decoration: line-through; +} + +.catchall-mail { + text-transform: none; +} diff --git a/src/react/src/components/MailAccount/Add/AddMailAccount.jsx b/src/react/src/components/MailAccount/Add/AddMailAccount.jsx new file mode 100644 index 000000000..8e68af96f --- /dev/null +++ b/src/react/src/components/MailAccount/Add/AddMailAccount.jsx @@ -0,0 +1,215 @@ +import React, { useEffect, useState } from 'react'; + +import TextInputWithExtraButton from 'src/components/ControlPanel/AddItemLayout/Form/TextInputWithExtraButton/TextInputWithExtraButton'; +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import TextInput from 'src/components/ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import Password from 'src/components/ControlPanel/AddItemLayout/Form/Password/Password'; +import TextArea from 'src/components/ControlPanel/AddItemLayout/Form/TextArea/TextArea'; +import Checkbox from 'src/components/ControlPanel/AddItemLayout/Form/Checkbox/Checkbox'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { addMailAccount, getMailList } from '../../../ControlPanelService/Mail'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import MailInfoBlock from '../MailInfoBlock/MailInfoBlock'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import { useHistory } from 'react-router-dom'; +import Spinner from '../../Spinner/Spinner'; +import { useDispatch, useSelector } from 'react-redux'; + +import './AddMailAccount.scss'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +export default function AddMailAccount(props) { + const { i18n } = useSelector(state => state.session); + const dispatch = useDispatch(); + const token = localStorage.getItem("token"); + const history = useHistory(); + const [state, setState] = useState({ + data: {}, + advancedOptions: false, + autoreplyChecked: false, + quotaValue: '', + loading: false, + password: '', + userName: '', + okMessage: '', + errorMessage: '', + }); + + useEffect(() => { + dispatch(addActiveElement(`/list/mail/`)); + dispatch(removeFocusedElement()); + + fetchData(); + }, []); + + const submitFormHandler = event => { + event.preventDefault(); + let newMailDomain = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + newMailDomain[name] = value; + } + + newMailDomain['ok_acc'] = 'add'; + newMailDomain['token'] = token; + newMailDomain['v_domain'] = props.domain; + newMailDomain['v_password'] = state.password; + + if (!newMailDomain['v_quota']) newMailDomain['v_quota'] = ''; + if (!newMailDomain['v_aliases']) newMailDomain['v_aliases'] = ''; + if (!newMailDomain['v_fwd']) newMailDomain['v_fwd'] = ''; + + if (Object.keys(newMailDomain).length !== 0 && newMailDomain.constructor === Object) { + setState({ ...state, loading: true }); + addMailAccount(newMailDomain, props.domain) + .then(result => { + if (result.status === 200) { + const { error_msg: errorMessage, ok_msg: okMessage } = result.data; + + if (errorMessage) { + setState({ ...state, errorMessage, okMessage, loading: false }); + } else { + dispatch(refreshCounters()).then(() => { + setState({ ...state, okMessage, errorMessage: '', loading: false }); + }); + } + } + }) + .catch(err => console.error(err)); + } + } + + const fetchData = () => { + setState({ ...state, loading: true }); + + getMailList() + .then(response => { + setState({ + ...state, + data: response.data, + errorMessage: response.data['error_msg'], + okMessage: response.data['ok_msg'], + loading: false + }); + }) + .catch(err => console.error(err)); + } + + const toggleOptions = () => { + setState({ ...state, advancedOptions: !state.advancedOptions }); + } + + const toggleQuotaValue = () => { + if (state.quotaValue !== 'unlimited') { + setState({ ...state, quotaValue: 'unlimited' }); + } else { + setState({ ...state, quotaValue: '' }); + } + } + + return ( +
    + + {`Vesta - ${i18n.MAIL}`} + + +
    +
    {i18n['Adding Mail Account']}
    +
    + + {state.errorMessage ? : ''} + {state.errorMessage} +
    +
    + + {state.okMessage ? : ''} + {HtmlParser(state.okMessage)} + +
    +     + + {state.loading ? : ( +
    submitFormHandler(event)}> +
    +
    + + + setState({ ...state, userName: e.target.value })} + name="v_account" + id="account" /> + + setState({ ...state, password })} /> +
    + +
    + +
    +
    + +
    + + + { + state.advancedOptions && ( + <> + + + + + +
    + + { + panel[userName]['DNS_DOMAINS'] !== '0' && ( + checkboxHandler('dnsSupport', checked)} + name="v_dns" + id="dns-support" + title={i18n['DNS Support'] ?? 'DNS Support'} + defaultChecked={state.dnsSupport} /> + ) + } + + { + panel[userName]['MAIL_DOMAINS'] !== '0' && ( + checkboxHandler('mailSupport', checked)} + name="v_mail" + id="mail-support" + title={i18n['Mail Support'] ?? 'Mail Support'} + defaultChecked={state.mailSupport} /> + ) + } + + { + session.PROXY_SYSTEM && ( + <> + checkboxHandler('proxySupport', checked)} + name="v_proxy" + id="proxy" + title={i18n['Proxy Support'] ?? 'Proxy Support'} + defaultChecked={state.proxySupport} /> + + { + state.proxySupport && (
    + +
    + +
    + + +
    +
    + ); +} + +export default SslSupport; diff --git a/src/react/src/components/WebDomain/Add/SslSupport/SslSupport.scss b/src/react/src/components/WebDomain/Add/SslSupport/SslSupport.scss new file mode 100644 index 000000000..7ea191a32 --- /dev/null +++ b/src/react/src/components/WebDomain/Add/SslSupport/SslSupport.scss @@ -0,0 +1,8 @@ +.ssl-support { + transform: translateX(3rem); + + .lets-encrypt-span { + font-style: italic; + color: #89a40a; + } +} \ No newline at end of file diff --git a/src/react/src/components/WebDomain/Edit/EditWeb.jsx b/src/react/src/components/WebDomain/Edit/EditWeb.jsx new file mode 100644 index 000000000..e38e5d181 --- /dev/null +++ b/src/react/src/components/WebDomain/Edit/EditWeb.jsx @@ -0,0 +1,358 @@ +import React, { useEffect, useState } from 'react'; +import { addActiveElement, removeFocusedElement } from "../../../actions/MainNavigation/mainNavigationActions"; +import { updateWebDomain, getDomainInfo } from '../../../ControlPanelService/Web'; +import Password from '../../../components/ControlPanel/AddItemLayout/Form/Password/Password'; +import SelectInput from '../../ControlPanel/AddItemLayout/Form/SelectInput/SelectInput'; +import AdditionalFtpWrapper from '../Add/AdditionalFtpWrapper/AdditionalFtpWrapper'; +import TextInput from '../../ControlPanel/AddItemLayout/Form/TextInput/TextInput'; +import Checkbox from '../../ControlPanel/AddItemLayout/Form/Checkbox/Checkbox'; +import AddItemLayout from '../../ControlPanel/AddItemLayout/AddItemLayout'; +import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; +import Spinner from '../../../components/Spinner/Spinner'; +import Toolbar from '../../MainNav/Toolbar/Toolbar'; +import SslSupport from './SslSupport/SslSupport'; +import { useHistory } from 'react-router-dom'; +import { useDispatch, useSelector } from 'react-redux'; +import GenerateSSL from 'src/containers/GenerateCSR'; +import 'src/components/Modal/Modal.scss'; +import QS from 'qs'; + +import './EditWeb.scss'; +import TextArea from '../../ControlPanel/AddItemLayout/Form/TextArea/TextArea'; +import { Helmet } from 'react-helmet'; +import { refreshCounters } from 'src/actions/MenuCounters/menuCounterActions'; +import HtmlParser from 'react-html-parser'; + +const EditWeb = props => { + const token = localStorage.getItem("token"); + const { i18n } = useSelector(state => state.session); + const { session } = useSelector(state => state.userSession); + const history = useHistory(); + const dispatch = useDispatch(); + const [errorMessage, setErrorMessage] = useState(''); + const [modalVisible, setModalVisible] = useState(false); + const [okMessage, setOkMessage] = useState(''); + const [state, setState] = useState({ + data: {}, + domain: '', + webStat: '', + sslSupport: false, + letsEncrypt: false, + additionalFtp: false, + proxySupport: false, + statAuth: false, + loading: false + }); + + useEffect(() => { + let queryParams = QS.parse(history.location.search, { ignoreQueryPrefix: true }); + const { domain } = queryParams; + + dispatch(addActiveElement('/list/web/')); + dispatch(removeFocusedElement()); + + if (domain) { + setState({ ...state, loading: true }); + fetchData(domain); + } + }, []); + + const fetchData = domain => { + getDomainInfo(domain) + .then(response => { + setState({ + ...state, + domain, + webStat: response.data.v_stats ? response.data.v_stats : 'none', + sslSupport: response.data.ssl === 'yes', + letsEncrypt: response.data.letsencrypt === 'yes', + proxySupport: !!response.data.proxy, + data: response.data, + additionalFtp: !!response.data.ftp_user, + statAuth: response.data.stats_user, + loading: false + }); + }) + .catch(err => console.error(err)); + } + + const submitFormHandler = event => { + event.preventDefault(); + let updatedDomain = {}; + + for (var [name, value] of (new FormData(event.target)).entries()) { + updatedDomain[name] = value; + } + + updatedDomain['v_domain'] = state.domain; + + if (updatedDomain['v_ssl'] === 'on') { + updatedDomain['v_ssl'] = 'yes'; + } else { + delete updatedDomain['v_ssl']; + } + + if (updatedDomain['v_letsencrypt'] === 'on') { + updatedDomain['v_letsencrypt'] = 'yes'; + } else { + delete updatedDomain['v_letsencrypt']; + } + + if (!updatedDomain['v_ssl_ca']) { + delete updatedDomain['v_ssl_ca']; + } + + if (!updatedDomain['v_ssl_crt']) { + delete updatedDomain['v_ssl_crt']; + } + + if (!updatedDomain['v_ssl_key']) { + delete updatedDomain['v_ssl_key']; + } + + if (Object.keys(updatedDomain).length !== 0 && updatedDomain.constructor === Object) { + setState({ ...state, loading: true }); + + updateWebDomain(updatedDomain, state.domain) + .then(result => { + if (result.status === 200) { + const { error_msg, ok_msg } = result.data; + + if (error_msg) { + setErrorMessage(error_msg); + setOkMessage(''); + setState({ ...state, loading: false }); + } else { + dispatch(refreshCounters()).then(() => { + setErrorMessage(''); + setOkMessage(ok_msg); + fetchData(state.domain); + }); + } + } + }) + .catch(err => console.error(err)); + } + } + + const formatData = object => { + let result = []; + + for (let i in object) { + result.push(i); + } + + return result; + } + + const onChangeSslSupport = checked => { + setState({ ...state, sslSupport: checked }); + } + + const onChangeProxySupport = checked => { + setState({ ...state, proxySupport: checked }); + } + + const onChangeWebStats = webStat => { + setState({ ...state, webStat }); + } + + const onChangeStatisticsAuth = statAuth => { + setState({ ...state, statAuth }); + } + + const onChangeAdditionalFtp = additionalFtp => { + setState({ ...state, additionalFtp }); + } + + return ( +
    + + {`Vesta - ${i18n.WEB}`} + + +
    +
    {i18n['Editing Domain']}
    +
    {errorMessage ? : ''} {errorMessage}
    +
    + {okMessage ? : ''} {HtmlParser(okMessage)} +
    +     + + {state.loading ? : + submitFormHandler(event)} id="add-web"> + + + + + + + + ",g.noCloneChecked=!!e.cloneNode(!0).lastChild.defaultValue,e.innerHTML="",g.option=!!e.lastChild}();var ge={thead:[1,"","
    "],col:[2,"","
    "],tr:[2,"","
    "],td:[3,"","
    "],_default:[0,"",""]};function ve(e,t){var n;return n="undefined"!==typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!==typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?k.merge([e],n):n}function ye(e,t){for(var n=0,r=e.length;n",""]);var be=/<|&#?\w+;/;function we(e,t,n,r,i){for(var o,a,s,l,c,u,f=t.createDocumentFragment(),d=[],p=0,h=e.length;p-1)i&&i.push(o);else if(c=ae(o),a=ve(f.appendChild(o),"script"),c&&ye(a),n)for(u=0;o=a[u++];)me.test(o.type||"")&&n.push(o);return f}var xe=/^key/,_e=/^(?:mouse|pointer|contextmenu|drag|drop)|click/,ke=/^([^.]*)(?:\.(.+)|)/;function Se(){return!0}function Ee(){return!1}function Te(e,t){return e===function(){try{return b.activeElement}catch(e){}}()===("focus"===t)}function Ce(e,t,n,r,i,o){var a,s;if("object"===typeof t){for(s in"string"!==typeof n&&(r=r||n,n=void 0),t)Ce(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"===typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),!1===i)i=Ee;else if(!i)return e;return 1===o&&(a=i,(i=function(e){return k().off(e),a.apply(this,arguments)}).guid=a.guid||(a.guid=k.guid++)),e.each((function(){k.event.add(this,t,i,r,n)}))}function Oe(e,t,n){n?(Q.set(e,t,!1),k.event.add(e,t,{namespace:!1,handler:function(e){var r,i,o=Q.get(this,t);if(1&e.isTrigger&&this[t]){if(o.length)(k.event.special[t]||{}).delegateType&&e.stopPropagation();else if(o=s.call(arguments),Q.set(this,t,o),r=n(this,t),this[t](),o!==(i=Q.get(this,t))||r?Q.set(this,t,!1):i={},o!==i)return e.stopImmediatePropagation(),e.preventDefault(),i.value}else o.length&&(Q.set(this,t,{value:k.event.trigger(k.extend(o[0],k.Event.prototype),o.slice(1),this)}),e.stopImmediatePropagation())}})):void 0===Q.get(e,t)&&k.event.add(e,t,Se)}k.event={global:{},add:function(e,t,n,r,i){var o,a,s,l,c,u,f,d,p,h,m,g=Q.get(e);if(G(e))for(n.handler&&(n=(o=n).handler,i=o.selector),i&&k.find.matchesSelector(oe,i),n.guid||(n.guid=k.guid++),(l=g.events)||(l=g.events=Object.create(null)),(a=g.handle)||(a=g.handle=function(t){return k.event.triggered!==t.type?k.event.dispatch.apply(e,arguments):void 0}),c=(t=(t||"").match(R)||[""]).length;c--;)p=m=(s=ke.exec(t[c])||[])[1],h=(s[2]||"").split(".").sort(),p&&(f=k.event.special[p]||{},p=(i?f.delegateType:f.bindType)||p,f=k.event.special[p]||{},u=k.extend({type:p,origType:m,data:r,handler:n,guid:n.guid,selector:i,needsContext:i&&k.expr.match.needsContext.test(i),namespace:h.join(".")},o),(d=l[p])||((d=l[p]=[]).delegateCount=0,f.setup&&!1!==f.setup.call(e,r,h,a)||e.addEventListener&&e.addEventListener(p,a)),f.add&&(f.add.call(e,u),u.handler.guid||(u.handler.guid=n.guid)),i?d.splice(d.delegateCount++,0,u):d.push(u),k.event.global[p]=!0)},remove:function(e,t,n,r,i){var o,a,s,l,c,u,f,d,p,h,m,g=Q.hasData(e)&&Q.get(e);if(g&&(l=g.events)){for(c=(t=(t||"").match(R)||[""]).length;c--;)if(p=m=(s=ke.exec(t[c])||[])[1],h=(s[2]||"").split(".").sort(),p){for(f=k.event.special[p]||{},d=l[p=(r?f.delegateType:f.bindType)||p]||[],s=s[2]&&new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),a=o=d.length;o--;)u=d[o],!i&&m!==u.origType||n&&n.guid!==u.guid||s&&!s.test(u.namespace)||r&&r!==u.selector&&("**"!==r||!u.selector)||(d.splice(o,1),u.selector&&d.delegateCount--,f.remove&&f.remove.call(e,u));a&&!d.length&&(f.teardown&&!1!==f.teardown.call(e,h,g.handle)||k.removeEvent(e,p,g.handle),delete l[p])}else for(p in l)k.event.remove(e,p+t[c],n,r,!0);k.isEmptyObject(l)&&Q.remove(e,"handle events")}},dispatch:function(e){var t,n,r,i,o,a,s=new Array(arguments.length),l=k.event.fix(e),c=(Q.get(this,"events")||Object.create(null))[l.type]||[],u=k.event.special[l.type]||{};for(s[0]=l,t=1;t=1))for(;c!==this;c=c.parentNode||this)if(1===c.nodeType&&("click"!==e.type||!0!==c.disabled)){for(o=[],a={},n=0;n-1:k.find(i,this,null,[c]).length),a[i]&&o.push(r);o.length&&s.push({elem:c,handlers:o})}return c=this,l\s*$/g;function De(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&k(e).children("tbody")[0]||e}function Me(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function Pe(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function je(e,t){var n,r,i,o,a,s;if(1===t.nodeType){if(Q.hasData(e)&&(s=Q.get(e).events))for(i in Q.remove(t,"handle events"),s)for(n=0,r=s[i].length;n1&&"string"===typeof h&&!g.checkClone&&Ne.test(h))return e.each((function(i){var o=e.eq(i);m&&(t[0]=h.call(this,i,o.html())),Re(o,t,n,r)}));if(d&&(o=(i=we(t,e[0].ownerDocument,!1,e,r)).firstChild,1===i.childNodes.length&&(i=o),o||r)){for(s=(a=k.map(ve(i,"script"),Me)).length;f0&&ye(a,!l&&ve(e,"script")),s},cleanData:function(e){for(var t,n,r,i=k.event.special,o=0;void 0!==(n=e[o]);o++)if(G(n)){if(t=n[Q.expando]){if(t.events)for(r in t.events)i[r]?k.event.remove(n,r):k.removeEvent(n,r,t.handle);n[Q.expando]=void 0}n[J.expando]&&(n[J.expando]=void 0)}}}),k.fn.extend({detach:function(e){return qe(this,e,!0)},remove:function(e){return qe(this,e)},text:function(e){return W(this,(function(e){return void 0===e?k.text(this):this.empty().each((function(){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||(this.textContent=e)}))}),null,e,arguments.length)},append:function(){return Re(this,arguments,(function(e){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||De(this,e).appendChild(e)}))},prepend:function(){return Re(this,arguments,(function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=De(this,e);t.insertBefore(e,t.firstChild)}}))},before:function(){return Re(this,arguments,(function(e){this.parentNode&&this.parentNode.insertBefore(e,this)}))},after:function(){return Re(this,arguments,(function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)}))},empty:function(){for(var e,t=0;null!=(e=this[t]);t++)1===e.nodeType&&(k.cleanData(ve(e,!1)),e.textContent="");return this},clone:function(e,t){return e=null!=e&&e,t=null==t?e:t,this.map((function(){return k.clone(this,e,t)}))},html:function(e){return W(this,(function(e){var t=this[0]||{},n=0,r=this.length;if(void 0===e&&1===t.nodeType)return t.innerHTML;if("string"===typeof e&&!Ae.test(e)&&!ge[(he.exec(e)||["",""])[1].toLowerCase()]){e=k.htmlPrefilter(e);try{for(;n3,oe.removeChild(e)),s}}))}();var Ve=["Webkit","Moz","ms"],Ye=b.createElement("div").style,$e={};function Xe(e){var t=k.cssProps[e]||$e[e];return t||(e in Ye?e:$e[e]=function(e){for(var t=e[0].toUpperCase()+e.slice(1),n=Ve.length;n--;)if((e=Ve[n]+t)in Ye)return e}(e)||e)}var Ge=/^(none|table(?!-c[ea]).+)/,Ke=/^--/,Qe={position:"absolute",visibility:"hidden",display:"block"},Je={letterSpacing:"0",fontWeight:"400"};function Ze(e,t,n){var r=re.exec(t);return r?Math.max(0,r[2]-(n||0))+(r[3]||"px"):t}function et(e,t,n,r,i,o){var a="width"===t?1:0,s=0,l=0;if(n===(r?"border":"content"))return 0;for(;a<4;a+=2)"margin"===n&&(l+=k.css(e,n+ie[a],!0,i)),r?("content"===n&&(l-=k.css(e,"padding"+ie[a],!0,i)),"margin"!==n&&(l-=k.css(e,"border"+ie[a]+"Width",!0,i))):(l+=k.css(e,"padding"+ie[a],!0,i),"padding"!==n?l+=k.css(e,"border"+ie[a]+"Width",!0,i):s+=k.css(e,"border"+ie[a]+"Width",!0,i));return!r&&o>=0&&(l+=Math.max(0,Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-o-l-s-.5))||0),l}function tt(e,t,n){var r=ze(e),i=(!g.boxSizingReliable()||n)&&"border-box"===k.css(e,"boxSizing",!1,r),o=i,a=Ue(e,t,r),s="offset"+t[0].toUpperCase()+t.slice(1);if(Fe.test(a)){if(!n)return a;a="auto"}return(!g.boxSizingReliable()&&i||!g.reliableTrDimensions()&&A(e,"tr")||"auto"===a||!parseFloat(a)&&"inline"===k.css(e,"display",!1,r))&&e.getClientRects().length&&(i="border-box"===k.css(e,"boxSizing",!1,r),(o=s in e)&&(a=e[s])),(a=parseFloat(a)||0)+et(e,t,n||(i?"border":"content"),o,r,a)+"px"}function nt(e,t,n,r,i){return new nt.prototype.init(e,t,n,r,i)}k.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=Ue(e,"opacity");return""===n?"1":n}}}},cssNumber:{animationIterationCount:!0,columnCount:!0,fillOpacity:!0,flexGrow:!0,flexShrink:!0,fontWeight:!0,gridArea:!0,gridColumn:!0,gridColumnEnd:!0,gridColumnStart:!0,gridRow:!0,gridRowEnd:!0,gridRowStart:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{},style:function(e,t,n,r){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var i,o,a,s=X(t),l=Ke.test(t),c=e.style;if(l||(t=Xe(s)),a=k.cssHooks[t]||k.cssHooks[s],void 0===n)return a&&"get"in a&&void 0!==(i=a.get(e,!1,r))?i:c[t];"string"===(o=typeof n)&&(i=re.exec(n))&&i[1]&&(n=ce(e,t,i),o="number"),null!=n&&n===n&&("number"!==o||l||(n+=i&&i[3]||(k.cssNumber[s]?"":"px")),g.clearCloneStyle||""!==n||0!==t.indexOf("background")||(c[t]="inherit"),a&&"set"in a&&void 0===(n=a.set(e,n,r))||(l?c.setProperty(t,n):c[t]=n))}},css:function(e,t,n,r){var i,o,a,s=X(t);return Ke.test(t)||(t=Xe(s)),(a=k.cssHooks[t]||k.cssHooks[s])&&"get"in a&&(i=a.get(e,!0,n)),void 0===i&&(i=Ue(e,t,r)),"normal"===i&&t in Je&&(i=Je[t]),""===n||n?(o=parseFloat(i),!0===n||isFinite(o)?o||0:i):i}}),k.each(["height","width"],(function(e,t){k.cssHooks[t]={get:function(e,n,r){if(n)return!Ge.test(k.css(e,"display"))||e.getClientRects().length&&e.getBoundingClientRect().width?tt(e,t,r):He(e,Qe,(function(){return tt(e,t,r)}))},set:function(e,n,r){var i,o=ze(e),a=!g.scrollboxSize()&&"absolute"===o.position,s=(a||r)&&"border-box"===k.css(e,"boxSizing",!1,o),l=r?et(e,t,r,s,o):0;return s&&a&&(l-=Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-parseFloat(o[t])-et(e,t,"border",!1,o)-.5)),l&&(i=re.exec(n))&&"px"!==(i[3]||"px")&&(e.style[t]=n,n=k.css(e,t)),Ze(0,n,l)}}})),k.cssHooks.marginLeft=We(g.reliableMarginLeft,(function(e,t){if(t)return(parseFloat(Ue(e,"marginLeft"))||e.getBoundingClientRect().left-He(e,{marginLeft:0},(function(){return e.getBoundingClientRect().left})))+"px"})),k.each({margin:"",padding:"",border:"Width"},(function(e,t){k.cssHooks[e+t]={expand:function(n){for(var r=0,i={},o="string"===typeof n?n.split(" "):[n];r<4;r++)i[e+ie[r]+t]=o[r]||o[r-2]||o[0];return i}},"margin"!==e&&(k.cssHooks[e+t].set=Ze)})),k.fn.extend({css:function(e,t){return W(this,(function(e,t,n){var r,i,o={},a=0;if(Array.isArray(t)){for(r=ze(e),i=t.length;a1)}}),k.Tween=nt,nt.prototype={constructor:nt,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||k.easing._default,this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(k.cssNumber[n]?"":"px")},cur:function(){var e=nt.propHooks[this.prop];return e&&e.get?e.get(this):nt.propHooks._default.get(this)},run:function(e){var t,n=nt.propHooks[this.prop];return this.options.duration?this.pos=t=k.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):nt.propHooks._default.set(this),this}},nt.prototype.init.prototype=nt.prototype,nt.propHooks={_default:{get:function(e){var t;return 1!==e.elem.nodeType||null!=e.elem[e.prop]&&null==e.elem.style[e.prop]?e.elem[e.prop]:(t=k.css(e.elem,e.prop,""))&&"auto"!==t?t:0},set:function(e){k.fx.step[e.prop]?k.fx.step[e.prop](e):1!==e.elem.nodeType||!k.cssHooks[e.prop]&&null==e.elem.style[Xe(e.prop)]?e.elem[e.prop]=e.now:k.style(e.elem,e.prop,e.now+e.unit)}}},nt.propHooks.scrollTop=nt.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},k.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2},_default:"swing"},(k.fx=nt.prototype.init).step={};var rt,it,ot=/^(?:toggle|show|hide)$/,at=/queueHooks$/;function st(){it&&(!1===b.hidden&&n.requestAnimationFrame?n.requestAnimationFrame(st):n.setTimeout(st,k.fx.interval),k.fx.tick())}function lt(){return n.setTimeout((function(){rt=void 0})),rt=Date.now()}function ct(e,t){var n,r=0,i={height:e};for(t=t?1:0;r<4;r+=2-t)i["margin"+(n=ie[r])]=i["padding"+n]=e;return t&&(i.opacity=i.width=e),i}function ut(e,t,n){for(var r,i=(ft.tweeners[t]||[]).concat(ft.tweeners["*"]),o=0,a=i.length;o1)},removeAttr:function(e){return this.each((function(){k.removeAttr(this,e)}))}}),k.extend({attr:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return"undefined"===typeof e.getAttribute?k.prop(e,t,n):(1===o&&k.isXMLDoc(e)||(i=k.attrHooks[t.toLowerCase()]||(k.expr.match.bool.test(t)?dt:void 0)),void 0!==n?null===n?void k.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):i&&"get"in i&&null!==(r=i.get(e,t))?r:null==(r=k.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){if(!g.radioValue&&"radio"===t&&A(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},removeAttr:function(e,t){var n,r=0,i=t&&t.match(R);if(i&&1===e.nodeType)for(;n=i[r++];)e.removeAttribute(n)}}),dt={set:function(e,t,n){return!1===t?k.removeAttr(e,n):e.setAttribute(n,n),n}},k.each(k.expr.match.bool.source.match(/\w+/g),(function(e,t){var n=pt[t]||k.find.attr;pt[t]=function(e,t,r){var i,o,a=t.toLowerCase();return r||(o=pt[a],pt[a]=i,i=null!=n(e,t,r)?a:null,pt[a]=o),i}}));var ht=/^(?:input|select|textarea|button)$/i,mt=/^(?:a|area)$/i;function gt(e){return(e.match(R)||[]).join(" ")}function vt(e){return e.getAttribute&&e.getAttribute("class")||""}function yt(e){return Array.isArray(e)?e:"string"===typeof e&&e.match(R)||[]}k.fn.extend({prop:function(e,t){return W(this,k.prop,e,t,arguments.length>1)},removeProp:function(e){return this.each((function(){delete this[k.propFix[e]||e]}))}}),k.extend({prop:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return 1===o&&k.isXMLDoc(e)||(t=k.propFix[t]||t,i=k.propHooks[t]),void 0!==n?i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:e[t]=n:i&&"get"in i&&null!==(r=i.get(e,t))?r:e[t]},propHooks:{tabIndex:{get:function(e){var t=k.find.attr(e,"tabindex");return t?parseInt(t,10):ht.test(e.nodeName)||mt.test(e.nodeName)&&e.href?0:-1}}},propFix:{for:"htmlFor",class:"className"}}),g.optSelected||(k.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex)}}),k.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],(function(){k.propFix[this.toLowerCase()]=this})),k.fn.extend({addClass:function(e){var t,n,r,i,o,a,s,l=0;if(v(e))return this.each((function(t){k(this).addClass(e.call(this,t,vt(this)))}));if((t=yt(e)).length)for(;n=this[l++];)if(i=vt(n),r=1===n.nodeType&&" "+gt(i)+" "){for(a=0;o=t[a++];)r.indexOf(" "+o+" ")<0&&(r+=o+" ");i!==(s=gt(r))&&n.setAttribute("class",s)}return this},removeClass:function(e){var t,n,r,i,o,a,s,l=0;if(v(e))return this.each((function(t){k(this).removeClass(e.call(this,t,vt(this)))}));if(!arguments.length)return this.attr("class","");if((t=yt(e)).length)for(;n=this[l++];)if(i=vt(n),r=1===n.nodeType&&" "+gt(i)+" "){for(a=0;o=t[a++];)for(;r.indexOf(" "+o+" ")>-1;)r=r.replace(" "+o+" "," ");i!==(s=gt(r))&&n.setAttribute("class",s)}return this},toggleClass:function(e,t){var n=typeof e,r="string"===n||Array.isArray(e);return"boolean"===typeof t&&r?t?this.addClass(e):this.removeClass(e):v(e)?this.each((function(n){k(this).toggleClass(e.call(this,n,vt(this),t),t)})):this.each((function(){var t,i,o,a;if(r)for(i=0,o=k(this),a=yt(e);t=a[i++];)o.hasClass(t)?o.removeClass(t):o.addClass(t);else void 0!==e&&"boolean"!==n||((t=vt(this))&&Q.set(this,"__className__",t),this.setAttribute&&this.setAttribute("class",t||!1===e?"":Q.get(this,"__className__")||""))}))},hasClass:function(e){var t,n,r=0;for(t=" "+e+" ";n=this[r++];)if(1===n.nodeType&&(" "+gt(vt(n))+" ").indexOf(t)>-1)return!0;return!1}});var bt=/\r/g;k.fn.extend({val:function(e){var t,n,r,i=this[0];return arguments.length?(r=v(e),this.each((function(n){var i;1===this.nodeType&&(null==(i=r?e.call(this,n,k(this).val()):e)?i="":"number"===typeof i?i+="":Array.isArray(i)&&(i=k.map(i,(function(e){return null==e?"":e+""}))),(t=k.valHooks[this.type]||k.valHooks[this.nodeName.toLowerCase()])&&"set"in t&&void 0!==t.set(this,i,"value")||(this.value=i))}))):i?(t=k.valHooks[i.type]||k.valHooks[i.nodeName.toLowerCase()])&&"get"in t&&void 0!==(n=t.get(i,"value"))?n:"string"===typeof(n=i.value)?n.replace(bt,""):null==n?"":n:void 0}}),k.extend({valHooks:{option:{get:function(e){var t=k.find.attr(e,"value");return null!=t?t:gt(k.text(e))}},select:{get:function(e){var t,n,r,i=e.options,o=e.selectedIndex,a="select-one"===e.type,s=a?null:[],l=a?o+1:i.length;for(r=o<0?l:a?o:0;r-1)&&(n=!0);return n||(e.selectedIndex=-1),o}}}}),k.each(["radio","checkbox"],(function(){k.valHooks[this]={set:function(e,t){if(Array.isArray(t))return e.checked=k.inArray(k(e).val(),t)>-1}},g.checkOn||(k.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})})),g.focusin="onfocusin"in n;var wt=/^(?:focusinfocus|focusoutblur)$/,xt=function(e){e.stopPropagation()};k.extend(k.event,{trigger:function(e,t,r,i){var o,a,s,l,c,u,f,d,h=[r||b],m=p.call(e,"type")?e.type:e,g=p.call(e,"namespace")?e.namespace.split("."):[];if(a=d=s=r=r||b,3!==r.nodeType&&8!==r.nodeType&&!wt.test(m+k.event.triggered)&&(m.indexOf(".")>-1&&(g=m.split("."),m=g.shift(),g.sort()),c=m.indexOf(":")<0&&"on"+m,(e=e[k.expando]?e:new k.Event(m,"object"===typeof e&&e)).isTrigger=i?2:3,e.namespace=g.join("."),e.rnamespace=e.namespace?new RegExp("(^|\\.)"+g.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,e.result=void 0,e.target||(e.target=r),t=null==t?[e]:k.makeArray(t,[e]),f=k.event.special[m]||{},i||!f.trigger||!1!==f.trigger.apply(r,t))){if(!i&&!f.noBubble&&!y(r)){for(l=f.delegateType||m,wt.test(l+m)||(a=a.parentNode);a;a=a.parentNode)h.push(a),s=a;s===(r.ownerDocument||b)&&h.push(s.defaultView||s.parentWindow||n)}for(o=0;(a=h[o++])&&!e.isPropagationStopped();)d=a,e.type=o>1?l:f.bindType||m,(u=(Q.get(a,"events")||Object.create(null))[e.type]&&Q.get(a,"handle"))&&u.apply(a,t),(u=c&&a[c])&&u.apply&&G(a)&&(e.result=u.apply(a,t),!1===e.result&&e.preventDefault());return e.type=m,i||e.isDefaultPrevented()||f._default&&!1!==f._default.apply(h.pop(),t)||!G(r)||c&&v(r[m])&&!y(r)&&((s=r[c])&&(r[c]=null),k.event.triggered=m,e.isPropagationStopped()&&d.addEventListener(m,xt),r[m](),e.isPropagationStopped()&&d.removeEventListener(m,xt),k.event.triggered=void 0,s&&(r[c]=s)),e.result}},simulate:function(e,t,n){var r=k.extend(new k.Event,n,{type:e,isSimulated:!0});k.event.trigger(r,null,t)}}),k.fn.extend({trigger:function(e,t){return this.each((function(){k.event.trigger(e,t,this)}))},triggerHandler:function(e,t){var n=this[0];if(n)return k.event.trigger(e,t,n,!0)}}),g.focusin||k.each({focus:"focusin",blur:"focusout"},(function(e,t){var n=function(e){k.event.simulate(t,e.target,k.event.fix(e))};k.event.special[t]={setup:function(){var r=this.ownerDocument||this.document||this,i=Q.access(r,t);i||r.addEventListener(e,n,!0),Q.access(r,t,(i||0)+1)},teardown:function(){var r=this.ownerDocument||this.document||this,i=Q.access(r,t)-1;i?Q.access(r,t,i):(r.removeEventListener(e,n,!0),Q.remove(r,t))}}}));var _t=n.location,kt={guid:Date.now()},St=/\?/;k.parseXML=function(e){var t;if(!e||"string"!==typeof e)return null;try{t=(new n.DOMParser).parseFromString(e,"text/xml")}catch(r){t=void 0}return t&&!t.getElementsByTagName("parsererror").length||k.error("Invalid XML: "+e),t};var Et=/\[\]$/,Tt=/\r?\n/g,Ct=/^(?:submit|button|image|reset|file)$/i,Ot=/^(?:input|select|textarea|keygen)/i;function At(e,t,n,r){var i;if(Array.isArray(t))k.each(t,(function(t,i){n||Et.test(e)?r(e,i):At(e+"["+("object"===typeof i&&null!=i?t:"")+"]",i,n,r)}));else if(n||"object"!==_(t))r(e,t);else for(i in t)At(e+"["+i+"]",t[i],n,r)}k.param=function(e,t){var n,r=[],i=function(e,t){var n=v(t)?t():t;r[r.length]=encodeURIComponent(e)+"="+encodeURIComponent(null==n?"":n)};if(null==e)return"";if(Array.isArray(e)||e.jquery&&!k.isPlainObject(e))k.each(e,(function(){i(this.name,this.value)}));else for(n in e)At(n,e[n],t,i);return r.join("&")},k.fn.extend({serialize:function(){return k.param(this.serializeArray())},serializeArray:function(){return this.map((function(){var e=k.prop(this,"elements");return e?k.makeArray(e):this})).filter((function(){var e=this.type;return this.name&&!k(this).is(":disabled")&&Ot.test(this.nodeName)&&!Ct.test(e)&&(this.checked||!pe.test(e))})).map((function(e,t){var n=k(this).val();return null==n?null:Array.isArray(n)?k.map(n,(function(e){return{name:t.name,value:e.replace(Tt,"\r\n")}})):{name:t.name,value:n.replace(Tt,"\r\n")}})).get()}});var Nt=/%20/g,Lt=/#.*$/,Dt=/([?&])_=[^&]*/,Mt=/^(.*?):[ \t]*([^\r\n]*)$/gm,Pt=/^(?:GET|HEAD)$/,jt=/^\/\//,It={},Rt={},qt="*/".concat("*"),Ft=b.createElement("a");function zt(e){return function(t,n){"string"!==typeof t&&(n=t,t="*");var r,i=0,o=t.toLowerCase().match(R)||[];if(v(n))for(;r=o[i++];)"+"===r[0]?(r=r.slice(1)||"*",(e[r]=e[r]||[]).unshift(n)):(e[r]=e[r]||[]).push(n)}}function Ht(e,t,n,r){var i={},o=e===Rt;function a(s){var l;return i[s]=!0,k.each(e[s]||[],(function(e,s){var c=s(t,n,r);return"string"!==typeof c||o||i[c]?o?!(l=c):void 0:(t.dataTypes.unshift(c),a(c),!1)})),l}return a(t.dataTypes[0])||!i["*"]&&a("*")}function Bt(e,t){var n,r,i=k.ajaxSettings.flatOptions||{};for(n in t)void 0!==t[n]&&((i[n]?e:r||(r={}))[n]=t[n]);return r&&k.extend(!0,e,r),e}Ft.href=_t.href,k.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:_t.href,type:"GET",isLocal:/^(?:about|app|app-storage|.+-extension|file|res|widget):$/.test(_t.protocol),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":qt,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/\bxml\b/,html:/\bhtml/,json:/\bjson\b/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":JSON.parse,"text xml":k.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?Bt(Bt(e,k.ajaxSettings),t):Bt(k.ajaxSettings,e)},ajaxPrefilter:zt(It),ajaxTransport:zt(Rt),ajax:function(e,t){"object"===typeof e&&(t=e,e=void 0);var r,i,o,a,s,l,c,u,f,d,p=k.ajaxSetup({},t=t||{}),h=p.context||p,m=p.context&&(h.nodeType||h.jquery)?k(h):k.event,g=k.Deferred(),v=k.Callbacks("once memory"),y=p.statusCode||{},w={},x={},_="canceled",S={readyState:0,getResponseHeader:function(e){var t;if(c){if(!a)for(a={};t=Mt.exec(o);)a[t[1].toLowerCase()+" "]=(a[t[1].toLowerCase()+" "]||[]).concat(t[2]);t=a[e.toLowerCase()+" "]}return null==t?null:t.join(", ")},getAllResponseHeaders:function(){return c?o:null},setRequestHeader:function(e,t){return null==c&&(e=x[e.toLowerCase()]=x[e.toLowerCase()]||e,w[e]=t),this},overrideMimeType:function(e){return null==c&&(p.mimeType=e),this},statusCode:function(e){var t;if(e)if(c)S.always(e[S.status]);else for(t in e)y[t]=[y[t],e[t]];return this},abort:function(e){var t=e||_;return r&&r.abort(t),E(0,t),this}};if(g.promise(S),p.url=((e||p.url||_t.href)+"").replace(jt,_t.protocol+"//"),p.type=t.method||t.type||p.method||p.type,p.dataTypes=(p.dataType||"*").toLowerCase().match(R)||[""],null==p.crossDomain){l=b.createElement("a");try{l.href=p.url,l.href=l.href,p.crossDomain=Ft.protocol+"//"+Ft.host!==l.protocol+"//"+l.host}catch(T){p.crossDomain=!0}}if(p.data&&p.processData&&"string"!==typeof p.data&&(p.data=k.param(p.data,p.traditional)),Ht(It,p,t,S),c)return S;for(f in(u=k.event&&p.global)&&0===k.active++&&k.event.trigger("ajaxStart"),p.type=p.type.toUpperCase(),p.hasContent=!Pt.test(p.type),i=p.url.replace(Lt,""),p.hasContent?p.data&&p.processData&&0===(p.contentType||"").indexOf("application/x-www-form-urlencoded")&&(p.data=p.data.replace(Nt,"+")):(d=p.url.slice(i.length),p.data&&(p.processData||"string"===typeof p.data)&&(i+=(St.test(i)?"&":"?")+p.data,delete p.data),!1===p.cache&&(i=i.replace(Dt,"$1"),d=(St.test(i)?"&":"?")+"_="+kt.guid+++d),p.url=i+d),p.ifModified&&(k.lastModified[i]&&S.setRequestHeader("If-Modified-Since",k.lastModified[i]),k.etag[i]&&S.setRequestHeader("If-None-Match",k.etag[i])),(p.data&&p.hasContent&&!1!==p.contentType||t.contentType)&&S.setRequestHeader("Content-Type",p.contentType),S.setRequestHeader("Accept",p.dataTypes[0]&&p.accepts[p.dataTypes[0]]?p.accepts[p.dataTypes[0]]+("*"!==p.dataTypes[0]?", "+qt+"; q=0.01":""):p.accepts["*"]),p.headers)S.setRequestHeader(f,p.headers[f]);if(p.beforeSend&&(!1===p.beforeSend.call(h,S,p)||c))return S.abort();if(_="abort",v.add(p.complete),S.done(p.success),S.fail(p.error),r=Ht(Rt,p,t,S)){if(S.readyState=1,u&&m.trigger("ajaxSend",[S,p]),c)return S;p.async&&p.timeout>0&&(s=n.setTimeout((function(){S.abort("timeout")}),p.timeout));try{c=!1,r.send(w,E)}catch(T){if(c)throw T;E(-1,T)}}else E(-1,"No Transport");function E(e,t,a,l){var f,d,b,w,x,_=t;c||(c=!0,s&&n.clearTimeout(s),r=void 0,o=l||"",S.readyState=e>0?4:0,f=e>=200&&e<300||304===e,a&&(w=function(e,t,n){for(var r,i,o,a,s=e.contents,l=e.dataTypes;"*"===l[0];)l.shift(),void 0===r&&(r=e.mimeType||t.getResponseHeader("Content-Type"));if(r)for(i in s)if(s[i]&&s[i].test(r)){l.unshift(i);break}if(l[0]in n)o=l[0];else{for(i in n){if(!l[0]||e.converters[i+" "+l[0]]){o=i;break}a||(a=i)}o=o||a}if(o)return o!==l[0]&&l.unshift(o),n[o]}(p,S,a)),!f&&k.inArray("script",p.dataTypes)>-1&&(p.converters["text script"]=function(){}),w=function(e,t,n,r){var i,o,a,s,l,c={},u=e.dataTypes.slice();if(u[1])for(a in e.converters)c[a.toLowerCase()]=e.converters[a];for(o=u.shift();o;)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!l&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),l=o,o=u.shift())if("*"===o)o=l;else if("*"!==l&&l!==o){if(!(a=c[l+" "+o]||c["* "+o]))for(i in c)if((s=i.split(" "))[1]===o&&(a=c[l+" "+s[0]]||c["* "+s[0]])){!0===a?a=c[i]:!0!==c[i]&&(o=s[0],u.unshift(s[1]));break}if(!0!==a)if(a&&e.throws)t=a(t);else try{t=a(t)}catch(T){return{state:"parsererror",error:a?T:"No conversion from "+l+" to "+o}}}return{state:"success",data:t}}(p,w,S,f),f?(p.ifModified&&((x=S.getResponseHeader("Last-Modified"))&&(k.lastModified[i]=x),(x=S.getResponseHeader("etag"))&&(k.etag[i]=x)),204===e||"HEAD"===p.type?_="nocontent":304===e?_="notmodified":(_=w.state,d=w.data,f=!(b=w.error))):(b=_,!e&&_||(_="error",e<0&&(e=0))),S.status=e,S.statusText=(t||_)+"",f?g.resolveWith(h,[d,_,S]):g.rejectWith(h,[S,_,b]),S.statusCode(y),y=void 0,u&&m.trigger(f?"ajaxSuccess":"ajaxError",[S,p,f?d:b]),v.fireWith(h,[S,_]),u&&(m.trigger("ajaxComplete",[S,p]),--k.active||k.event.trigger("ajaxStop")))}return S},getJSON:function(e,t,n){return k.get(e,t,n,"json")},getScript:function(e,t){return k.get(e,void 0,t,"script")}}),k.each(["get","post"],(function(e,t){k[t]=function(e,n,r,i){return v(n)&&(i=i||r,r=n,n=void 0),k.ajax(k.extend({url:e,type:t,dataType:i,data:n,success:r},k.isPlainObject(e)&&e))}})),k.ajaxPrefilter((function(e){var t;for(t in e.headers)"content-type"===t.toLowerCase()&&(e.contentType=e.headers[t]||"")})),k._evalUrl=function(e,t,n){return k.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,converters:{"text script":function(){}},dataFilter:function(e){k.globalEval(e,t,n)}})},k.fn.extend({wrapAll:function(e){var t;return this[0]&&(v(e)&&(e=e.call(this[0])),t=k(e,this[0].ownerDocument).eq(0).clone(!0),this[0].parentNode&&t.insertBefore(this[0]),t.map((function(){for(var e=this;e.firstElementChild;)e=e.firstElementChild;return e})).append(this)),this},wrapInner:function(e){return v(e)?this.each((function(t){k(this).wrapInner(e.call(this,t))})):this.each((function(){var t=k(this),n=t.contents();n.length?n.wrapAll(e):t.append(e)}))},wrap:function(e){var t=v(e);return this.each((function(n){k(this).wrapAll(t?e.call(this,n):e)}))},unwrap:function(e){return this.parent(e).not("body").each((function(){k(this).replaceWith(this.childNodes)})),this}}),k.expr.pseudos.hidden=function(e){return!k.expr.pseudos.visible(e)},k.expr.pseudos.visible=function(e){return!!(e.offsetWidth||e.offsetHeight||e.getClientRects().length)},k.ajaxSettings.xhr=function(){try{return new n.XMLHttpRequest}catch(e){}};var Ut={0:200,1223:204},Wt=k.ajaxSettings.xhr();g.cors=!!Wt&&"withCredentials"in Wt,g.ajax=Wt=!!Wt,k.ajaxTransport((function(e){var t,r;if(g.cors||Wt&&!e.crossDomain)return{send:function(i,o){var a,s=e.xhr();if(s.open(e.type,e.url,e.async,e.username,e.password),e.xhrFields)for(a in e.xhrFields)s[a]=e.xhrFields[a];for(a in e.mimeType&&s.overrideMimeType&&s.overrideMimeType(e.mimeType),e.crossDomain||i["X-Requested-With"]||(i["X-Requested-With"]="XMLHttpRequest"),i)s.setRequestHeader(a,i[a]);t=function(e){return function(){t&&(t=r=s.onload=s.onerror=s.onabort=s.ontimeout=s.onreadystatechange=null,"abort"===e?s.abort():"error"===e?"number"!==typeof s.status?o(0,"error"):o(s.status,s.statusText):o(Ut[s.status]||s.status,s.statusText,"text"!==(s.responseType||"text")||"string"!==typeof s.responseText?{binary:s.response}:{text:s.responseText},s.getAllResponseHeaders()))}},s.onload=t(),r=s.onerror=s.ontimeout=t("error"),void 0!==s.onabort?s.onabort=r:s.onreadystatechange=function(){4===s.readyState&&n.setTimeout((function(){t&&r()}))},t=t("abort");try{s.send(e.hasContent&&e.data||null)}catch(l){if(t)throw l}},abort:function(){t&&t()}}})),k.ajaxPrefilter((function(e){e.crossDomain&&(e.contents.script=!1)})),k.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/\b(?:java|ecma)script\b/},converters:{"text script":function(e){return k.globalEval(e),e}}}),k.ajaxPrefilter("script",(function(e){void 0===e.cache&&(e.cache=!1),e.crossDomain&&(e.type="GET")})),k.ajaxTransport("script",(function(e){var t,n;if(e.crossDomain||e.scriptAttrs)return{send:function(r,i){t=k("\n if (val === '') return true;\n if (val === 'false') return false;\n if (val === 'true') return true;\n return val;\n}\n\nif (DOCUMENT && typeof DOCUMENT.querySelector === 'function') {\n var attrs = [['data-family-prefix', 'familyPrefix'], ['data-replacement-class', 'replacementClass'], ['data-auto-replace-svg', 'autoReplaceSvg'], ['data-auto-add-css', 'autoAddCss'], ['data-auto-a11y', 'autoA11y'], ['data-search-pseudo-elements', 'searchPseudoElements'], ['data-observe-mutations', 'observeMutations'], ['data-mutate-approach', 'mutateApproach'], ['data-keep-original-source', 'keepOriginalSource'], ['data-measure-performance', 'measurePerformance'], ['data-show-missing-icons', 'showMissingIcons']];\n attrs.forEach(function (_ref) {\n var _ref2 = _slicedToArray(_ref, 2),\n attr = _ref2[0],\n key = _ref2[1];\n\n var val = coerce(getAttrConfig(attr));\n\n if (val !== undefined && val !== null) {\n initial[key] = val;\n }\n });\n}\n\nvar _default = {\n familyPrefix: DEFAULT_FAMILY_PREFIX,\n replacementClass: DEFAULT_REPLACEMENT_CLASS,\n autoReplaceSvg: true,\n autoAddCss: true,\n autoA11y: true,\n searchPseudoElements: false,\n observeMutations: true,\n mutateApproach: 'async',\n keepOriginalSource: true,\n measurePerformance: false,\n showMissingIcons: true\n};\n\nvar _config = _objectSpread({}, _default, initial);\n\nif (!_config.autoReplaceSvg) _config.observeMutations = false;\n\nvar config = _objectSpread({}, _config);\n\nWINDOW.FontAwesomeConfig = config;\n\nvar w = WINDOW || {};\nif (!w[NAMESPACE_IDENTIFIER]) w[NAMESPACE_IDENTIFIER] = {};\nif (!w[NAMESPACE_IDENTIFIER].styles) w[NAMESPACE_IDENTIFIER].styles = {};\nif (!w[NAMESPACE_IDENTIFIER].hooks) w[NAMESPACE_IDENTIFIER].hooks = {};\nif (!w[NAMESPACE_IDENTIFIER].shims) w[NAMESPACE_IDENTIFIER].shims = [];\nvar namespace = w[NAMESPACE_IDENTIFIER];\n\nvar functions = [];\n\nvar listener = function listener() {\n DOCUMENT.removeEventListener('DOMContentLoaded', listener);\n loaded = 1;\n functions.map(function (fn) {\n return fn();\n });\n};\n\nvar loaded = false;\n\nif (IS_DOM) {\n loaded = (DOCUMENT.documentElement.doScroll ? /^loaded|^c/ : /^loaded|^i|^c/).test(DOCUMENT.readyState);\n if (!loaded) DOCUMENT.addEventListener('DOMContentLoaded', listener);\n}\n\nfunction domready (fn) {\n if (!IS_DOM) return;\n loaded ? setTimeout(fn, 0) : functions.push(fn);\n}\n\nvar PENDING = 'pending';\nvar SETTLED = 'settled';\nvar FULFILLED = 'fulfilled';\nvar REJECTED = 'rejected';\n\nvar NOOP = function NOOP() {};\n\nvar isNode = typeof global !== 'undefined' && typeof global.process !== 'undefined' && typeof global.process.emit === 'function';\nvar asyncSetTimer = typeof setImmediate === 'undefined' ? setTimeout : setImmediate;\nvar asyncQueue = [];\nvar asyncTimer;\n\nfunction asyncFlush() {\n // run promise callbacks\n for (var i = 0; i < asyncQueue.length; i++) {\n asyncQueue[i][0](asyncQueue[i][1]);\n } // reset async asyncQueue\n\n\n asyncQueue = [];\n asyncTimer = false;\n}\n\nfunction asyncCall(callback, arg) {\n asyncQueue.push([callback, arg]);\n\n if (!asyncTimer) {\n asyncTimer = true;\n asyncSetTimer(asyncFlush, 0);\n }\n}\n\nfunction invokeResolver(resolver, promise) {\n function resolvePromise(value) {\n resolve(promise, value);\n }\n\n function rejectPromise(reason) {\n reject(promise, reason);\n }\n\n try {\n resolver(resolvePromise, rejectPromise);\n } catch (e) {\n rejectPromise(e);\n }\n}\n\nfunction invokeCallback(subscriber) {\n var owner = subscriber.owner;\n var settled = owner._state;\n var value = owner._data;\n var callback = subscriber[settled];\n var promise = subscriber.then;\n\n if (typeof callback === 'function') {\n settled = FULFILLED;\n\n try {\n value = callback(value);\n } catch (e) {\n reject(promise, e);\n }\n }\n\n if (!handleThenable(promise, value)) {\n if (settled === FULFILLED) {\n resolve(promise, value);\n }\n\n if (settled === REJECTED) {\n reject(promise, value);\n }\n }\n}\n\nfunction handleThenable(promise, value) {\n var resolved;\n\n try {\n if (promise === value) {\n throw new TypeError('A promises callback cannot return that same promise.');\n }\n\n if (value && (typeof value === 'function' || _typeof(value) === 'object')) {\n // then should be retrieved only once\n var then = value.then;\n\n if (typeof then === 'function') {\n then.call(value, function (val) {\n if (!resolved) {\n resolved = true;\n\n if (value === val) {\n fulfill(promise, val);\n } else {\n resolve(promise, val);\n }\n }\n }, function (reason) {\n if (!resolved) {\n resolved = true;\n reject(promise, reason);\n }\n });\n return true;\n }\n }\n } catch (e) {\n if (!resolved) {\n reject(promise, e);\n }\n\n return true;\n }\n\n return false;\n}\n\nfunction resolve(promise, value) {\n if (promise === value || !handleThenable(promise, value)) {\n fulfill(promise, value);\n }\n}\n\nfunction fulfill(promise, value) {\n if (promise._state === PENDING) {\n promise._state = SETTLED;\n promise._data = value;\n asyncCall(publishFulfillment, promise);\n }\n}\n\nfunction reject(promise, reason) {\n if (promise._state === PENDING) {\n promise._state = SETTLED;\n promise._data = reason;\n asyncCall(publishRejection, promise);\n }\n}\n\nfunction publish(promise) {\n promise._then = promise._then.forEach(invokeCallback);\n}\n\nfunction publishFulfillment(promise) {\n promise._state = FULFILLED;\n publish(promise);\n}\n\nfunction publishRejection(promise) {\n promise._state = REJECTED;\n publish(promise);\n\n if (!promise._handled && isNode) {\n global.process.emit('unhandledRejection', promise._data, promise);\n }\n}\n\nfunction notifyRejectionHandled(promise) {\n global.process.emit('rejectionHandled', promise);\n}\n/**\n * @class\n */\n\n\nfunction P(resolver) {\n if (typeof resolver !== 'function') {\n throw new TypeError('Promise resolver ' + resolver + ' is not a function');\n }\n\n if (this instanceof P === false) {\n throw new TypeError('Failed to construct \\'Promise\\': Please use the \\'new\\' operator, this object constructor cannot be called as a function.');\n }\n\n this._then = [];\n invokeResolver(resolver, this);\n}\n\nP.prototype = {\n constructor: P,\n _state: PENDING,\n _then: null,\n _data: undefined,\n _handled: false,\n then: function then(onFulfillment, onRejection) {\n var subscriber = {\n owner: this,\n then: new this.constructor(NOOP),\n fulfilled: onFulfillment,\n rejected: onRejection\n };\n\n if ((onRejection || onFulfillment) && !this._handled) {\n this._handled = true;\n\n if (this._state === REJECTED && isNode) {\n asyncCall(notifyRejectionHandled, this);\n }\n }\n\n if (this._state === FULFILLED || this._state === REJECTED) {\n // already resolved, call callback async\n asyncCall(invokeCallback, subscriber);\n } else {\n // subscribe\n this._then.push(subscriber);\n }\n\n return subscriber.then;\n },\n catch: function _catch(onRejection) {\n return this.then(null, onRejection);\n }\n};\n\nP.all = function (promises) {\n if (!Array.isArray(promises)) {\n throw new TypeError('You must pass an array to Promise.all().');\n }\n\n return new P(function (resolve, reject) {\n var results = [];\n var remaining = 0;\n\n function resolver(index) {\n remaining++;\n return function (value) {\n results[index] = value;\n\n if (! --remaining) {\n resolve(results);\n }\n };\n }\n\n for (var i = 0, promise; i < promises.length; i++) {\n promise = promises[i];\n\n if (promise && typeof promise.then === 'function') {\n promise.then(resolver(i), reject);\n } else {\n results[i] = promise;\n }\n }\n\n if (!remaining) {\n resolve(results);\n }\n });\n};\n\nP.race = function (promises) {\n if (!Array.isArray(promises)) {\n throw new TypeError('You must pass an array to Promise.race().');\n }\n\n return new P(function (resolve, reject) {\n for (var i = 0, promise; i < promises.length; i++) {\n promise = promises[i];\n\n if (promise && typeof promise.then === 'function') {\n promise.then(resolve, reject);\n } else {\n resolve(promise);\n }\n }\n });\n};\n\nP.resolve = function (value) {\n if (value && _typeof(value) === 'object' && value.constructor === P) {\n return value;\n }\n\n return new P(function (resolve) {\n resolve(value);\n });\n};\n\nP.reject = function (reason) {\n return new P(function (resolve, reject) {\n reject(reason);\n });\n};\n\nvar picked = typeof Promise === 'function' ? Promise : P;\n\nvar d = UNITS_IN_GRID;\nvar meaninglessTransform = {\n size: 16,\n x: 0,\n y: 0,\n rotate: 0,\n flipX: false,\n flipY: false\n};\n\nfunction isReserved(name) {\n return ~RESERVED_CLASSES.indexOf(name);\n}\nfunction insertCss(css) {\n if (!css || !IS_DOM) {\n return;\n }\n\n var style = DOCUMENT.createElement('style');\n style.setAttribute('type', 'text/css');\n style.innerHTML = css;\n var headChildren = DOCUMENT.head.childNodes;\n var beforeChild = null;\n\n for (var i = headChildren.length - 1; i > -1; i--) {\n var child = headChildren[i];\n var tagName = (child.tagName || '').toUpperCase();\n\n if (['STYLE', 'LINK'].indexOf(tagName) > -1) {\n beforeChild = child;\n }\n }\n\n DOCUMENT.head.insertBefore(style, beforeChild);\n return css;\n}\nvar idPool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';\nfunction nextUniqueId() {\n var size = 12;\n var id = '';\n\n while (size-- > 0) {\n id += idPool[Math.random() * 62 | 0];\n }\n\n return id;\n}\nfunction toArray(obj) {\n var array = [];\n\n for (var i = (obj || []).length >>> 0; i--;) {\n array[i] = obj[i];\n }\n\n return array;\n}\nfunction classArray(node) {\n if (node.classList) {\n return toArray(node.classList);\n } else {\n return (node.getAttribute('class') || '').split(' ').filter(function (i) {\n return i;\n });\n }\n}\nfunction getIconName(familyPrefix, cls) {\n var parts = cls.split('-');\n var prefix = parts[0];\n var iconName = parts.slice(1).join('-');\n\n if (prefix === familyPrefix && iconName !== '' && !isReserved(iconName)) {\n return iconName;\n } else {\n return null;\n }\n}\nfunction htmlEscape(str) {\n return \"\".concat(str).replace(/&/g, '&').replace(/\"/g, '"').replace(/'/g, ''').replace(//g, '>');\n}\nfunction joinAttributes(attributes) {\n return Object.keys(attributes || {}).reduce(function (acc, attributeName) {\n return acc + \"\".concat(attributeName, \"=\\\"\").concat(htmlEscape(attributes[attributeName]), \"\\\" \");\n }, '').trim();\n}\nfunction joinStyles(styles) {\n return Object.keys(styles || {}).reduce(function (acc, styleName) {\n return acc + \"\".concat(styleName, \": \").concat(styles[styleName], \";\");\n }, '');\n}\nfunction transformIsMeaningful(transform) {\n return transform.size !== meaninglessTransform.size || transform.x !== meaninglessTransform.x || transform.y !== meaninglessTransform.y || transform.rotate !== meaninglessTransform.rotate || transform.flipX || transform.flipY;\n}\nfunction transformForSvg(_ref) {\n var transform = _ref.transform,\n containerWidth = _ref.containerWidth,\n iconWidth = _ref.iconWidth;\n var outer = {\n transform: \"translate(\".concat(containerWidth / 2, \" 256)\")\n };\n var innerTranslate = \"translate(\".concat(transform.x * 32, \", \").concat(transform.y * 32, \") \");\n var innerScale = \"scale(\".concat(transform.size / 16 * (transform.flipX ? -1 : 1), \", \").concat(transform.size / 16 * (transform.flipY ? -1 : 1), \") \");\n var innerRotate = \"rotate(\".concat(transform.rotate, \" 0 0)\");\n var inner = {\n transform: \"\".concat(innerTranslate, \" \").concat(innerScale, \" \").concat(innerRotate)\n };\n var path = {\n transform: \"translate(\".concat(iconWidth / 2 * -1, \" -256)\")\n };\n return {\n outer: outer,\n inner: inner,\n path: path\n };\n}\nfunction transformForCss(_ref2) {\n var transform = _ref2.transform,\n _ref2$width = _ref2.width,\n width = _ref2$width === void 0 ? UNITS_IN_GRID : _ref2$width,\n _ref2$height = _ref2.height,\n height = _ref2$height === void 0 ? UNITS_IN_GRID : _ref2$height,\n _ref2$startCentered = _ref2.startCentered,\n startCentered = _ref2$startCentered === void 0 ? false : _ref2$startCentered;\n var val = '';\n\n if (startCentered && IS_IE) {\n val += \"translate(\".concat(transform.x / d - width / 2, \"em, \").concat(transform.y / d - height / 2, \"em) \");\n } else if (startCentered) {\n val += \"translate(calc(-50% + \".concat(transform.x / d, \"em), calc(-50% + \").concat(transform.y / d, \"em)) \");\n } else {\n val += \"translate(\".concat(transform.x / d, \"em, \").concat(transform.y / d, \"em) \");\n }\n\n val += \"scale(\".concat(transform.size / d * (transform.flipX ? -1 : 1), \", \").concat(transform.size / d * (transform.flipY ? -1 : 1), \") \");\n val += \"rotate(\".concat(transform.rotate, \"deg) \");\n return val;\n}\n\nvar ALL_SPACE = {\n x: 0,\n y: 0,\n width: '100%',\n height: '100%'\n};\n\nfunction fillBlack(abstract) {\n var force = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : true;\n\n if (abstract.attributes && (abstract.attributes.fill || force)) {\n abstract.attributes.fill = 'black';\n }\n\n return abstract;\n}\n\nfunction deGroup(abstract) {\n if (abstract.tag === 'g') {\n return abstract.children;\n } else {\n return [abstract];\n }\n}\n\nfunction makeIconMasking (_ref) {\n var children = _ref.children,\n attributes = _ref.attributes,\n main = _ref.main,\n mask = _ref.mask,\n transform = _ref.transform;\n var mainWidth = main.width,\n mainPath = main.icon;\n var maskWidth = mask.width,\n maskPath = mask.icon;\n var trans = transformForSvg({\n transform: transform,\n containerWidth: maskWidth,\n iconWidth: mainWidth\n });\n var maskRect = {\n tag: 'rect',\n attributes: _objectSpread({}, ALL_SPACE, {\n fill: 'white'\n })\n };\n var maskInnerGroupChildrenMixin = mainPath.children ? {\n children: mainPath.children.map(fillBlack)\n } : {};\n var maskInnerGroup = {\n tag: 'g',\n attributes: _objectSpread({}, trans.inner),\n children: [fillBlack(_objectSpread({\n tag: mainPath.tag,\n attributes: _objectSpread({}, mainPath.attributes, trans.path)\n }, maskInnerGroupChildrenMixin))]\n };\n var maskOuterGroup = {\n tag: 'g',\n attributes: _objectSpread({}, trans.outer),\n children: [maskInnerGroup]\n };\n var maskId = \"mask-\".concat(nextUniqueId());\n var clipId = \"clip-\".concat(nextUniqueId());\n var maskTag = {\n tag: 'mask',\n attributes: _objectSpread({}, ALL_SPACE, {\n id: maskId,\n maskUnits: 'userSpaceOnUse',\n maskContentUnits: 'userSpaceOnUse'\n }),\n children: [maskRect, maskOuterGroup]\n };\n var defs = {\n tag: 'defs',\n children: [{\n tag: 'clipPath',\n attributes: {\n id: clipId\n },\n children: deGroup(maskPath)\n }, maskTag]\n };\n children.push(defs, {\n tag: 'rect',\n attributes: _objectSpread({\n fill: 'currentColor',\n 'clip-path': \"url(#\".concat(clipId, \")\"),\n mask: \"url(#\".concat(maskId, \")\")\n }, ALL_SPACE)\n });\n return {\n children: children,\n attributes: attributes\n };\n}\n\nfunction makeIconStandard (_ref) {\n var children = _ref.children,\n attributes = _ref.attributes,\n main = _ref.main,\n transform = _ref.transform,\n styles = _ref.styles;\n var styleString = joinStyles(styles);\n\n if (styleString.length > 0) {\n attributes['style'] = styleString;\n }\n\n if (transformIsMeaningful(transform)) {\n var trans = transformForSvg({\n transform: transform,\n containerWidth: main.width,\n iconWidth: main.width\n });\n children.push({\n tag: 'g',\n attributes: _objectSpread({}, trans.outer),\n children: [{\n tag: 'g',\n attributes: _objectSpread({}, trans.inner),\n children: [{\n tag: main.icon.tag,\n children: main.icon.children,\n attributes: _objectSpread({}, main.icon.attributes, trans.path)\n }]\n }]\n });\n } else {\n children.push(main.icon);\n }\n\n return {\n children: children,\n attributes: attributes\n };\n}\n\nfunction asIcon (_ref) {\n var children = _ref.children,\n main = _ref.main,\n mask = _ref.mask,\n attributes = _ref.attributes,\n styles = _ref.styles,\n transform = _ref.transform;\n\n if (transformIsMeaningful(transform) && main.found && !mask.found) {\n var width = main.width,\n height = main.height;\n var offset = {\n x: width / height / 2,\n y: 0.5\n };\n attributes['style'] = joinStyles(_objectSpread({}, styles, {\n 'transform-origin': \"\".concat(offset.x + transform.x / 16, \"em \").concat(offset.y + transform.y / 16, \"em\")\n }));\n }\n\n return [{\n tag: 'svg',\n attributes: attributes,\n children: children\n }];\n}\n\nfunction asSymbol (_ref) {\n var prefix = _ref.prefix,\n iconName = _ref.iconName,\n children = _ref.children,\n attributes = _ref.attributes,\n symbol = _ref.symbol;\n var id = symbol === true ? \"\".concat(prefix, \"-\").concat(config.familyPrefix, \"-\").concat(iconName) : symbol;\n return [{\n tag: 'svg',\n attributes: {\n style: 'display: none;'\n },\n children: [{\n tag: 'symbol',\n attributes: _objectSpread({}, attributes, {\n id: id\n }),\n children: children\n }]\n }];\n}\n\nfunction makeInlineSvgAbstract(params) {\n var _params$icons = params.icons,\n main = _params$icons.main,\n mask = _params$icons.mask,\n prefix = params.prefix,\n iconName = params.iconName,\n transform = params.transform,\n symbol = params.symbol,\n title = params.title,\n extra = params.extra,\n _params$watchable = params.watchable,\n watchable = _params$watchable === void 0 ? false : _params$watchable;\n\n var _ref = mask.found ? mask : main,\n width = _ref.width,\n height = _ref.height;\n\n var widthClass = \"fa-w-\".concat(Math.ceil(width / height * 16));\n var attrClass = [config.replacementClass, iconName ? \"\".concat(config.familyPrefix, \"-\").concat(iconName) : '', widthClass].filter(function (c) {\n return extra.classes.indexOf(c) === -1;\n }).concat(extra.classes).join(' ');\n var content = {\n children: [],\n attributes: _objectSpread({}, extra.attributes, {\n 'data-prefix': prefix,\n 'data-icon': iconName,\n 'class': attrClass,\n 'role': extra.attributes.role || 'img',\n 'xmlns': 'http://www.w3.org/2000/svg',\n 'viewBox': \"0 0 \".concat(width, \" \").concat(height)\n })\n };\n\n if (watchable) {\n content.attributes[DATA_FA_I2SVG] = '';\n }\n\n if (title) content.children.push({\n tag: 'title',\n attributes: {\n id: content.attributes['aria-labelledby'] || \"title-\".concat(nextUniqueId())\n },\n children: [title]\n });\n\n var args = _objectSpread({}, content, {\n prefix: prefix,\n iconName: iconName,\n main: main,\n mask: mask,\n transform: transform,\n symbol: symbol,\n styles: extra.styles\n });\n\n var _ref2 = mask.found && main.found ? makeIconMasking(args) : makeIconStandard(args),\n children = _ref2.children,\n attributes = _ref2.attributes;\n\n args.children = children;\n args.attributes = attributes;\n\n if (symbol) {\n return asSymbol(args);\n } else {\n return asIcon(args);\n }\n}\nfunction makeLayersTextAbstract(params) {\n var content = params.content,\n width = params.width,\n height = params.height,\n transform = params.transform,\n title = params.title,\n extra = params.extra,\n _params$watchable2 = params.watchable,\n watchable = _params$watchable2 === void 0 ? false : _params$watchable2;\n\n var attributes = _objectSpread({}, extra.attributes, title ? {\n 'title': title\n } : {}, {\n 'class': extra.classes.join(' ')\n });\n\n if (watchable) {\n attributes[DATA_FA_I2SVG] = '';\n }\n\n var styles = _objectSpread({}, extra.styles);\n\n if (transformIsMeaningful(transform)) {\n styles['transform'] = transformForCss({\n transform: transform,\n startCentered: true,\n width: width,\n height: height\n });\n styles['-webkit-transform'] = styles['transform'];\n }\n\n var styleString = joinStyles(styles);\n\n if (styleString.length > 0) {\n attributes['style'] = styleString;\n }\n\n var val = [];\n val.push({\n tag: 'span',\n attributes: attributes,\n children: [content]\n });\n\n if (title) {\n val.push({\n tag: 'span',\n attributes: {\n class: 'sr-only'\n },\n children: [title]\n });\n }\n\n return val;\n}\nfunction makeLayersCounterAbstract(params) {\n var content = params.content,\n title = params.title,\n extra = params.extra;\n\n var attributes = _objectSpread({}, extra.attributes, title ? {\n 'title': title\n } : {}, {\n 'class': extra.classes.join(' ')\n });\n\n var styleString = joinStyles(extra.styles);\n\n if (styleString.length > 0) {\n attributes['style'] = styleString;\n }\n\n var val = [];\n val.push({\n tag: 'span',\n attributes: attributes,\n children: [content]\n });\n\n if (title) {\n val.push({\n tag: 'span',\n attributes: {\n class: 'sr-only'\n },\n children: [title]\n });\n }\n\n return val;\n}\n\nvar noop$1 = function noop() {};\n\nvar p = config.measurePerformance && PERFORMANCE && PERFORMANCE.mark && PERFORMANCE.measure ? PERFORMANCE : {\n mark: noop$1,\n measure: noop$1\n};\nvar preamble = \"FA \\\"5.11.2\\\"\";\n\nvar begin = function begin(name) {\n p.mark(\"\".concat(preamble, \" \").concat(name, \" begins\"));\n return function () {\n return end(name);\n };\n};\n\nvar end = function end(name) {\n p.mark(\"\".concat(preamble, \" \").concat(name, \" ends\"));\n p.measure(\"\".concat(preamble, \" \").concat(name), \"\".concat(preamble, \" \").concat(name, \" begins\"), \"\".concat(preamble, \" \").concat(name, \" ends\"));\n};\n\nvar perf = {\n begin: begin,\n end: end\n};\n\n/**\n * Internal helper to bind a function known to have 4 arguments\n * to a given context.\n */\n\nvar bindInternal4 = function bindInternal4(func, thisContext) {\n return function (a, b, c, d) {\n return func.call(thisContext, a, b, c, d);\n };\n};\n\n/**\n * # Reduce\n *\n * A fast object `.reduce()` implementation.\n *\n * @param {Object} subject The object to reduce over.\n * @param {Function} fn The reducer function.\n * @param {mixed} initialValue The initial value for the reducer, defaults to subject[0].\n * @param {Object} thisContext The context for the reducer.\n * @return {mixed} The final result.\n */\n\n\nvar reduce = function fastReduceObject(subject, fn, initialValue, thisContext) {\n var keys = Object.keys(subject),\n length = keys.length,\n iterator = thisContext !== undefined ? bindInternal4(fn, thisContext) : fn,\n i,\n key,\n result;\n\n if (initialValue === undefined) {\n i = 1;\n result = subject[keys[0]];\n } else {\n i = 0;\n result = initialValue;\n }\n\n for (; i < length; i++) {\n key = keys[i];\n result = iterator(result, subject[key], key, subject);\n }\n\n return result;\n};\n\nfunction toHex(unicode) {\n var result = '';\n\n for (var i = 0; i < unicode.length; i++) {\n var hex = unicode.charCodeAt(i).toString(16);\n result += ('000' + hex).slice(-4);\n }\n\n return result;\n}\n\nfunction defineIcons(prefix, icons) {\n var params = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};\n var _params$skipHooks = params.skipHooks,\n skipHooks = _params$skipHooks === void 0 ? false : _params$skipHooks;\n var normalized = Object.keys(icons).reduce(function (acc, iconName) {\n var icon = icons[iconName];\n var expanded = !!icon.icon;\n\n if (expanded) {\n acc[icon.iconName] = icon.icon;\n } else {\n acc[iconName] = icon;\n }\n\n return acc;\n }, {});\n\n if (typeof namespace.hooks.addPack === 'function' && !skipHooks) {\n namespace.hooks.addPack(prefix, normalized);\n } else {\n namespace.styles[prefix] = _objectSpread({}, namespace.styles[prefix] || {}, normalized);\n }\n /**\n * Font Awesome 4 used the prefix of `fa` for all icons. With the introduction\n * of new styles we needed to differentiate between them. Prefix `fa` is now an alias\n * for `fas` so we'll easy the upgrade process for our users by automatically defining\n * this as well.\n */\n\n\n if (prefix === 'fas') {\n defineIcons('fa', icons);\n }\n}\n\nvar styles = namespace.styles,\n shims = namespace.shims;\nvar _byUnicode = {};\nvar _byLigature = {};\nvar _byOldName = {};\nvar build = function build() {\n var lookup = function lookup(reducer) {\n return reduce(styles, function (o, style, prefix) {\n o[prefix] = reduce(style, reducer, {});\n return o;\n }, {});\n };\n\n _byUnicode = lookup(function (acc, icon, iconName) {\n if (icon[3]) {\n acc[icon[3]] = iconName;\n }\n\n return acc;\n });\n _byLigature = lookup(function (acc, icon, iconName) {\n var ligatures = icon[2];\n acc[iconName] = iconName;\n ligatures.forEach(function (ligature) {\n acc[ligature] = iconName;\n });\n return acc;\n });\n var hasRegular = 'far' in styles;\n _byOldName = reduce(shims, function (acc, shim) {\n var oldName = shim[0];\n var prefix = shim[1];\n var iconName = shim[2];\n\n if (prefix === 'far' && !hasRegular) {\n prefix = 'fas';\n }\n\n acc[oldName] = {\n prefix: prefix,\n iconName: iconName\n };\n return acc;\n }, {});\n};\nbuild();\nfunction byUnicode(prefix, unicode) {\n return (_byUnicode[prefix] || {})[unicode];\n}\nfunction byLigature(prefix, ligature) {\n return (_byLigature[prefix] || {})[ligature];\n}\nfunction byOldName(name) {\n return _byOldName[name] || {\n prefix: null,\n iconName: null\n };\n}\n\nvar styles$1 = namespace.styles;\nvar emptyCanonicalIcon = function emptyCanonicalIcon() {\n return {\n prefix: null,\n iconName: null,\n rest: []\n };\n};\nfunction getCanonicalIcon(values) {\n return values.reduce(function (acc, cls) {\n var iconName = getIconName(config.familyPrefix, cls);\n\n if (styles$1[cls]) {\n acc.prefix = cls;\n } else if (config.autoFetchSvg && ['fas', 'far', 'fal', 'fad', 'fab', 'fa'].indexOf(cls) > -1) {\n acc.prefix = cls;\n } else if (iconName) {\n var shim = acc.prefix === 'fa' ? byOldName(iconName) : {};\n acc.iconName = shim.iconName || iconName;\n acc.prefix = shim.prefix || acc.prefix;\n } else if (cls !== config.replacementClass && cls.indexOf('fa-w-') !== 0) {\n acc.rest.push(cls);\n }\n\n return acc;\n }, emptyCanonicalIcon());\n}\nfunction iconFromMapping(mapping, prefix, iconName) {\n if (mapping && mapping[prefix] && mapping[prefix][iconName]) {\n return {\n prefix: prefix,\n iconName: iconName,\n icon: mapping[prefix][iconName]\n };\n }\n}\n\nfunction toHtml(abstractNodes) {\n var tag = abstractNodes.tag,\n _abstractNodes$attrib = abstractNodes.attributes,\n attributes = _abstractNodes$attrib === void 0 ? {} : _abstractNodes$attrib,\n _abstractNodes$childr = abstractNodes.children,\n children = _abstractNodes$childr === void 0 ? [] : _abstractNodes$childr;\n\n if (typeof abstractNodes === 'string') {\n return htmlEscape(abstractNodes);\n } else {\n return \"<\".concat(tag, \" \").concat(joinAttributes(attributes), \">\").concat(children.map(toHtml).join(''), \"\");\n }\n}\n\nvar noop$2 = function noop() {};\n\nfunction isWatched(node) {\n var i2svg = node.getAttribute ? node.getAttribute(DATA_FA_I2SVG) : null;\n return typeof i2svg === 'string';\n}\n\nfunction getMutator() {\n if (config.autoReplaceSvg === true) {\n return mutators.replace;\n }\n\n var mutator = mutators[config.autoReplaceSvg];\n return mutator || mutators.replace;\n}\n\nvar mutators = {\n replace: function replace(mutation) {\n var node = mutation[0];\n var abstract = mutation[1];\n var newOuterHTML = abstract.map(function (a) {\n return toHtml(a);\n }).join('\\n');\n\n if (node.parentNode && node.outerHTML) {\n node.outerHTML = newOuterHTML + (config.keepOriginalSource && node.tagName.toLowerCase() !== 'svg' ? \"\") : '');\n } else if (node.parentNode) {\n var newNode = document.createElement('span');\n node.parentNode.replaceChild(newNode, node);\n newNode.outerHTML = newOuterHTML;\n }\n },\n nest: function nest(mutation) {\n var node = mutation[0];\n var abstract = mutation[1]; // If we already have a replaced node we do not want to continue nesting within it.\n // Short-circuit to the standard replacement\n\n if (~classArray(node).indexOf(config.replacementClass)) {\n return mutators.replace(mutation);\n }\n\n var forSvg = new RegExp(\"\".concat(config.familyPrefix, \"-.*\"));\n delete abstract[0].attributes.style;\n delete abstract[0].attributes.id;\n var splitClasses = abstract[0].attributes.class.split(' ').reduce(function (acc, cls) {\n if (cls === config.replacementClass || cls.match(forSvg)) {\n acc.toSvg.push(cls);\n } else {\n acc.toNode.push(cls);\n }\n\n return acc;\n }, {\n toNode: [],\n toSvg: []\n });\n abstract[0].attributes.class = splitClasses.toSvg.join(' ');\n var newInnerHTML = abstract.map(function (a) {\n return toHtml(a);\n }).join('\\n');\n node.setAttribute('class', splitClasses.toNode.join(' '));\n node.setAttribute(DATA_FA_I2SVG, '');\n node.innerHTML = newInnerHTML;\n }\n};\n\nfunction performOperationSync(op) {\n op();\n}\n\nfunction perform(mutations, callback) {\n var callbackFunction = typeof callback === 'function' ? callback : noop$2;\n\n if (mutations.length === 0) {\n callbackFunction();\n } else {\n var frame = performOperationSync;\n\n if (config.mutateApproach === MUTATION_APPROACH_ASYNC) {\n frame = WINDOW.requestAnimationFrame || performOperationSync;\n }\n\n frame(function () {\n var mutator = getMutator();\n var mark = perf.begin('mutate');\n mutations.map(mutator);\n mark();\n callbackFunction();\n });\n }\n}\nvar disabled = false;\nfunction disableObservation() {\n disabled = true;\n}\nfunction enableObservation() {\n disabled = false;\n}\nvar mo = null;\nfunction observe(options) {\n if (!MUTATION_OBSERVER) {\n return;\n }\n\n if (!config.observeMutations) {\n return;\n }\n\n var treeCallback = options.treeCallback,\n nodeCallback = options.nodeCallback,\n pseudoElementsCallback = options.pseudoElementsCallback,\n _options$observeMutat = options.observeMutationsRoot,\n observeMutationsRoot = _options$observeMutat === void 0 ? DOCUMENT : _options$observeMutat;\n mo = new MUTATION_OBSERVER(function (objects) {\n if (disabled) return;\n toArray(objects).forEach(function (mutationRecord) {\n if (mutationRecord.type === 'childList' && mutationRecord.addedNodes.length > 0 && !isWatched(mutationRecord.addedNodes[0])) {\n if (config.searchPseudoElements) {\n pseudoElementsCallback(mutationRecord.target);\n }\n\n treeCallback(mutationRecord.target);\n }\n\n if (mutationRecord.type === 'attributes' && mutationRecord.target.parentNode && config.searchPseudoElements) {\n pseudoElementsCallback(mutationRecord.target.parentNode);\n }\n\n if (mutationRecord.type === 'attributes' && isWatched(mutationRecord.target) && ~ATTRIBUTES_WATCHED_FOR_MUTATION.indexOf(mutationRecord.attributeName)) {\n if (mutationRecord.attributeName === 'class') {\n var _getCanonicalIcon = getCanonicalIcon(classArray(mutationRecord.target)),\n prefix = _getCanonicalIcon.prefix,\n iconName = _getCanonicalIcon.iconName;\n\n if (prefix) mutationRecord.target.setAttribute('data-prefix', prefix);\n if (iconName) mutationRecord.target.setAttribute('data-icon', iconName);\n } else {\n nodeCallback(mutationRecord.target);\n }\n }\n });\n });\n if (!IS_DOM) return;\n mo.observe(observeMutationsRoot, {\n childList: true,\n attributes: true,\n characterData: true,\n subtree: true\n });\n}\nfunction disconnect() {\n if (!mo) return;\n mo.disconnect();\n}\n\nfunction styleParser (node) {\n var style = node.getAttribute('style');\n var val = [];\n\n if (style) {\n val = style.split(';').reduce(function (acc, style) {\n var styles = style.split(':');\n var prop = styles[0];\n var value = styles.slice(1);\n\n if (prop && value.length > 0) {\n acc[prop] = value.join(':').trim();\n }\n\n return acc;\n }, {});\n }\n\n return val;\n}\n\nfunction classParser (node) {\n var existingPrefix = node.getAttribute('data-prefix');\n var existingIconName = node.getAttribute('data-icon');\n var innerText = node.innerText !== undefined ? node.innerText.trim() : '';\n var val = getCanonicalIcon(classArray(node));\n\n if (existingPrefix && existingIconName) {\n val.prefix = existingPrefix;\n val.iconName = existingIconName;\n }\n\n if (val.prefix && innerText.length > 1) {\n val.iconName = byLigature(val.prefix, node.innerText);\n } else if (val.prefix && innerText.length === 1) {\n val.iconName = byUnicode(val.prefix, toHex(node.innerText));\n }\n\n return val;\n}\n\nvar parseTransformString = function parseTransformString(transformString) {\n var transform = {\n size: 16,\n x: 0,\n y: 0,\n flipX: false,\n flipY: false,\n rotate: 0\n };\n\n if (!transformString) {\n return transform;\n } else {\n return transformString.toLowerCase().split(' ').reduce(function (acc, n) {\n var parts = n.toLowerCase().split('-');\n var first = parts[0];\n var rest = parts.slice(1).join('-');\n\n if (first && rest === 'h') {\n acc.flipX = true;\n return acc;\n }\n\n if (first && rest === 'v') {\n acc.flipY = true;\n return acc;\n }\n\n rest = parseFloat(rest);\n\n if (isNaN(rest)) {\n return acc;\n }\n\n switch (first) {\n case 'grow':\n acc.size = acc.size + rest;\n break;\n\n case 'shrink':\n acc.size = acc.size - rest;\n break;\n\n case 'left':\n acc.x = acc.x - rest;\n break;\n\n case 'right':\n acc.x = acc.x + rest;\n break;\n\n case 'up':\n acc.y = acc.y - rest;\n break;\n\n case 'down':\n acc.y = acc.y + rest;\n break;\n\n case 'rotate':\n acc.rotate = acc.rotate + rest;\n break;\n }\n\n return acc;\n }, transform);\n }\n};\nfunction transformParser (node) {\n return parseTransformString(node.getAttribute('data-fa-transform'));\n}\n\nfunction symbolParser (node) {\n var symbol = node.getAttribute('data-fa-symbol');\n return symbol === null ? false : symbol === '' ? true : symbol;\n}\n\nfunction attributesParser (node) {\n var extraAttributes = toArray(node.attributes).reduce(function (acc, attr) {\n if (acc.name !== 'class' && acc.name !== 'style') {\n acc[attr.name] = attr.value;\n }\n\n return acc;\n }, {});\n var title = node.getAttribute('title');\n\n if (config.autoA11y) {\n if (title) {\n extraAttributes['aria-labelledby'] = \"\".concat(config.replacementClass, \"-title-\").concat(nextUniqueId());\n } else {\n extraAttributes['aria-hidden'] = 'true';\n extraAttributes['focusable'] = 'false';\n }\n }\n\n return extraAttributes;\n}\n\nfunction maskParser (node) {\n var mask = node.getAttribute('data-fa-mask');\n\n if (!mask) {\n return emptyCanonicalIcon();\n } else {\n return getCanonicalIcon(mask.split(' ').map(function (i) {\n return i.trim();\n }));\n }\n}\n\nfunction blankMeta() {\n return {\n iconName: null,\n title: null,\n prefix: null,\n transform: meaninglessTransform,\n symbol: false,\n mask: null,\n extra: {\n classes: [],\n styles: {},\n attributes: {}\n }\n };\n}\nfunction parseMeta(node) {\n var _classParser = classParser(node),\n iconName = _classParser.iconName,\n prefix = _classParser.prefix,\n extraClasses = _classParser.rest;\n\n var extraStyles = styleParser(node);\n var transform = transformParser(node);\n var symbol = symbolParser(node);\n var extraAttributes = attributesParser(node);\n var mask = maskParser(node);\n return {\n iconName: iconName,\n title: node.getAttribute('title'),\n prefix: prefix,\n transform: transform,\n symbol: symbol,\n mask: mask,\n extra: {\n classes: extraClasses,\n styles: extraStyles,\n attributes: extraAttributes\n }\n };\n}\n\nfunction MissingIcon(error) {\n this.name = 'MissingIcon';\n this.message = error || 'Icon unavailable';\n this.stack = new Error().stack;\n}\nMissingIcon.prototype = Object.create(Error.prototype);\nMissingIcon.prototype.constructor = MissingIcon;\n\nvar FILL = {\n fill: 'currentColor'\n};\nvar ANIMATION_BASE = {\n attributeType: 'XML',\n repeatCount: 'indefinite',\n dur: '2s'\n};\nvar RING = {\n tag: 'path',\n attributes: _objectSpread({}, FILL, {\n d: 'M156.5,447.7l-12.6,29.5c-18.7-9.5-35.9-21.2-51.5-34.9l22.7-22.7C127.6,430.5,141.5,440,156.5,447.7z M40.6,272H8.5 c1.4,21.2,5.4,41.7,11.7,61.1L50,321.2C45.1,305.5,41.8,289,40.6,272z M40.6,240c1.4-18.8,5.2-37,11.1-54.1l-29.5-12.6 C14.7,194.3,10,216.7,8.5,240H40.6z M64.3,156.5c7.8-14.9,17.2-28.8,28.1-41.5L69.7,92.3c-13.7,15.6-25.5,32.8-34.9,51.5 L64.3,156.5z M397,419.6c-13.9,12-29.4,22.3-46.1,30.4l11.9,29.8c20.7-9.9,39.8-22.6,56.9-37.6L397,419.6z M115,92.4 c13.9-12,29.4-22.3,46.1-30.4l-11.9-29.8c-20.7,9.9-39.8,22.6-56.8,37.6L115,92.4z M447.7,355.5c-7.8,14.9-17.2,28.8-28.1,41.5 l22.7,22.7c13.7-15.6,25.5-32.9,34.9-51.5L447.7,355.5z M471.4,272c-1.4,18.8-5.2,37-11.1,54.1l29.5,12.6 c7.5-21.1,12.2-43.5,13.6-66.8H471.4z M321.2,462c-15.7,5-32.2,8.2-49.2,9.4v32.1c21.2-1.4,41.7-5.4,61.1-11.7L321.2,462z M240,471.4c-18.8-1.4-37-5.2-54.1-11.1l-12.6,29.5c21.1,7.5,43.5,12.2,66.8,13.6V471.4z M462,190.8c5,15.7,8.2,32.2,9.4,49.2h32.1 c-1.4-21.2-5.4-41.7-11.7-61.1L462,190.8z M92.4,397c-12-13.9-22.3-29.4-30.4-46.1l-29.8,11.9c9.9,20.7,22.6,39.8,37.6,56.9 L92.4,397z M272,40.6c18.8,1.4,36.9,5.2,54.1,11.1l12.6-29.5C317.7,14.7,295.3,10,272,8.5V40.6z M190.8,50 c15.7-5,32.2-8.2,49.2-9.4V8.5c-21.2,1.4-41.7,5.4-61.1,11.7L190.8,50z M442.3,92.3L419.6,115c12,13.9,22.3,29.4,30.5,46.1 l29.8-11.9C470,128.5,457.3,109.4,442.3,92.3z M397,92.4l22.7-22.7c-15.6-13.7-32.8-25.5-51.5-34.9l-12.6,29.5 C370.4,72.1,384.4,81.5,397,92.4z'\n })\n};\n\nvar OPACITY_ANIMATE = _objectSpread({}, ANIMATION_BASE, {\n attributeName: 'opacity'\n});\n\nvar DOT = {\n tag: 'circle',\n attributes: _objectSpread({}, FILL, {\n cx: '256',\n cy: '364',\n r: '28'\n }),\n children: [{\n tag: 'animate',\n attributes: _objectSpread({}, ANIMATION_BASE, {\n attributeName: 'r',\n values: '28;14;28;28;14;28;'\n })\n }, {\n tag: 'animate',\n attributes: _objectSpread({}, OPACITY_ANIMATE, {\n values: '1;0;1;1;0;1;'\n })\n }]\n};\nvar QUESTION = {\n tag: 'path',\n attributes: _objectSpread({}, FILL, {\n opacity: '1',\n d: 'M263.7,312h-16c-6.6,0-12-5.4-12-12c0-71,77.4-63.9,77.4-107.8c0-20-17.8-40.2-57.4-40.2c-29.1,0-44.3,9.6-59.2,28.7 c-3.9,5-11.1,6-16.2,2.4l-13.1-9.2c-5.6-3.9-6.9-11.8-2.6-17.2c21.2-27.2,46.4-44.7,91.2-44.7c52.3,0,97.4,29.8,97.4,80.2 c0,67.6-77.4,63.5-77.4,107.8C275.7,306.6,270.3,312,263.7,312z'\n }),\n children: [{\n tag: 'animate',\n attributes: _objectSpread({}, OPACITY_ANIMATE, {\n values: '1;0;0;0;0;1;'\n })\n }]\n};\nvar EXCLAMATION = {\n tag: 'path',\n attributes: _objectSpread({}, FILL, {\n opacity: '0',\n d: 'M232.5,134.5l7,168c0.3,6.4,5.6,11.5,12,11.5h9c6.4,0,11.7-5.1,12-11.5l7-168c0.3-6.8-5.2-12.5-12-12.5h-23 C237.7,122,232.2,127.7,232.5,134.5z'\n }),\n children: [{\n tag: 'animate',\n attributes: _objectSpread({}, OPACITY_ANIMATE, {\n values: '0;0;1;1;0;0;'\n })\n }]\n};\nvar missing = {\n tag: 'g',\n children: [RING, DOT, QUESTION, EXCLAMATION]\n};\n\nvar styles$2 = namespace.styles;\nfunction asFoundIcon(icon) {\n var width = icon[0];\n var height = icon[1];\n\n var _icon$slice = icon.slice(4),\n _icon$slice2 = _slicedToArray(_icon$slice, 1),\n vectorData = _icon$slice2[0];\n\n var element = null;\n\n if (Array.isArray(vectorData)) {\n element = {\n tag: 'g',\n attributes: {\n class: \"\".concat(config.familyPrefix, \"-\").concat(DUOTONE_CLASSES.GROUP)\n },\n children: [{\n tag: 'path',\n attributes: {\n class: \"\".concat(config.familyPrefix, \"-\").concat(DUOTONE_CLASSES.SECONDARY),\n fill: 'currentColor',\n d: vectorData[0]\n }\n }, {\n tag: 'path',\n attributes: {\n class: \"\".concat(config.familyPrefix, \"-\").concat(DUOTONE_CLASSES.PRIMARY),\n fill: 'currentColor',\n d: vectorData[1]\n }\n }]\n };\n } else {\n element = {\n tag: 'path',\n attributes: {\n fill: 'currentColor',\n d: vectorData\n }\n };\n }\n\n return {\n found: true,\n width: width,\n height: height,\n icon: element\n };\n}\nfunction findIcon(iconName, prefix) {\n return new picked(function (resolve, reject) {\n var val = {\n found: false,\n width: 512,\n height: 512,\n icon: missing\n };\n\n if (iconName && prefix && styles$2[prefix] && styles$2[prefix][iconName]) {\n var icon = styles$2[prefix][iconName];\n return resolve(asFoundIcon(icon));\n }\n\n var headers = {};\n\n if (_typeof(WINDOW.FontAwesomeKitConfig) === 'object' && typeof window.FontAwesomeKitConfig.token === 'string') {\n headers['fa-kit-token'] = WINDOW.FontAwesomeKitConfig.token;\n }\n\n if (iconName && prefix && !config.showMissingIcons) {\n reject(new MissingIcon(\"Icon is missing for prefix \".concat(prefix, \" with icon name \").concat(iconName)));\n } else {\n resolve(val);\n }\n });\n}\n\nvar styles$3 = namespace.styles;\n\nfunction generateSvgReplacementMutation(node, nodeMeta) {\n var iconName = nodeMeta.iconName,\n title = nodeMeta.title,\n prefix = nodeMeta.prefix,\n transform = nodeMeta.transform,\n symbol = nodeMeta.symbol,\n mask = nodeMeta.mask,\n extra = nodeMeta.extra;\n return new picked(function (resolve, reject) {\n picked.all([findIcon(iconName, prefix), findIcon(mask.iconName, mask.prefix)]).then(function (_ref) {\n var _ref2 = _slicedToArray(_ref, 2),\n main = _ref2[0],\n mask = _ref2[1];\n\n resolve([node, makeInlineSvgAbstract({\n icons: {\n main: main,\n mask: mask\n },\n prefix: prefix,\n iconName: iconName,\n transform: transform,\n symbol: symbol,\n mask: mask,\n title: title,\n extra: extra,\n watchable: true\n })]);\n });\n });\n}\n\nfunction generateLayersText(node, nodeMeta) {\n var title = nodeMeta.title,\n transform = nodeMeta.transform,\n extra = nodeMeta.extra;\n var width = null;\n var height = null;\n\n if (IS_IE) {\n var computedFontSize = parseInt(getComputedStyle(node).fontSize, 10);\n var boundingClientRect = node.getBoundingClientRect();\n width = boundingClientRect.width / computedFontSize;\n height = boundingClientRect.height / computedFontSize;\n }\n\n if (config.autoA11y && !title) {\n extra.attributes['aria-hidden'] = 'true';\n }\n\n return picked.resolve([node, makeLayersTextAbstract({\n content: node.innerHTML,\n width: width,\n height: height,\n transform: transform,\n title: title,\n extra: extra,\n watchable: true\n })]);\n}\n\nfunction generateMutation(node) {\n var nodeMeta = parseMeta(node);\n\n if (~nodeMeta.extra.classes.indexOf(LAYERS_TEXT_CLASSNAME)) {\n return generateLayersText(node, nodeMeta);\n } else {\n return generateSvgReplacementMutation(node, nodeMeta);\n }\n}\n\nfunction onTree(root) {\n var callback = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : null;\n if (!IS_DOM) return;\n var htmlClassList = DOCUMENT.documentElement.classList;\n\n var hclAdd = function hclAdd(suffix) {\n return htmlClassList.add(\"\".concat(HTML_CLASS_I2SVG_BASE_CLASS, \"-\").concat(suffix));\n };\n\n var hclRemove = function hclRemove(suffix) {\n return htmlClassList.remove(\"\".concat(HTML_CLASS_I2SVG_BASE_CLASS, \"-\").concat(suffix));\n };\n\n var prefixes = config.autoFetchSvg ? Object.keys(PREFIX_TO_STYLE) : Object.keys(styles$3);\n var prefixesDomQuery = [\".\".concat(LAYERS_TEXT_CLASSNAME, \":not([\").concat(DATA_FA_I2SVG, \"])\")].concat(prefixes.map(function (p) {\n return \".\".concat(p, \":not([\").concat(DATA_FA_I2SVG, \"])\");\n })).join(', ');\n\n if (prefixesDomQuery.length === 0) {\n return;\n }\n\n var candidates = [];\n\n try {\n candidates = toArray(root.querySelectorAll(prefixesDomQuery));\n } catch (e) {// noop\n }\n\n if (candidates.length > 0) {\n hclAdd('pending');\n hclRemove('complete');\n } else {\n return;\n }\n\n var mark = perf.begin('onTree');\n var mutations = candidates.reduce(function (acc, node) {\n try {\n var mutation = generateMutation(node);\n\n if (mutation) {\n acc.push(mutation);\n }\n } catch (e) {\n if (!PRODUCTION) {\n if (e instanceof MissingIcon) {\n console.error(e);\n }\n }\n }\n\n return acc;\n }, []);\n return new picked(function (resolve, reject) {\n picked.all(mutations).then(function (resolvedMutations) {\n perform(resolvedMutations, function () {\n hclAdd('active');\n hclAdd('complete');\n hclRemove('pending');\n if (typeof callback === 'function') callback();\n mark();\n resolve();\n });\n }).catch(function () {\n mark();\n reject();\n });\n });\n}\nfunction onNode(node) {\n var callback = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : null;\n generateMutation(node).then(function (mutation) {\n if (mutation) {\n perform([mutation], callback);\n }\n });\n}\n\nfunction replaceForPosition(node, position) {\n var pendingAttribute = \"\".concat(DATA_FA_PSEUDO_ELEMENT_PENDING).concat(position.replace(':', '-'));\n return new picked(function (resolve, reject) {\n if (node.getAttribute(pendingAttribute) !== null) {\n // This node is already being processed\n return resolve();\n }\n\n var children = toArray(node.children);\n var alreadyProcessedPseudoElement = children.filter(function (c) {\n return c.getAttribute(DATA_FA_PSEUDO_ELEMENT) === position;\n })[0];\n var styles = WINDOW.getComputedStyle(node, position);\n var fontFamily = styles.getPropertyValue('font-family').match(FONT_FAMILY_PATTERN);\n var fontWeight = styles.getPropertyValue('font-weight');\n\n if (alreadyProcessedPseudoElement && !fontFamily) {\n // If we've already processed it but the current computed style does not result in a font-family,\n // that probably means that a class name that was previously present to make the icon has been\n // removed. So we now should delete the icon.\n node.removeChild(alreadyProcessedPseudoElement);\n return resolve();\n } else if (fontFamily) {\n var content = styles.getPropertyValue('content');\n var prefix = ~['Solid', 'Regular', 'Light', 'Duotone', 'Brands'].indexOf(fontFamily[1]) ? STYLE_TO_PREFIX[fontFamily[1].toLowerCase()] : FONT_WEIGHT_TO_PREFIX[fontWeight];\n var hexValue = toHex(content.length === 3 ? content.substr(1, 1) : content);\n var iconName = byUnicode(prefix, hexValue);\n var iconIdentifier = iconName; // Only convert the pseudo element in this :before/:after position into an icon if we haven't\n // already done so with the same prefix and iconName\n\n if (iconName && (!alreadyProcessedPseudoElement || alreadyProcessedPseudoElement.getAttribute(DATA_PREFIX) !== prefix || alreadyProcessedPseudoElement.getAttribute(DATA_ICON) !== iconIdentifier)) {\n node.setAttribute(pendingAttribute, iconIdentifier);\n\n if (alreadyProcessedPseudoElement) {\n // Delete the old one, since we're replacing it with a new one\n node.removeChild(alreadyProcessedPseudoElement);\n }\n\n var meta = blankMeta();\n var extra = meta.extra;\n extra.attributes[DATA_FA_PSEUDO_ELEMENT] = position;\n findIcon(iconName, prefix).then(function (main) {\n var abstract = makeInlineSvgAbstract(_objectSpread({}, meta, {\n icons: {\n main: main,\n mask: emptyCanonicalIcon()\n },\n prefix: prefix,\n iconName: iconIdentifier,\n extra: extra,\n watchable: true\n }));\n var element = DOCUMENT.createElement('svg');\n\n if (position === ':before') {\n node.insertBefore(element, node.firstChild);\n } else {\n node.appendChild(element);\n }\n\n element.outerHTML = abstract.map(function (a) {\n return toHtml(a);\n }).join('\\n');\n node.removeAttribute(pendingAttribute);\n resolve();\n }).catch(reject);\n } else {\n resolve();\n }\n } else {\n resolve();\n }\n });\n}\n\nfunction replace(node) {\n return picked.all([replaceForPosition(node, ':before'), replaceForPosition(node, ':after')]);\n}\n\nfunction processable(node) {\n return node.parentNode !== document.head && !~TAGNAMES_TO_SKIP_FOR_PSEUDOELEMENTS.indexOf(node.tagName.toUpperCase()) && !node.getAttribute(DATA_FA_PSEUDO_ELEMENT) && (!node.parentNode || node.parentNode.tagName !== 'svg');\n}\n\nfunction searchPseudoElements (root) {\n if (!IS_DOM) return;\n return new picked(function (resolve, reject) {\n var operations = toArray(root.querySelectorAll('*')).filter(processable).map(replace);\n var end = perf.begin('searchPseudoElements');\n disableObservation();\n picked.all(operations).then(function () {\n end();\n enableObservation();\n resolve();\n }).catch(function () {\n end();\n enableObservation();\n reject();\n });\n });\n}\n\nvar baseStyles = \"svg:not(:root).svg-inline--fa {\\n overflow: visible;\\n}\\n\\n.svg-inline--fa {\\n display: inline-block;\\n font-size: inherit;\\n height: 1em;\\n overflow: visible;\\n vertical-align: -0.125em;\\n}\\n.svg-inline--fa.fa-lg {\\n vertical-align: -0.225em;\\n}\\n.svg-inline--fa.fa-w-1 {\\n width: 0.0625em;\\n}\\n.svg-inline--fa.fa-w-2 {\\n width: 0.125em;\\n}\\n.svg-inline--fa.fa-w-3 {\\n width: 0.1875em;\\n}\\n.svg-inline--fa.fa-w-4 {\\n width: 0.25em;\\n}\\n.svg-inline--fa.fa-w-5 {\\n width: 0.3125em;\\n}\\n.svg-inline--fa.fa-w-6 {\\n width: 0.375em;\\n}\\n.svg-inline--fa.fa-w-7 {\\n width: 0.4375em;\\n}\\n.svg-inline--fa.fa-w-8 {\\n width: 0.5em;\\n}\\n.svg-inline--fa.fa-w-9 {\\n width: 0.5625em;\\n}\\n.svg-inline--fa.fa-w-10 {\\n width: 0.625em;\\n}\\n.svg-inline--fa.fa-w-11 {\\n width: 0.6875em;\\n}\\n.svg-inline--fa.fa-w-12 {\\n width: 0.75em;\\n}\\n.svg-inline--fa.fa-w-13 {\\n width: 0.8125em;\\n}\\n.svg-inline--fa.fa-w-14 {\\n width: 0.875em;\\n}\\n.svg-inline--fa.fa-w-15 {\\n width: 0.9375em;\\n}\\n.svg-inline--fa.fa-w-16 {\\n width: 1em;\\n}\\n.svg-inline--fa.fa-w-17 {\\n width: 1.0625em;\\n}\\n.svg-inline--fa.fa-w-18 {\\n width: 1.125em;\\n}\\n.svg-inline--fa.fa-w-19 {\\n width: 1.1875em;\\n}\\n.svg-inline--fa.fa-w-20 {\\n width: 1.25em;\\n}\\n.svg-inline--fa.fa-pull-left {\\n margin-right: 0.3em;\\n width: auto;\\n}\\n.svg-inline--fa.fa-pull-right {\\n margin-left: 0.3em;\\n width: auto;\\n}\\n.svg-inline--fa.fa-border {\\n height: 1.5em;\\n}\\n.svg-inline--fa.fa-li {\\n width: 2em;\\n}\\n.svg-inline--fa.fa-fw {\\n width: 1.25em;\\n}\\n\\n.fa-layers svg.svg-inline--fa {\\n bottom: 0;\\n left: 0;\\n margin: auto;\\n position: absolute;\\n right: 0;\\n top: 0;\\n}\\n\\n.fa-layers {\\n display: inline-block;\\n height: 1em;\\n position: relative;\\n text-align: center;\\n vertical-align: -0.125em;\\n width: 1em;\\n}\\n.fa-layers svg.svg-inline--fa {\\n -webkit-transform-origin: center center;\\n transform-origin: center center;\\n}\\n\\n.fa-layers-counter, .fa-layers-text {\\n display: inline-block;\\n position: absolute;\\n text-align: center;\\n}\\n\\n.fa-layers-text {\\n left: 50%;\\n top: 50%;\\n -webkit-transform: translate(-50%, -50%);\\n transform: translate(-50%, -50%);\\n -webkit-transform-origin: center center;\\n transform-origin: center center;\\n}\\n\\n.fa-layers-counter {\\n background-color: #ff253a;\\n border-radius: 1em;\\n -webkit-box-sizing: border-box;\\n box-sizing: border-box;\\n color: #fff;\\n height: 1.5em;\\n line-height: 1;\\n max-width: 5em;\\n min-width: 1.5em;\\n overflow: hidden;\\n padding: 0.25em;\\n right: 0;\\n text-overflow: ellipsis;\\n top: 0;\\n -webkit-transform: scale(0.25);\\n transform: scale(0.25);\\n -webkit-transform-origin: top right;\\n transform-origin: top right;\\n}\\n\\n.fa-layers-bottom-right {\\n bottom: 0;\\n right: 0;\\n top: auto;\\n -webkit-transform: scale(0.25);\\n transform: scale(0.25);\\n -webkit-transform-origin: bottom right;\\n transform-origin: bottom right;\\n}\\n\\n.fa-layers-bottom-left {\\n bottom: 0;\\n left: 0;\\n right: auto;\\n top: auto;\\n -webkit-transform: scale(0.25);\\n transform: scale(0.25);\\n -webkit-transform-origin: bottom left;\\n transform-origin: bottom left;\\n}\\n\\n.fa-layers-top-right {\\n right: 0;\\n top: 0;\\n -webkit-transform: scale(0.25);\\n transform: scale(0.25);\\n -webkit-transform-origin: top right;\\n transform-origin: top right;\\n}\\n\\n.fa-layers-top-left {\\n left: 0;\\n right: auto;\\n top: 0;\\n -webkit-transform: scale(0.25);\\n transform: scale(0.25);\\n -webkit-transform-origin: top left;\\n transform-origin: top left;\\n}\\n\\n.fa-lg {\\n font-size: 1.3333333333em;\\n line-height: 0.75em;\\n vertical-align: -0.0667em;\\n}\\n\\n.fa-xs {\\n font-size: 0.75em;\\n}\\n\\n.fa-sm {\\n font-size: 0.875em;\\n}\\n\\n.fa-1x {\\n font-size: 1em;\\n}\\n\\n.fa-2x {\\n font-size: 2em;\\n}\\n\\n.fa-3x {\\n font-size: 3em;\\n}\\n\\n.fa-4x {\\n font-size: 4em;\\n}\\n\\n.fa-5x {\\n font-size: 5em;\\n}\\n\\n.fa-6x {\\n font-size: 6em;\\n}\\n\\n.fa-7x {\\n font-size: 7em;\\n}\\n\\n.fa-8x {\\n font-size: 8em;\\n}\\n\\n.fa-9x {\\n font-size: 9em;\\n}\\n\\n.fa-10x {\\n font-size: 10em;\\n}\\n\\n.fa-fw {\\n text-align: center;\\n width: 1.25em;\\n}\\n\\n.fa-ul {\\n list-style-type: none;\\n margin-left: 2.5em;\\n padding-left: 0;\\n}\\n.fa-ul > li {\\n position: relative;\\n}\\n\\n.fa-li {\\n left: -2em;\\n position: absolute;\\n text-align: center;\\n width: 2em;\\n line-height: inherit;\\n}\\n\\n.fa-border {\\n border: solid 0.08em #eee;\\n border-radius: 0.1em;\\n padding: 0.2em 0.25em 0.15em;\\n}\\n\\n.fa-pull-left {\\n float: left;\\n}\\n\\n.fa-pull-right {\\n float: right;\\n}\\n\\n.fa.fa-pull-left,\\n.fas.fa-pull-left,\\n.far.fa-pull-left,\\n.fal.fa-pull-left,\\n.fab.fa-pull-left {\\n margin-right: 0.3em;\\n}\\n.fa.fa-pull-right,\\n.fas.fa-pull-right,\\n.far.fa-pull-right,\\n.fal.fa-pull-right,\\n.fab.fa-pull-right {\\n margin-left: 0.3em;\\n}\\n\\n.fa-spin {\\n -webkit-animation: fa-spin 2s infinite linear;\\n animation: fa-spin 2s infinite linear;\\n}\\n\\n.fa-pulse {\\n -webkit-animation: fa-spin 1s infinite steps(8);\\n animation: fa-spin 1s infinite steps(8);\\n}\\n\\n@-webkit-keyframes fa-spin {\\n 0% {\\n -webkit-transform: rotate(0deg);\\n transform: rotate(0deg);\\n }\\n 100% {\\n -webkit-transform: rotate(360deg);\\n transform: rotate(360deg);\\n }\\n}\\n\\n@keyframes fa-spin {\\n 0% {\\n -webkit-transform: rotate(0deg);\\n transform: rotate(0deg);\\n }\\n 100% {\\n -webkit-transform: rotate(360deg);\\n transform: rotate(360deg);\\n }\\n}\\n.fa-rotate-90 {\\n -ms-filter: \\\"progid:DXImageTransform.Microsoft.BasicImage(rotation=1)\\\";\\n -webkit-transform: rotate(90deg);\\n transform: rotate(90deg);\\n}\\n\\n.fa-rotate-180 {\\n -ms-filter: \\\"progid:DXImageTransform.Microsoft.BasicImage(rotation=2)\\\";\\n -webkit-transform: rotate(180deg);\\n transform: rotate(180deg);\\n}\\n\\n.fa-rotate-270 {\\n -ms-filter: \\\"progid:DXImageTransform.Microsoft.BasicImage(rotation=3)\\\";\\n -webkit-transform: rotate(270deg);\\n transform: rotate(270deg);\\n}\\n\\n.fa-flip-horizontal {\\n -ms-filter: \\\"progid:DXImageTransform.Microsoft.BasicImage(rotation=0, mirror=1)\\\";\\n -webkit-transform: scale(-1, 1);\\n transform: scale(-1, 1);\\n}\\n\\n.fa-flip-vertical {\\n -ms-filter: \\\"progid:DXImageTransform.Microsoft.BasicImage(rotation=2, mirror=1)\\\";\\n -webkit-transform: scale(1, -1);\\n transform: scale(1, -1);\\n}\\n\\n.fa-flip-both, .fa-flip-horizontal.fa-flip-vertical {\\n -ms-filter: \\\"progid:DXImageTransform.Microsoft.BasicImage(rotation=2, mirror=1)\\\";\\n -webkit-transform: scale(-1, -1);\\n transform: scale(-1, -1);\\n}\\n\\n:root .fa-rotate-90,\\n:root .fa-rotate-180,\\n:root .fa-rotate-270,\\n:root .fa-flip-horizontal,\\n:root .fa-flip-vertical,\\n:root .fa-flip-both {\\n -webkit-filter: none;\\n filter: none;\\n}\\n\\n.fa-stack {\\n display: inline-block;\\n height: 2em;\\n position: relative;\\n width: 2.5em;\\n}\\n\\n.fa-stack-1x,\\n.fa-stack-2x {\\n bottom: 0;\\n left: 0;\\n margin: auto;\\n position: absolute;\\n right: 0;\\n top: 0;\\n}\\n\\n.svg-inline--fa.fa-stack-1x {\\n height: 1em;\\n width: 1.25em;\\n}\\n.svg-inline--fa.fa-stack-2x {\\n height: 2em;\\n width: 2.5em;\\n}\\n\\n.fa-inverse {\\n color: #fff;\\n}\\n\\n.sr-only {\\n border: 0;\\n clip: rect(0, 0, 0, 0);\\n height: 1px;\\n margin: -1px;\\n overflow: hidden;\\n padding: 0;\\n position: absolute;\\n width: 1px;\\n}\\n\\n.sr-only-focusable:active, .sr-only-focusable:focus {\\n clip: auto;\\n height: auto;\\n margin: 0;\\n overflow: visible;\\n position: static;\\n width: auto;\\n}\\n\\n.svg-inline--fa .fa-primary {\\n fill: var(--fa-primary-color, currentColor);\\n opacity: 1;\\n opacity: var(--fa-primary-opacity, 1);\\n}\\n\\n.svg-inline--fa .fa-secondary {\\n fill: var(--fa-secondary-color, currentColor);\\n opacity: 0.4;\\n opacity: var(--fa-secondary-opacity, 0.4);\\n}\\n\\n.svg-inline--fa.fa-swap-opacity .fa-primary {\\n opacity: 0.4;\\n opacity: var(--fa-secondary-opacity, 0.4);\\n}\\n\\n.svg-inline--fa.fa-swap-opacity .fa-secondary {\\n opacity: 1;\\n opacity: var(--fa-primary-opacity, 1);\\n}\\n\\n.svg-inline--fa mask .fa-primary,\\n.svg-inline--fa mask .fa-secondary {\\n fill: black;\\n}\\n\\n.fad.fa-inverse {\\n color: #fff;\\n}\";\n\nfunction css () {\n var dfp = DEFAULT_FAMILY_PREFIX;\n var drc = DEFAULT_REPLACEMENT_CLASS;\n var fp = config.familyPrefix;\n var rc = config.replacementClass;\n var s = baseStyles;\n\n if (fp !== dfp || rc !== drc) {\n var dPatt = new RegExp(\"\\\\.\".concat(dfp, \"\\\\-\"), 'g');\n var customPropPatt = new RegExp(\"\\\\--\".concat(dfp, \"\\\\-\"), 'g');\n var rPatt = new RegExp(\"\\\\.\".concat(drc), 'g');\n s = s.replace(dPatt, \".\".concat(fp, \"-\")).replace(customPropPatt, \"--\".concat(fp, \"-\")).replace(rPatt, \".\".concat(rc));\n }\n\n return s;\n}\n\nvar Library =\n/*#__PURE__*/\nfunction () {\n function Library() {\n _classCallCheck(this, Library);\n\n this.definitions = {};\n }\n\n _createClass(Library, [{\n key: \"add\",\n value: function add() {\n var _this = this;\n\n for (var _len = arguments.length, definitions = new Array(_len), _key = 0; _key < _len; _key++) {\n definitions[_key] = arguments[_key];\n }\n\n var additions = definitions.reduce(this._pullDefinitions, {});\n Object.keys(additions).forEach(function (key) {\n _this.definitions[key] = _objectSpread({}, _this.definitions[key] || {}, additions[key]);\n defineIcons(key, additions[key]);\n build();\n });\n }\n }, {\n key: \"reset\",\n value: function reset() {\n this.definitions = {};\n }\n }, {\n key: \"_pullDefinitions\",\n value: function _pullDefinitions(additions, definition) {\n var normalized = definition.prefix && definition.iconName && definition.icon ? {\n 0: definition\n } : definition;\n Object.keys(normalized).map(function (key) {\n var _normalized$key = normalized[key],\n prefix = _normalized$key.prefix,\n iconName = _normalized$key.iconName,\n icon = _normalized$key.icon;\n if (!additions[prefix]) additions[prefix] = {};\n additions[prefix][iconName] = icon;\n });\n return additions;\n }\n }]);\n\n return Library;\n}();\n\nfunction ensureCss() {\n if (config.autoAddCss && !_cssInserted) {\n insertCss(css());\n\n _cssInserted = true;\n }\n}\n\nfunction apiObject(val, abstractCreator) {\n Object.defineProperty(val, 'abstract', {\n get: abstractCreator\n });\n Object.defineProperty(val, 'html', {\n get: function get() {\n return val.abstract.map(function (a) {\n return toHtml(a);\n });\n }\n });\n Object.defineProperty(val, 'node', {\n get: function get() {\n if (!IS_DOM) return;\n var container = DOCUMENT.createElement('div');\n container.innerHTML = val.html;\n return container.children;\n }\n });\n return val;\n}\n\nfunction findIconDefinition(iconLookup) {\n var _iconLookup$prefix = iconLookup.prefix,\n prefix = _iconLookup$prefix === void 0 ? 'fa' : _iconLookup$prefix,\n iconName = iconLookup.iconName;\n if (!iconName) return;\n return iconFromMapping(library.definitions, prefix, iconName) || iconFromMapping(namespace.styles, prefix, iconName);\n}\n\nfunction resolveIcons(next) {\n return function (maybeIconDefinition) {\n var params = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};\n var iconDefinition = (maybeIconDefinition || {}).icon ? maybeIconDefinition : findIconDefinition(maybeIconDefinition || {});\n var mask = params.mask;\n\n if (mask) {\n mask = (mask || {}).icon ? mask : findIconDefinition(mask || {});\n }\n\n return next(iconDefinition, _objectSpread({}, params, {\n mask: mask\n }));\n };\n}\n\nvar library = new Library();\nvar noAuto = function noAuto() {\n config.autoReplaceSvg = false;\n config.observeMutations = false;\n disconnect();\n};\nvar _cssInserted = false;\nvar dom = {\n i2svg: function i2svg() {\n var params = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};\n\n if (IS_DOM) {\n ensureCss();\n var _params$node = params.node,\n node = _params$node === void 0 ? DOCUMENT : _params$node,\n _params$callback = params.callback,\n callback = _params$callback === void 0 ? function () {} : _params$callback;\n\n if (config.searchPseudoElements) {\n searchPseudoElements(node);\n }\n\n return onTree(node, callback);\n } else {\n return picked.reject('Operation requires a DOM of some kind.');\n }\n },\n css: css,\n insertCss: function insertCss$$1() {\n if (!_cssInserted) {\n insertCss(css());\n\n _cssInserted = true;\n }\n },\n watch: function watch() {\n var params = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};\n var autoReplaceSvgRoot = params.autoReplaceSvgRoot,\n observeMutationsRoot = params.observeMutationsRoot;\n\n if (config.autoReplaceSvg === false) {\n config.autoReplaceSvg = true;\n }\n\n config.observeMutations = true;\n domready(function () {\n autoReplace({\n autoReplaceSvgRoot: autoReplaceSvgRoot\n });\n observe({\n treeCallback: onTree,\n nodeCallback: onNode,\n pseudoElementsCallback: searchPseudoElements,\n observeMutationsRoot: observeMutationsRoot\n });\n });\n }\n};\nvar parse = {\n transform: function transform(transformString) {\n return parseTransformString(transformString);\n }\n};\nvar icon = resolveIcons(function (iconDefinition) {\n var params = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};\n var _params$transform = params.transform,\n transform = _params$transform === void 0 ? meaninglessTransform : _params$transform,\n _params$symbol = params.symbol,\n symbol = _params$symbol === void 0 ? false : _params$symbol,\n _params$mask = params.mask,\n mask = _params$mask === void 0 ? null : _params$mask,\n _params$title = params.title,\n title = _params$title === void 0 ? null : _params$title,\n _params$classes = params.classes,\n classes = _params$classes === void 0 ? [] : _params$classes,\n _params$attributes = params.attributes,\n attributes = _params$attributes === void 0 ? {} : _params$attributes,\n _params$styles = params.styles,\n styles = _params$styles === void 0 ? {} : _params$styles;\n if (!iconDefinition) return;\n var prefix = iconDefinition.prefix,\n iconName = iconDefinition.iconName,\n icon = iconDefinition.icon;\n return apiObject(_objectSpread({\n type: 'icon'\n }, iconDefinition), function () {\n ensureCss();\n\n if (config.autoA11y) {\n if (title) {\n attributes['aria-labelledby'] = \"\".concat(config.replacementClass, \"-title-\").concat(nextUniqueId());\n } else {\n attributes['aria-hidden'] = 'true';\n attributes['focusable'] = 'false';\n }\n }\n\n return makeInlineSvgAbstract({\n icons: {\n main: asFoundIcon(icon),\n mask: mask ? asFoundIcon(mask.icon) : {\n found: false,\n width: null,\n height: null,\n icon: {}\n }\n },\n prefix: prefix,\n iconName: iconName,\n transform: _objectSpread({}, meaninglessTransform, transform),\n symbol: symbol,\n title: title,\n extra: {\n attributes: attributes,\n styles: styles,\n classes: classes\n }\n });\n });\n});\nvar text = function text(content) {\n var params = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};\n var _params$transform2 = params.transform,\n transform = _params$transform2 === void 0 ? meaninglessTransform : _params$transform2,\n _params$title2 = params.title,\n title = _params$title2 === void 0 ? null : _params$title2,\n _params$classes2 = params.classes,\n classes = _params$classes2 === void 0 ? [] : _params$classes2,\n _params$attributes2 = params.attributes,\n attributes = _params$attributes2 === void 0 ? {} : _params$attributes2,\n _params$styles2 = params.styles,\n styles = _params$styles2 === void 0 ? {} : _params$styles2;\n return apiObject({\n type: 'text',\n content: content\n }, function () {\n ensureCss();\n return makeLayersTextAbstract({\n content: content,\n transform: _objectSpread({}, meaninglessTransform, transform),\n title: title,\n extra: {\n attributes: attributes,\n styles: styles,\n classes: [\"\".concat(config.familyPrefix, \"-layers-text\")].concat(_toConsumableArray(classes))\n }\n });\n });\n};\nvar counter = function counter(content) {\n var params = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};\n var _params$title3 = params.title,\n title = _params$title3 === void 0 ? null : _params$title3,\n _params$classes3 = params.classes,\n classes = _params$classes3 === void 0 ? [] : _params$classes3,\n _params$attributes3 = params.attributes,\n attributes = _params$attributes3 === void 0 ? {} : _params$attributes3,\n _params$styles3 = params.styles,\n styles = _params$styles3 === void 0 ? {} : _params$styles3;\n return apiObject({\n type: 'counter',\n content: content\n }, function () {\n ensureCss();\n return makeLayersCounterAbstract({\n content: content.toString(),\n title: title,\n extra: {\n attributes: attributes,\n styles: styles,\n classes: [\"\".concat(config.familyPrefix, \"-layers-counter\")].concat(_toConsumableArray(classes))\n }\n });\n });\n};\nvar layer = function layer(assembler) {\n var params = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};\n var _params$classes4 = params.classes,\n classes = _params$classes4 === void 0 ? [] : _params$classes4;\n return apiObject({\n type: 'layer'\n }, function () {\n ensureCss();\n var children = [];\n assembler(function (args) {\n Array.isArray(args) ? args.map(function (a) {\n children = children.concat(a.abstract);\n }) : children = children.concat(args.abstract);\n });\n return [{\n tag: 'span',\n attributes: {\n class: [\"\".concat(config.familyPrefix, \"-layers\")].concat(_toConsumableArray(classes)).join(' ')\n },\n children: children\n }];\n });\n};\nvar api = {\n noAuto: noAuto,\n config: config,\n dom: dom,\n library: library,\n parse: parse,\n findIconDefinition: findIconDefinition,\n icon: icon,\n text: text,\n counter: counter,\n layer: layer,\n toHtml: toHtml\n};\n\nvar autoReplace = function autoReplace() {\n var params = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};\n var _params$autoReplaceSv = params.autoReplaceSvgRoot,\n autoReplaceSvgRoot = _params$autoReplaceSv === void 0 ? DOCUMENT : _params$autoReplaceSv;\n if ((Object.keys(namespace.styles).length > 0 || config.autoFetchSvg) && IS_DOM && config.autoReplaceSvg) api.dom.i2svg({\n node: autoReplaceSvgRoot\n });\n};\n\nexport { icon, noAuto, config, toHtml, layer, text, counter, library, dom, parse, findIconDefinition };\n","!function(t,e){\"object\"==typeof exports&&\"undefined\"!=typeof module?module.exports=e():\"function\"==typeof define&&define.amd?define(e):(t=\"undefined\"!=typeof globalThis?globalThis:t||self).dayjs=e()}(this,(function(){\"use strict\";var t=1e3,e=6e4,n=36e5,r=\"millisecond\",i=\"second\",s=\"minute\",u=\"hour\",a=\"day\",o=\"week\",f=\"month\",h=\"quarter\",c=\"year\",d=\"date\",$=\"Invalid Date\",l=/^(\\d{4})[-/]?(\\d{1,2})?[-/]?(\\d{0,2})[Tt\\s]*(\\d{1,2})?:?(\\d{1,2})?:?(\\d{1,2})?[.:]?(\\d+)?$/,y=/\\[([^\\]]+)]|Y{1,4}|M{1,4}|D{1,2}|d{1,4}|H{1,2}|h{1,2}|a|A|m{1,2}|s{1,2}|Z{1,2}|SSS/g,M={name:\"en\",weekdays:\"Sunday_Monday_Tuesday_Wednesday_Thursday_Friday_Saturday\".split(\"_\"),months:\"January_February_March_April_May_June_July_August_September_October_November_December\".split(\"_\")},m=function(t,e,n){var r=String(t);return!r||r.length>=e?t:\"\"+Array(e+1-r.length).join(n)+t},g={s:m,z:function(t){var e=-t.utcOffset(),n=Math.abs(e),r=Math.floor(n/60),i=n%60;return(e<=0?\"+\":\"-\")+m(r,2,\"0\")+\":\"+m(i,2,\"0\")},m:function t(e,n){if(e.date()1)return t(u[0])}else{var a=e.name;D[a]=e,i=a}return!r&&i&&(v=i),i||!r&&v},w=function(t,e){if(p(t))return t.clone();var n=\"object\"==typeof e?e:{};return n.date=t,n.args=arguments,new _(n)},O=g;O.l=S,O.i=p,O.w=function(t,e){return w(t,{locale:e.$L,utc:e.$u,x:e.$x,$offset:e.$offset})};var _=function(){function M(t){this.$L=S(t.locale,null,!0),this.parse(t)}var m=M.prototype;return m.parse=function(t){this.$d=function(t){var e=t.date,n=t.utc;if(null===e)return new Date(NaN);if(O.u(e))return new Date;if(e instanceof Date)return new Date(e);if(\"string\"==typeof e&&!/Z$/i.test(e)){var r=e.match(l);if(r){var i=r[2]-1||0,s=(r[7]||\"0\").substring(0,3);return n?new Date(Date.UTC(r[1],i,r[3]||1,r[4]||0,r[5]||0,r[6]||0,s)):new Date(r[1],i,r[3]||1,r[4]||0,r[5]||0,r[6]||0,s)}}return new Date(e)}(t),this.$x=t.x||{},this.init()},m.init=function(){var t=this.$d;this.$y=t.getFullYear(),this.$M=t.getMonth(),this.$D=t.getDate(),this.$W=t.getDay(),this.$H=t.getHours(),this.$m=t.getMinutes(),this.$s=t.getSeconds(),this.$ms=t.getMilliseconds()},m.$utils=function(){return O},m.isValid=function(){return!(this.$d.toString()===$)},m.isSame=function(t,e){var n=w(t);return this.startOf(e)<=n&&n<=this.endOf(e)},m.isAfter=function(t,e){return w(t) 1) {\n return \"element\";\n }\n\n return type;\n};\n\nclassname.extend = function (obj1, obj2) {\n var result = {},\n objs = [obj1, obj2];\n\n classname.each(objs, function (obj) {\n classname.each(obj, function (val, key) {\n if (obj.hasOwnProperty(key)) {\n result[key] = val;\n }\n });\n });\n\n return result;\n};\n\nif (typeof module !== \"undefined\" && module.exports) {\n module.exports = classname;\n}\n","'use strict';\n\nvar utils = require('./utils');\nvar normalizeHeaderName = require('./helpers/normalizeHeaderName');\nvar enhanceError = require('./core/enhanceError');\n\nvar DEFAULT_CONTENT_TYPE = {\n 'Content-Type': 'application/x-www-form-urlencoded'\n};\n\nfunction setContentTypeIfUnset(headers, value) {\n if (!utils.isUndefined(headers) && utils.isUndefined(headers['Content-Type'])) {\n headers['Content-Type'] = value;\n }\n}\n\nfunction getDefaultAdapter() {\n var adapter;\n if (typeof XMLHttpRequest !== 'undefined') {\n // For browsers use XHR adapter\n adapter = require('./adapters/xhr');\n } else if (typeof process !== 'undefined' && Object.prototype.toString.call(process) === '[object process]') {\n // For node use HTTP adapter\n adapter = require('./adapters/http');\n }\n return adapter;\n}\n\nfunction stringifySafely(rawValue, parser, encoder) {\n if (utils.isString(rawValue)) {\n try {\n (parser || JSON.parse)(rawValue);\n return utils.trim(rawValue);\n } catch (e) {\n if (e.name !== 'SyntaxError') {\n throw e;\n }\n }\n }\n\n return (encoder || JSON.stringify)(rawValue);\n}\n\nvar defaults = {\n\n transitional: {\n silentJSONParsing: true,\n forcedJSONParsing: true,\n clarifyTimeoutError: false\n },\n\n adapter: getDefaultAdapter(),\n\n transformRequest: [function transformRequest(data, headers) {\n normalizeHeaderName(headers, 'Accept');\n normalizeHeaderName(headers, 'Content-Type');\n\n if (utils.isFormData(data) ||\n utils.isArrayBuffer(data) ||\n utils.isBuffer(data) ||\n utils.isStream(data) ||\n utils.isFile(data) ||\n utils.isBlob(data)\n ) {\n return data;\n }\n if (utils.isArrayBufferView(data)) {\n return data.buffer;\n }\n if (utils.isURLSearchParams(data)) {\n setContentTypeIfUnset(headers, 'application/x-www-form-urlencoded;charset=utf-8');\n return data.toString();\n }\n if (utils.isObject(data) || (headers && headers['Content-Type'] === 'application/json')) {\n setContentTypeIfUnset(headers, 'application/json');\n return stringifySafely(data);\n }\n return data;\n }],\n\n transformResponse: [function transformResponse(data) {\n var transitional = this.transitional;\n var silentJSONParsing = transitional && transitional.silentJSONParsing;\n var forcedJSONParsing = transitional && transitional.forcedJSONParsing;\n var strictJSONParsing = !silentJSONParsing && this.responseType === 'json';\n\n if (strictJSONParsing || (forcedJSONParsing && utils.isString(data) && data.length)) {\n try {\n return JSON.parse(data);\n } catch (e) {\n if (strictJSONParsing) {\n if (e.name === 'SyntaxError') {\n throw enhanceError(e, this, 'E_JSON_PARSE');\n }\n throw e;\n }\n }\n }\n\n return data;\n }],\n\n /**\n * A timeout in milliseconds to abort a request. If set to 0 (default) a\n * timeout is not created.\n */\n timeout: 0,\n\n xsrfCookieName: 'XSRF-TOKEN',\n xsrfHeaderName: 'X-XSRF-TOKEN',\n\n maxContentLength: -1,\n maxBodyLength: -1,\n\n validateStatus: function validateStatus(status) {\n return status >= 200 && status < 300;\n }\n};\n\ndefaults.headers = {\n common: {\n 'Accept': 'application/json, text/plain, */*'\n }\n};\n\nutils.forEach(['delete', 'get', 'head'], function forEachMethodNoData(method) {\n defaults.headers[method] = {};\n});\n\nutils.forEach(['post', 'put', 'patch'], function forEachMethodWithData(method) {\n defaults.headers[method] = utils.merge(DEFAULT_CONTENT_TYPE);\n});\n\nmodule.exports = defaults;\n","'use strict';\n\nvar has = Object.prototype.hasOwnProperty;\nvar isArray = Array.isArray;\n\nvar hexTable = (function () {\n var array = [];\n for (var i = 0; i < 256; ++i) {\n array.push('%' + ((i < 16 ? '0' : '') + i.toString(16)).toUpperCase());\n }\n\n return array;\n}());\n\nvar compactQueue = function compactQueue(queue) {\n while (queue.length > 1) {\n var item = queue.pop();\n var obj = item.obj[item.prop];\n\n if (isArray(obj)) {\n var compacted = [];\n\n for (var j = 0; j < obj.length; ++j) {\n if (typeof obj[j] !== 'undefined') {\n compacted.push(obj[j]);\n }\n }\n\n item.obj[item.prop] = compacted;\n }\n }\n};\n\nvar arrayToObject = function arrayToObject(source, options) {\n var obj = options && options.plainObjects ? Object.create(null) : {};\n for (var i = 0; i < source.length; ++i) {\n if (typeof source[i] !== 'undefined') {\n obj[i] = source[i];\n }\n }\n\n return obj;\n};\n\nvar merge = function merge(target, source, options) {\n /* eslint no-param-reassign: 0 */\n if (!source) {\n return target;\n }\n\n if (typeof source !== 'object') {\n if (isArray(target)) {\n target.push(source);\n } else if (target && typeof target === 'object') {\n if ((options && (options.plainObjects || options.allowPrototypes)) || !has.call(Object.prototype, source)) {\n target[source] = true;\n }\n } else {\n return [target, source];\n }\n\n return target;\n }\n\n if (!target || typeof target !== 'object') {\n return [target].concat(source);\n }\n\n var mergeTarget = target;\n if (isArray(target) && !isArray(source)) {\n mergeTarget = arrayToObject(target, options);\n }\n\n if (isArray(target) && isArray(source)) {\n source.forEach(function (item, i) {\n if (has.call(target, i)) {\n var targetItem = target[i];\n if (targetItem && typeof targetItem === 'object' && item && typeof item === 'object') {\n target[i] = merge(targetItem, item, options);\n } else {\n target.push(item);\n }\n } else {\n target[i] = item;\n }\n });\n return target;\n }\n\n return Object.keys(source).reduce(function (acc, key) {\n var value = source[key];\n\n if (has.call(acc, key)) {\n acc[key] = merge(acc[key], value, options);\n } else {\n acc[key] = value;\n }\n return acc;\n }, mergeTarget);\n};\n\nvar assign = function assignSingleSource(target, source) {\n return Object.keys(source).reduce(function (acc, key) {\n acc[key] = source[key];\n return acc;\n }, target);\n};\n\nvar decode = function (str, decoder, charset) {\n var strWithoutPlus = str.replace(/\\+/g, ' ');\n if (charset === 'iso-8859-1') {\n // unescape never throws, no try...catch needed:\n return strWithoutPlus.replace(/%[0-9a-f]{2}/gi, unescape);\n }\n // utf-8\n try {\n return decodeURIComponent(strWithoutPlus);\n } catch (e) {\n return strWithoutPlus;\n }\n};\n\nvar encode = function encode(str, defaultEncoder, charset) {\n // This code was originally written by Brian White (mscdex) for the io.js core querystring library.\n // It has been adapted here for stricter adherence to RFC 3986\n if (str.length === 0) {\n return str;\n }\n\n var string = str;\n if (typeof str === 'symbol') {\n string = Symbol.prototype.toString.call(str);\n } else if (typeof str !== 'string') {\n string = String(str);\n }\n\n if (charset === 'iso-8859-1') {\n return escape(string).replace(/%u[0-9a-f]{4}/gi, function ($0) {\n return '%26%23' + parseInt($0.slice(2), 16) + '%3B';\n });\n }\n\n var out = '';\n for (var i = 0; i < string.length; ++i) {\n var c = string.charCodeAt(i);\n\n if (\n c === 0x2D // -\n || c === 0x2E // .\n || c === 0x5F // _\n || c === 0x7E // ~\n || (c >= 0x30 && c <= 0x39) // 0-9\n || (c >= 0x41 && c <= 0x5A) // a-z\n || (c >= 0x61 && c <= 0x7A) // A-Z\n ) {\n out += string.charAt(i);\n continue;\n }\n\n if (c < 0x80) {\n out = out + hexTable[c];\n continue;\n }\n\n if (c < 0x800) {\n out = out + (hexTable[0xC0 | (c >> 6)] + hexTable[0x80 | (c & 0x3F)]);\n continue;\n }\n\n if (c < 0xD800 || c >= 0xE000) {\n out = out + (hexTable[0xE0 | (c >> 12)] + hexTable[0x80 | ((c >> 6) & 0x3F)] + hexTable[0x80 | (c & 0x3F)]);\n continue;\n }\n\n i += 1;\n c = 0x10000 + (((c & 0x3FF) << 10) | (string.charCodeAt(i) & 0x3FF));\n out += hexTable[0xF0 | (c >> 18)]\n + hexTable[0x80 | ((c >> 12) & 0x3F)]\n + hexTable[0x80 | ((c >> 6) & 0x3F)]\n + hexTable[0x80 | (c & 0x3F)];\n }\n\n return out;\n};\n\nvar compact = function compact(value) {\n var queue = [{ obj: { o: value }, prop: 'o' }];\n var refs = [];\n\n for (var i = 0; i < queue.length; ++i) {\n var item = queue[i];\n var obj = item.obj[item.prop];\n\n var keys = Object.keys(obj);\n for (var j = 0; j < keys.length; ++j) {\n var key = keys[j];\n var val = obj[key];\n if (typeof val === 'object' && val !== null && refs.indexOf(val) === -1) {\n queue.push({ obj: obj, prop: key });\n refs.push(val);\n }\n }\n }\n\n compactQueue(queue);\n\n return value;\n};\n\nvar isRegExp = function isRegExp(obj) {\n return Object.prototype.toString.call(obj) === '[object RegExp]';\n};\n\nvar isBuffer = function isBuffer(obj) {\n if (!obj || typeof obj !== 'object') {\n return false;\n }\n\n return !!(obj.constructor && obj.constructor.isBuffer && obj.constructor.isBuffer(obj));\n};\n\nvar combine = function combine(a, b) {\n return [].concat(a, b);\n};\n\nvar maybeMap = function maybeMap(val, fn) {\n if (isArray(val)) {\n var mapped = [];\n for (var i = 0; i < val.length; i += 1) {\n mapped.push(fn(val[i]));\n }\n return mapped;\n }\n return fn(val);\n};\n\nmodule.exports = {\n arrayToObject: arrayToObject,\n assign: assign,\n combine: combine,\n compact: compact,\n decode: decode,\n encode: encode,\n isBuffer: isBuffer,\n isRegExp: isRegExp,\n maybeMap: maybeMap,\n merge: merge\n};\n","'use strict';\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = processNodes;\n\nvar _isEmptyTextNode = require('./utils/isEmptyTextNode');\n\nvar _isEmptyTextNode2 = _interopRequireDefault(_isEmptyTextNode);\n\nvar _convertNodeToElement = require('./convertNodeToElement');\n\nvar _convertNodeToElement2 = _interopRequireDefault(_convertNodeToElement);\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n/**\n * Processes the nodes generated by htmlparser2 and convert them all into React elements\n *\n * @param {Object[]} nodes List of nodes to process\n * @param {Function} transform Transform function to optionally apply to nodes\n * @returns {React.Element[]} The list of processed React elements\n */\nfunction processNodes(nodes, transform) {\n\n return nodes.filter(function (node) {\n return !(0, _isEmptyTextNode2.default)(node);\n }).map(function (node, index) {\n\n // return the result of the transform function if applicable\n var transformed = void 0;\n if (typeof transform === 'function') {\n transformed = transform(node, index);\n if (transformed === null || !!transformed) {\n return transformed;\n }\n }\n\n // otherwise convert the node as standard\n return (0, _convertNodeToElement2.default)(node, index, transform);\n });\n}","/* global window */\nimport ponyfill from './ponyfill.js';\n\nvar root;\n\nif (typeof self !== 'undefined') {\n root = self;\n} else if (typeof window !== 'undefined') {\n root = window;\n} else if (typeof global !== 'undefined') {\n root = global;\n} else if (typeof module !== 'undefined') {\n root = module;\n} else {\n root = Function('return this')();\n}\n\nvar result = ponyfill(root);\nexport default result;\n","function _inheritsLoose(subClass, superClass) {\n subClass.prototype = Object.create(superClass.prototype);\n subClass.prototype.constructor = subClass;\n subClass.__proto__ = superClass;\n}\n\nmodule.exports = _inheritsLoose;","var isarray = require('isarray')\n\n/**\n * Expose `pathToRegexp`.\n */\nmodule.exports = pathToRegexp\nmodule.exports.parse = parse\nmodule.exports.compile = compile\nmodule.exports.tokensToFunction = tokensToFunction\nmodule.exports.tokensToRegExp = tokensToRegExp\n\n/**\n * The main path matching regexp utility.\n *\n * @type {RegExp}\n */\nvar PATH_REGEXP = new RegExp([\n // Match escaped characters that would otherwise appear in future matches.\n // This allows the user to escape special characters that won't transform.\n '(\\\\\\\\.)',\n // Match Express-style parameters and un-named parameters with a prefix\n // and optional suffixes. Matches appear as:\n //\n // \"/:test(\\\\d+)?\" => [\"/\", \"test\", \"\\d+\", undefined, \"?\", undefined]\n // \"/route(\\\\d+)\" => [undefined, undefined, undefined, \"\\d+\", undefined, undefined]\n // \"/*\" => [\"/\", undefined, undefined, undefined, undefined, \"*\"]\n '([\\\\/.])?(?:(?:\\\\:(\\\\w+)(?:\\\\(((?:\\\\\\\\.|[^\\\\\\\\()])+)\\\\))?|\\\\(((?:\\\\\\\\.|[^\\\\\\\\()])+)\\\\))([+*?])?|(\\\\*))'\n].join('|'), 'g')\n\n/**\n * Parse a string for the raw tokens.\n *\n * @param {string} str\n * @param {Object=} options\n * @return {!Array}\n */\nfunction parse (str, options) {\n var tokens = []\n var key = 0\n var index = 0\n var path = ''\n var defaultDelimiter = options && options.delimiter || '/'\n var res\n\n while ((res = PATH_REGEXP.exec(str)) != null) {\n var m = res[0]\n var escaped = res[1]\n var offset = res.index\n path += str.slice(index, offset)\n index = offset + m.length\n\n // Ignore already escaped sequences.\n if (escaped) {\n path += escaped[1]\n continue\n }\n\n var next = str[index]\n var prefix = res[2]\n var name = res[3]\n var capture = res[4]\n var group = res[5]\n var modifier = res[6]\n var asterisk = res[7]\n\n // Push the current path onto the tokens.\n if (path) {\n tokens.push(path)\n path = ''\n }\n\n var partial = prefix != null && next != null && next !== prefix\n var repeat = modifier === '+' || modifier === '*'\n var optional = modifier === '?' || modifier === '*'\n var delimiter = res[2] || defaultDelimiter\n var pattern = capture || group\n\n tokens.push({\n name: name || key++,\n prefix: prefix || '',\n delimiter: delimiter,\n optional: optional,\n repeat: repeat,\n partial: partial,\n asterisk: !!asterisk,\n pattern: pattern ? escapeGroup(pattern) : (asterisk ? '.*' : '[^' + escapeString(delimiter) + ']+?')\n })\n }\n\n // Match any characters still remaining.\n if (index < str.length) {\n path += str.substr(index)\n }\n\n // If the path exists, push it onto the end.\n if (path) {\n tokens.push(path)\n }\n\n return tokens\n}\n\n/**\n * Compile a string to a template function for the path.\n *\n * @param {string} str\n * @param {Object=} options\n * @return {!function(Object=, Object=)}\n */\nfunction compile (str, options) {\n return tokensToFunction(parse(str, options))\n}\n\n/**\n * Prettier encoding of URI path segments.\n *\n * @param {string}\n * @return {string}\n */\nfunction encodeURIComponentPretty (str) {\n return encodeURI(str).replace(/[\\/?#]/g, function (c) {\n return '%' + c.charCodeAt(0).toString(16).toUpperCase()\n })\n}\n\n/**\n * Encode the asterisk parameter. Similar to `pretty`, but allows slashes.\n *\n * @param {string}\n * @return {string}\n */\nfunction encodeAsterisk (str) {\n return encodeURI(str).replace(/[?#]/g, function (c) {\n return '%' + c.charCodeAt(0).toString(16).toUpperCase()\n })\n}\n\n/**\n * Expose a method for transforming tokens into the path function.\n */\nfunction tokensToFunction (tokens) {\n // Compile all the tokens into regexps.\n var matches = new Array(tokens.length)\n\n // Compile all the patterns before compilation.\n for (var i = 0; i < tokens.length; i++) {\n if (typeof tokens[i] === 'object') {\n matches[i] = new RegExp('^(?:' + tokens[i].pattern + ')$')\n }\n }\n\n return function (obj, opts) {\n var path = ''\n var data = obj || {}\n var options = opts || {}\n var encode = options.pretty ? encodeURIComponentPretty : encodeURIComponent\n\n for (var i = 0; i < tokens.length; i++) {\n var token = tokens[i]\n\n if (typeof token === 'string') {\n path += token\n\n continue\n }\n\n var value = data[token.name]\n var segment\n\n if (value == null) {\n if (token.optional) {\n // Prepend partial segment prefixes.\n if (token.partial) {\n path += token.prefix\n }\n\n continue\n } else {\n throw new TypeError('Expected \"' + token.name + '\" to be defined')\n }\n }\n\n if (isarray(value)) {\n if (!token.repeat) {\n throw new TypeError('Expected \"' + token.name + '\" to not repeat, but received `' + JSON.stringify(value) + '`')\n }\n\n if (value.length === 0) {\n if (token.optional) {\n continue\n } else {\n throw new TypeError('Expected \"' + token.name + '\" to not be empty')\n }\n }\n\n for (var j = 0; j < value.length; j++) {\n segment = encode(value[j])\n\n if (!matches[i].test(segment)) {\n throw new TypeError('Expected all \"' + token.name + '\" to match \"' + token.pattern + '\", but received `' + JSON.stringify(segment) + '`')\n }\n\n path += (j === 0 ? token.prefix : token.delimiter) + segment\n }\n\n continue\n }\n\n segment = token.asterisk ? encodeAsterisk(value) : encode(value)\n\n if (!matches[i].test(segment)) {\n throw new TypeError('Expected \"' + token.name + '\" to match \"' + token.pattern + '\", but received \"' + segment + '\"')\n }\n\n path += token.prefix + segment\n }\n\n return path\n }\n}\n\n/**\n * Escape a regular expression string.\n *\n * @param {string} str\n * @return {string}\n */\nfunction escapeString (str) {\n return str.replace(/([.+*?=^!:${}()[\\]|\\/\\\\])/g, '\\\\$1')\n}\n\n/**\n * Escape the capturing group by escaping special characters and meaning.\n *\n * @param {string} group\n * @return {string}\n */\nfunction escapeGroup (group) {\n return group.replace(/([=!:$\\/()])/g, '\\\\$1')\n}\n\n/**\n * Attach the keys as a property of the regexp.\n *\n * @param {!RegExp} re\n * @param {Array} keys\n * @return {!RegExp}\n */\nfunction attachKeys (re, keys) {\n re.keys = keys\n return re\n}\n\n/**\n * Get the flags for a regexp from the options.\n *\n * @param {Object} options\n * @return {string}\n */\nfunction flags (options) {\n return options.sensitive ? '' : 'i'\n}\n\n/**\n * Pull out keys from a regexp.\n *\n * @param {!RegExp} path\n * @param {!Array} keys\n * @return {!RegExp}\n */\nfunction regexpToRegexp (path, keys) {\n // Use a negative lookahead to match only capturing groups.\n var groups = path.source.match(/\\((?!\\?)/g)\n\n if (groups) {\n for (var i = 0; i < groups.length; i++) {\n keys.push({\n name: i,\n prefix: null,\n delimiter: null,\n optional: false,\n repeat: false,\n partial: false,\n asterisk: false,\n pattern: null\n })\n }\n }\n\n return attachKeys(path, keys)\n}\n\n/**\n * Transform an array into a regexp.\n *\n * @param {!Array} path\n * @param {Array} keys\n * @param {!Object} options\n * @return {!RegExp}\n */\nfunction arrayToRegexp (path, keys, options) {\n var parts = []\n\n for (var i = 0; i < path.length; i++) {\n parts.push(pathToRegexp(path[i], keys, options).source)\n }\n\n var regexp = new RegExp('(?:' + parts.join('|') + ')', flags(options))\n\n return attachKeys(regexp, keys)\n}\n\n/**\n * Create a path regexp from string input.\n *\n * @param {string} path\n * @param {!Array} keys\n * @param {!Object} options\n * @return {!RegExp}\n */\nfunction stringToRegexp (path, keys, options) {\n return tokensToRegExp(parse(path, options), keys, options)\n}\n\n/**\n * Expose a function for taking tokens and returning a RegExp.\n *\n * @param {!Array} tokens\n * @param {(Array|Object)=} keys\n * @param {Object=} options\n * @return {!RegExp}\n */\nfunction tokensToRegExp (tokens, keys, options) {\n if (!isarray(keys)) {\n options = /** @type {!Object} */ (keys || options)\n keys = []\n }\n\n options = options || {}\n\n var strict = options.strict\n var end = options.end !== false\n var route = ''\n\n // Iterate over the tokens and create our regexp string.\n for (var i = 0; i < tokens.length; i++) {\n var token = tokens[i]\n\n if (typeof token === 'string') {\n route += escapeString(token)\n } else {\n var prefix = escapeString(token.prefix)\n var capture = '(?:' + token.pattern + ')'\n\n keys.push(token)\n\n if (token.repeat) {\n capture += '(?:' + prefix + capture + ')*'\n }\n\n if (token.optional) {\n if (!token.partial) {\n capture = '(?:' + prefix + '(' + capture + '))?'\n } else {\n capture = prefix + '(' + capture + ')?'\n }\n } else {\n capture = prefix + '(' + capture + ')'\n }\n\n route += capture\n }\n }\n\n var delimiter = escapeString(options.delimiter || '/')\n var endsWithDelimiter = route.slice(-delimiter.length) === delimiter\n\n // In non-strict mode we allow a slash at the end of match. If the path to\n // match already ends with a slash, we remove it for consistency. The slash\n // is valid at the end of a path match, not in the middle. This is important\n // in non-ending mode, where \"/test/\" shouldn't match \"/test//route\".\n if (!strict) {\n route = (endsWithDelimiter ? route.slice(0, -delimiter.length) : route) + '(?:' + delimiter + '(?=$))?'\n }\n\n if (end) {\n route += '$'\n } else {\n // In non-ending mode, we need the capturing groups to match as much as\n // possible by using a positive lookahead to the end or next path segment.\n route += strict && endsWithDelimiter ? '' : '(?=' + delimiter + '|$)'\n }\n\n return attachKeys(new RegExp('^' + route, flags(options)), keys)\n}\n\n/**\n * Normalize the given path string, returning a regular expression.\n *\n * An empty array can be passed in for the keys, which will hold the\n * placeholder key descriptions. For example, using `/user/:id`, `keys` will\n * contain `[{ name: 'id', delimiter: '/', optional: false, repeat: false }]`.\n *\n * @param {(string|RegExp|Array)} path\n * @param {(Array|Object)=} keys\n * @param {Object=} options\n * @return {!RegExp}\n */\nfunction pathToRegexp (path, keys, options) {\n if (!isarray(keys)) {\n options = /** @type {!Object} */ (keys || options)\n keys = []\n }\n\n options = options || {}\n\n if (path instanceof RegExp) {\n return regexpToRegexp(path, /** @type {!Array} */ (keys))\n }\n\n if (isarray(path)) {\n return arrayToRegexp(/** @type {!Array} */ (path), /** @type {!Array} */ (keys), options)\n }\n\n return stringToRegexp(/** @type {string} */ (path), /** @type {!Array} */ (keys), options)\n}\n","// shim for using process in browser\nvar process = module.exports = {};\n\n// cached from whatever global is present so that test runners that stub it\n// don't break things. But we need to wrap it in a try catch in case it is\n// wrapped in strict mode code which doesn't define any globals. It's inside a\n// function because try/catches deoptimize in certain engines.\n\nvar cachedSetTimeout;\nvar cachedClearTimeout;\n\nfunction defaultSetTimout() {\n throw new Error('setTimeout has not been defined');\n}\nfunction defaultClearTimeout () {\n throw new Error('clearTimeout has not been defined');\n}\n(function () {\n try {\n if (typeof setTimeout === 'function') {\n cachedSetTimeout = setTimeout;\n } else {\n cachedSetTimeout = defaultSetTimout;\n }\n } catch (e) {\n cachedSetTimeout = defaultSetTimout;\n }\n try {\n if (typeof clearTimeout === 'function') {\n cachedClearTimeout = clearTimeout;\n } else {\n cachedClearTimeout = defaultClearTimeout;\n }\n } catch (e) {\n cachedClearTimeout = defaultClearTimeout;\n }\n} ())\nfunction runTimeout(fun) {\n if (cachedSetTimeout === setTimeout) {\n //normal enviroments in sane situations\n return setTimeout(fun, 0);\n }\n // if setTimeout wasn't available but was latter defined\n if ((cachedSetTimeout === defaultSetTimout || !cachedSetTimeout) && setTimeout) {\n cachedSetTimeout = setTimeout;\n return setTimeout(fun, 0);\n }\n try {\n // when when somebody has screwed with setTimeout but no I.E. maddness\n return cachedSetTimeout(fun, 0);\n } catch(e){\n try {\n // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally\n return cachedSetTimeout.call(null, fun, 0);\n } catch(e){\n // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error\n return cachedSetTimeout.call(this, fun, 0);\n }\n }\n\n\n}\nfunction runClearTimeout(marker) {\n if (cachedClearTimeout === clearTimeout) {\n //normal enviroments in sane situations\n return clearTimeout(marker);\n }\n // if clearTimeout wasn't available but was latter defined\n if ((cachedClearTimeout === defaultClearTimeout || !cachedClearTimeout) && clearTimeout) {\n cachedClearTimeout = clearTimeout;\n return clearTimeout(marker);\n }\n try {\n // when when somebody has screwed with setTimeout but no I.E. maddness\n return cachedClearTimeout(marker);\n } catch (e){\n try {\n // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally\n return cachedClearTimeout.call(null, marker);\n } catch (e){\n // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error.\n // Some versions of I.E. have different rules for clearTimeout vs setTimeout\n return cachedClearTimeout.call(this, marker);\n }\n }\n\n\n\n}\nvar queue = [];\nvar draining = false;\nvar currentQueue;\nvar queueIndex = -1;\n\nfunction cleanUpNextTick() {\n if (!draining || !currentQueue) {\n return;\n }\n draining = false;\n if (currentQueue.length) {\n queue = currentQueue.concat(queue);\n } else {\n queueIndex = -1;\n }\n if (queue.length) {\n drainQueue();\n }\n}\n\nfunction drainQueue() {\n if (draining) {\n return;\n }\n var timeout = runTimeout(cleanUpNextTick);\n draining = true;\n\n var len = queue.length;\n while(len) {\n currentQueue = queue;\n queue = [];\n while (++queueIndex < len) {\n if (currentQueue) {\n currentQueue[queueIndex].run();\n }\n }\n queueIndex = -1;\n len = queue.length;\n }\n currentQueue = null;\n draining = false;\n runClearTimeout(timeout);\n}\n\nprocess.nextTick = function (fun) {\n var args = new Array(arguments.length - 1);\n if (arguments.length > 1) {\n for (var i = 1; i < arguments.length; i++) {\n args[i - 1] = arguments[i];\n }\n }\n queue.push(new Item(fun, args));\n if (queue.length === 1 && !draining) {\n runTimeout(drainQueue);\n }\n};\n\n// v8 likes predictible objects\nfunction Item(fun, array) {\n this.fun = fun;\n this.array = array;\n}\nItem.prototype.run = function () {\n this.fun.apply(null, this.array);\n};\nprocess.title = 'browser';\nprocess.browser = true;\nprocess.env = {};\nprocess.argv = [];\nprocess.version = ''; // empty string to avoid regexp issues\nprocess.versions = {};\n\nfunction noop() {}\n\nprocess.on = noop;\nprocess.addListener = noop;\nprocess.once = noop;\nprocess.off = noop;\nprocess.removeListener = noop;\nprocess.removeAllListeners = noop;\nprocess.emit = noop;\nprocess.prependListener = noop;\nprocess.prependOnceListener = noop;\n\nprocess.listeners = function (name) { return [] }\n\nprocess.binding = function (name) {\n throw new Error('process.binding is not supported');\n};\n\nprocess.cwd = function () { return '/' };\nprocess.chdir = function (dir) {\n throw new Error('process.chdir is not supported');\n};\nprocess.umask = function() { return 0; };\n","'use strict';\n\nmodule.exports = function bind(fn, thisArg) {\n return function wrap() {\n var args = new Array(arguments.length);\n for (var i = 0; i < args.length; i++) {\n args[i] = arguments[i];\n }\n return fn.apply(thisArg, args);\n };\n};\n","'use strict';\n\nvar utils = require('./../utils');\n\nfunction encode(val) {\n return encodeURIComponent(val).\n replace(/%3A/gi, ':').\n replace(/%24/g, '$').\n replace(/%2C/gi, ',').\n replace(/%20/g, '+').\n replace(/%5B/gi, '[').\n replace(/%5D/gi, ']');\n}\n\n/**\n * Build a URL by appending params to the end\n *\n * @param {string} url The base of the url (e.g., http://www.google.com)\n * @param {object} [params] The params to be appended\n * @returns {string} The formatted url\n */\nmodule.exports = function buildURL(url, params, paramsSerializer) {\n /*eslint no-param-reassign:0*/\n if (!params) {\n return url;\n }\n\n var serializedParams;\n if (paramsSerializer) {\n serializedParams = paramsSerializer(params);\n } else if (utils.isURLSearchParams(params)) {\n serializedParams = params.toString();\n } else {\n var parts = [];\n\n utils.forEach(params, function serialize(val, key) {\n if (val === null || typeof val === 'undefined') {\n return;\n }\n\n if (utils.isArray(val)) {\n key = key + '[]';\n } else {\n val = [val];\n }\n\n utils.forEach(val, function parseValue(v) {\n if (utils.isDate(v)) {\n v = v.toISOString();\n } else if (utils.isObject(v)) {\n v = JSON.stringify(v);\n }\n parts.push(encode(key) + '=' + encode(v));\n });\n });\n\n serializedParams = parts.join('&');\n }\n\n if (serializedParams) {\n var hashmarkIndex = url.indexOf('#');\n if (hashmarkIndex !== -1) {\n url = url.slice(0, hashmarkIndex);\n }\n\n url += (url.indexOf('?') === -1 ? '?' : '&') + serializedParams;\n }\n\n return url;\n};\n","'use strict';\n\n/**\n * Update an Error with the specified config, error code, and response.\n *\n * @param {Error} error The error to update.\n * @param {Object} config The config.\n * @param {string} [code] The error code (for example, 'ECONNABORTED').\n * @param {Object} [request] The request.\n * @param {Object} [response] The response.\n * @returns {Error} The error.\n */\nmodule.exports = function enhanceError(error, config, code, request, response) {\n error.config = config;\n if (code) {\n error.code = code;\n }\n\n error.request = request;\n error.response = response;\n error.isAxiosError = true;\n\n error.toJSON = function toJSON() {\n return {\n // Standard\n message: this.message,\n name: this.name,\n // Microsoft\n description: this.description,\n number: this.number,\n // Mozilla\n fileName: this.fileName,\n lineNumber: this.lineNumber,\n columnNumber: this.columnNumber,\n stack: this.stack,\n // Axios\n config: this.config,\n code: this.code\n };\n };\n return error;\n};\n","'use strict';\n\nvar utils = require('./../utils');\nvar settle = require('./../core/settle');\nvar cookies = require('./../helpers/cookies');\nvar buildURL = require('./../helpers/buildURL');\nvar buildFullPath = require('../core/buildFullPath');\nvar parseHeaders = require('./../helpers/parseHeaders');\nvar isURLSameOrigin = require('./../helpers/isURLSameOrigin');\nvar createError = require('../core/createError');\n\nmodule.exports = function xhrAdapter(config) {\n return new Promise(function dispatchXhrRequest(resolve, reject) {\n var requestData = config.data;\n var requestHeaders = config.headers;\n var responseType = config.responseType;\n\n if (utils.isFormData(requestData)) {\n delete requestHeaders['Content-Type']; // Let the browser set it\n }\n\n var request = new XMLHttpRequest();\n\n // HTTP basic authentication\n if (config.auth) {\n var username = config.auth.username || '';\n var password = config.auth.password ? unescape(encodeURIComponent(config.auth.password)) : '';\n requestHeaders.Authorization = 'Basic ' + btoa(username + ':' + password);\n }\n\n var fullPath = buildFullPath(config.baseURL, config.url);\n request.open(config.method.toUpperCase(), buildURL(fullPath, config.params, config.paramsSerializer), true);\n\n // Set the request timeout in MS\n request.timeout = config.timeout;\n\n function onloadend() {\n if (!request) {\n return;\n }\n // Prepare the response\n var responseHeaders = 'getAllResponseHeaders' in request ? parseHeaders(request.getAllResponseHeaders()) : null;\n var responseData = !responseType || responseType === 'text' || responseType === 'json' ?\n request.responseText : request.response;\n var response = {\n data: responseData,\n status: request.status,\n statusText: request.statusText,\n headers: responseHeaders,\n config: config,\n request: request\n };\n\n settle(resolve, reject, response);\n\n // Clean up request\n request = null;\n }\n\n if ('onloadend' in request) {\n // Use onloadend if available\n request.onloadend = onloadend;\n } else {\n // Listen for ready state to emulate onloadend\n request.onreadystatechange = function handleLoad() {\n if (!request || request.readyState !== 4) {\n return;\n }\n\n // The request errored out and we didn't get a response, this will be\n // handled by onerror instead\n // With one exception: request that using file: protocol, most browsers\n // will return status as 0 even though it's a successful request\n if (request.status === 0 && !(request.responseURL && request.responseURL.indexOf('file:') === 0)) {\n return;\n }\n // readystate handler is calling before onerror or ontimeout handlers,\n // so we should call onloadend on the next 'tick'\n setTimeout(onloadend);\n };\n }\n\n // Handle browser request cancellation (as opposed to a manual cancellation)\n request.onabort = function handleAbort() {\n if (!request) {\n return;\n }\n\n reject(createError('Request aborted', config, 'ECONNABORTED', request));\n\n // Clean up request\n request = null;\n };\n\n // Handle low level network errors\n request.onerror = function handleError() {\n // Real errors are hidden from us by the browser\n // onerror should only fire if it's a network error\n reject(createError('Network Error', config, null, request));\n\n // Clean up request\n request = null;\n };\n\n // Handle timeout\n request.ontimeout = function handleTimeout() {\n var timeoutErrorMessage = 'timeout of ' + config.timeout + 'ms exceeded';\n if (config.timeoutErrorMessage) {\n timeoutErrorMessage = config.timeoutErrorMessage;\n }\n reject(createError(\n timeoutErrorMessage,\n config,\n config.transitional && config.transitional.clarifyTimeoutError ? 'ETIMEDOUT' : 'ECONNABORTED',\n request));\n\n // Clean up request\n request = null;\n };\n\n // Add xsrf header\n // This is only done if running in a standard browser environment.\n // Specifically not if we're in a web worker, or react-native.\n if (utils.isStandardBrowserEnv()) {\n // Add xsrf header\n var xsrfValue = (config.withCredentials || isURLSameOrigin(fullPath)) && config.xsrfCookieName ?\n cookies.read(config.xsrfCookieName) :\n undefined;\n\n if (xsrfValue) {\n requestHeaders[config.xsrfHeaderName] = xsrfValue;\n }\n }\n\n // Add headers to the request\n if ('setRequestHeader' in request) {\n utils.forEach(requestHeaders, function setRequestHeader(val, key) {\n if (typeof requestData === 'undefined' && key.toLowerCase() === 'content-type') {\n // Remove Content-Type if data is undefined\n delete requestHeaders[key];\n } else {\n // Otherwise add header to the request\n request.setRequestHeader(key, val);\n }\n });\n }\n\n // Add withCredentials to request if needed\n if (!utils.isUndefined(config.withCredentials)) {\n request.withCredentials = !!config.withCredentials;\n }\n\n // Add responseType to request if needed\n if (responseType && responseType !== 'json') {\n request.responseType = config.responseType;\n }\n\n // Handle progress if needed\n if (typeof config.onDownloadProgress === 'function') {\n request.addEventListener('progress', config.onDownloadProgress);\n }\n\n // Not all browsers support upload events\n if (typeof config.onUploadProgress === 'function' && request.upload) {\n request.upload.addEventListener('progress', config.onUploadProgress);\n }\n\n if (config.cancelToken) {\n // Handle cancellation\n config.cancelToken.promise.then(function onCanceled(cancel) {\n if (!request) {\n return;\n }\n\n request.abort();\n reject(cancel);\n // Clean up request\n request = null;\n });\n }\n\n if (!requestData) {\n requestData = null;\n }\n\n // Send the request\n request.send(requestData);\n });\n};\n","'use strict';\n\nvar enhanceError = require('./enhanceError');\n\n/**\n * Create an Error with the specified message, config, error code, request and response.\n *\n * @param {string} message The error message.\n * @param {Object} config The config.\n * @param {string} [code] The error code (for example, 'ECONNABORTED').\n * @param {Object} [request] The request.\n * @param {Object} [response] The response.\n * @returns {Error} The created error.\n */\nmodule.exports = function createError(message, config, code, request, response) {\n var error = new Error(message);\n return enhanceError(error, config, code, request, response);\n};\n","'use strict';\n\nmodule.exports = function isCancel(value) {\n return !!(value && value.__CANCEL__);\n};\n","'use strict';\n\nvar utils = require('../utils');\n\n/**\n * Config-specific merge-function which creates a new config-object\n * by merging two configuration objects together.\n *\n * @param {Object} config1\n * @param {Object} config2\n * @returns {Object} New object resulting from merging config2 to config1\n */\nmodule.exports = function mergeConfig(config1, config2) {\n // eslint-disable-next-line no-param-reassign\n config2 = config2 || {};\n var config = {};\n\n var valueFromConfig2Keys = ['url', 'method', 'data'];\n var mergeDeepPropertiesKeys = ['headers', 'auth', 'proxy', 'params'];\n var defaultToConfig2Keys = [\n 'baseURL', 'transformRequest', 'transformResponse', 'paramsSerializer',\n 'timeout', 'timeoutMessage', 'withCredentials', 'adapter', 'responseType', 'xsrfCookieName',\n 'xsrfHeaderName', 'onUploadProgress', 'onDownloadProgress', 'decompress',\n 'maxContentLength', 'maxBodyLength', 'maxRedirects', 'transport', 'httpAgent',\n 'httpsAgent', 'cancelToken', 'socketPath', 'responseEncoding'\n ];\n var directMergeKeys = ['validateStatus'];\n\n function getMergedValue(target, source) {\n if (utils.isPlainObject(target) && utils.isPlainObject(source)) {\n return utils.merge(target, source);\n } else if (utils.isPlainObject(source)) {\n return utils.merge({}, source);\n } else if (utils.isArray(source)) {\n return source.slice();\n }\n return source;\n }\n\n function mergeDeepProperties(prop) {\n if (!utils.isUndefined(config2[prop])) {\n config[prop] = getMergedValue(config1[prop], config2[prop]);\n } else if (!utils.isUndefined(config1[prop])) {\n config[prop] = getMergedValue(undefined, config1[prop]);\n }\n }\n\n utils.forEach(valueFromConfig2Keys, function valueFromConfig2(prop) {\n if (!utils.isUndefined(config2[prop])) {\n config[prop] = getMergedValue(undefined, config2[prop]);\n }\n });\n\n utils.forEach(mergeDeepPropertiesKeys, mergeDeepProperties);\n\n utils.forEach(defaultToConfig2Keys, function defaultToConfig2(prop) {\n if (!utils.isUndefined(config2[prop])) {\n config[prop] = getMergedValue(undefined, config2[prop]);\n } else if (!utils.isUndefined(config1[prop])) {\n config[prop] = getMergedValue(undefined, config1[prop]);\n }\n });\n\n utils.forEach(directMergeKeys, function merge(prop) {\n if (prop in config2) {\n config[prop] = getMergedValue(config1[prop], config2[prop]);\n } else if (prop in config1) {\n config[prop] = getMergedValue(undefined, config1[prop]);\n }\n });\n\n var axiosKeys = valueFromConfig2Keys\n .concat(mergeDeepPropertiesKeys)\n .concat(defaultToConfig2Keys)\n .concat(directMergeKeys);\n\n var otherKeys = Object\n .keys(config1)\n .concat(Object.keys(config2))\n .filter(function filterAxiosKeys(key) {\n return axiosKeys.indexOf(key) === -1;\n });\n\n utils.forEach(otherKeys, mergeDeepProperties);\n\n return config;\n};\n","'use strict';\n\n/**\n * A `Cancel` is an object that is thrown when an operation is canceled.\n *\n * @class\n * @param {string=} message The message.\n */\nfunction Cancel(message) {\n this.message = message;\n}\n\nCancel.prototype.toString = function toString() {\n return 'Cancel' + (this.message ? ': ' + this.message : '');\n};\n\nCancel.prototype.__CANCEL__ = true;\n\nmodule.exports = Cancel;\n","'use strict';\n\nvar replace = String.prototype.replace;\nvar percentTwenties = /%20/g;\n\nvar util = require('./utils');\n\nvar Format = {\n RFC1738: 'RFC1738',\n RFC3986: 'RFC3986'\n};\n\nmodule.exports = util.assign(\n {\n 'default': Format.RFC3986,\n formatters: {\n RFC1738: function (value) {\n return replace.call(value, percentTwenties, '+');\n },\n RFC3986: function (value) {\n return String(value);\n }\n }\n },\n Format\n);\n","/**\n * Copyright (c) 2013-present, Facebook, Inc.\n *\n * This source code is licensed under the MIT license found in the\n * LICENSE file in the root directory of this source tree.\n */\n\nfunction componentWillMount() {\n // Call this.constructor.gDSFP to support sub-classes.\n var state = this.constructor.getDerivedStateFromProps(this.props, this.state);\n if (state !== null && state !== undefined) {\n this.setState(state);\n }\n}\n\nfunction componentWillReceiveProps(nextProps) {\n // Call this.constructor.gDSFP to support sub-classes.\n // Use the setState() updater to ensure state isn't stale in certain edge cases.\n function updater(prevState) {\n var state = this.constructor.getDerivedStateFromProps(nextProps, prevState);\n return state !== null && state !== undefined ? state : null;\n }\n // Binding \"this\" is important for shallow renderer support.\n this.setState(updater.bind(this));\n}\n\nfunction componentWillUpdate(nextProps, nextState) {\n try {\n var prevProps = this.props;\n var prevState = this.state;\n this.props = nextProps;\n this.state = nextState;\n this.__reactInternalSnapshotFlag = true;\n this.__reactInternalSnapshot = this.getSnapshotBeforeUpdate(\n prevProps,\n prevState\n );\n } finally {\n this.props = prevProps;\n this.state = prevState;\n }\n}\n\n// React may warn about cWM/cWRP/cWU methods being deprecated.\n// Add a flag to suppress these warnings for this special case.\ncomponentWillMount.__suppressDeprecationWarning = true;\ncomponentWillReceiveProps.__suppressDeprecationWarning = true;\ncomponentWillUpdate.__suppressDeprecationWarning = true;\n\nfunction polyfill(Component) {\n var prototype = Component.prototype;\n\n if (!prototype || !prototype.isReactComponent) {\n throw new Error('Can only polyfill class components');\n }\n\n if (\n typeof Component.getDerivedStateFromProps !== 'function' &&\n typeof prototype.getSnapshotBeforeUpdate !== 'function'\n ) {\n return Component;\n }\n\n // If new component APIs are defined, \"unsafe\" lifecycles won't be called.\n // Error if any of these lifecycles are present,\n // Because they would work differently between older and newer (16.3+) versions of React.\n var foundWillMountName = null;\n var foundWillReceivePropsName = null;\n var foundWillUpdateName = null;\n if (typeof prototype.componentWillMount === 'function') {\n foundWillMountName = 'componentWillMount';\n } else if (typeof prototype.UNSAFE_componentWillMount === 'function') {\n foundWillMountName = 'UNSAFE_componentWillMount';\n }\n if (typeof prototype.componentWillReceiveProps === 'function') {\n foundWillReceivePropsName = 'componentWillReceiveProps';\n } else if (typeof prototype.UNSAFE_componentWillReceiveProps === 'function') {\n foundWillReceivePropsName = 'UNSAFE_componentWillReceiveProps';\n }\n if (typeof prototype.componentWillUpdate === 'function') {\n foundWillUpdateName = 'componentWillUpdate';\n } else if (typeof prototype.UNSAFE_componentWillUpdate === 'function') {\n foundWillUpdateName = 'UNSAFE_componentWillUpdate';\n }\n if (\n foundWillMountName !== null ||\n foundWillReceivePropsName !== null ||\n foundWillUpdateName !== null\n ) {\n var componentName = Component.displayName || Component.name;\n var newApiName =\n typeof Component.getDerivedStateFromProps === 'function'\n ? 'getDerivedStateFromProps()'\n : 'getSnapshotBeforeUpdate()';\n\n throw Error(\n 'Unsafe legacy lifecycles will not be called for components using new component APIs.\\n\\n' +\n componentName +\n ' uses ' +\n newApiName +\n ' but also contains the following legacy lifecycles:' +\n (foundWillMountName !== null ? '\\n ' + foundWillMountName : '') +\n (foundWillReceivePropsName !== null\n ? '\\n ' + foundWillReceivePropsName\n : '') +\n (foundWillUpdateName !== null ? '\\n ' + foundWillUpdateName : '') +\n '\\n\\nThe above lifecycles should be removed. Learn more about this warning here:\\n' +\n 'https://fb.me/react-async-component-lifecycle-hooks'\n );\n }\n\n // React <= 16.2 does not support static getDerivedStateFromProps.\n // As a workaround, use cWM and cWRP to invoke the new static lifecycle.\n // Newer versions of React will ignore these lifecycles if gDSFP exists.\n if (typeof Component.getDerivedStateFromProps === 'function') {\n prototype.componentWillMount = componentWillMount;\n prototype.componentWillReceiveProps = componentWillReceiveProps;\n }\n\n // React <= 16.2 does not support getSnapshotBeforeUpdate.\n // As a workaround, use cWU to invoke the new lifecycle.\n // Newer versions of React will ignore that lifecycle if gSBU exists.\n if (typeof prototype.getSnapshotBeforeUpdate === 'function') {\n if (typeof prototype.componentDidUpdate !== 'function') {\n throw new Error(\n 'Cannot polyfill getSnapshotBeforeUpdate() for components that do not define componentDidUpdate() on the prototype'\n );\n }\n\n prototype.componentWillUpdate = componentWillUpdate;\n\n var componentDidUpdate = prototype.componentDidUpdate;\n\n prototype.componentDidUpdate = function componentDidUpdatePolyfill(\n prevProps,\n prevState,\n maybeSnapshot\n ) {\n // 16.3+ will not execute our will-update method;\n // It will pass a snapshot value to did-update though.\n // Older versions will require our polyfilled will-update value.\n // We need to handle both cases, but can't just check for the presence of \"maybeSnapshot\",\n // Because for <= 15.x versions this might be a \"prevContext\" object.\n // We also can't just check \"__reactInternalSnapshot\",\n // Because get-snapshot might return a falsy value.\n // So check for the explicit __reactInternalSnapshotFlag flag to determine behavior.\n var snapshot = this.__reactInternalSnapshotFlag\n ? this.__reactInternalSnapshot\n : maybeSnapshot;\n\n componentDidUpdate.call(this, prevProps, prevState, snapshot);\n };\n }\n\n return Component;\n}\n\nexport { polyfill };\n","// CodeMirror, copyright (c) by Marijn Haverbeke and others\n// Distributed under an MIT license: https://codemirror.net/LICENSE\n\n(function(mod) {\n if (typeof exports == \"object\" && typeof module == \"object\") // CommonJS\n mod(require(\"../../lib/codemirror\"));\n else if (typeof define == \"function\" && define.amd) // AMD\n define([\"../../lib/codemirror\"], mod);\n else // Plain browser env\n mod(CodeMirror);\n})(function(CodeMirror) {\n\"use strict\";\n\nCodeMirror.defineMode(\"javascript\", function(config, parserConfig) {\n var indentUnit = config.indentUnit;\n var statementIndent = parserConfig.statementIndent;\n var jsonldMode = parserConfig.jsonld;\n var jsonMode = parserConfig.json || jsonldMode;\n var trackScope = parserConfig.trackScope !== false\n var isTS = parserConfig.typescript;\n var wordRE = parserConfig.wordCharacters || /[\\w$\\xa1-\\uffff]/;\n\n // Tokenizer\n\n var keywords = function(){\n function kw(type) {return {type: type, style: \"keyword\"};}\n var A = kw(\"keyword a\"), B = kw(\"keyword b\"), C = kw(\"keyword c\"), D = kw(\"keyword d\");\n var operator = kw(\"operator\"), atom = {type: \"atom\", style: \"atom\"};\n\n return {\n \"if\": kw(\"if\"), \"while\": A, \"with\": A, \"else\": B, \"do\": B, \"try\": B, \"finally\": B,\n \"return\": D, \"break\": D, \"continue\": D, \"new\": kw(\"new\"), \"delete\": C, \"void\": C, \"throw\": C,\n \"debugger\": kw(\"debugger\"), \"var\": kw(\"var\"), \"const\": kw(\"var\"), \"let\": kw(\"var\"),\n \"function\": kw(\"function\"), \"catch\": kw(\"catch\"),\n \"for\": kw(\"for\"), \"switch\": kw(\"switch\"), \"case\": kw(\"case\"), \"default\": kw(\"default\"),\n \"in\": operator, \"typeof\": operator, \"instanceof\": operator,\n \"true\": atom, \"false\": atom, \"null\": atom, \"undefined\": atom, \"NaN\": atom, \"Infinity\": atom,\n \"this\": kw(\"this\"), \"class\": kw(\"class\"), \"super\": kw(\"atom\"),\n \"yield\": C, \"export\": kw(\"export\"), \"import\": kw(\"import\"), \"extends\": C,\n \"await\": C\n };\n }();\n\n var isOperatorChar = /[+\\-*&%=<>!?|~^@]/;\n var isJsonldKeyword = /^@(context|id|value|language|type|container|list|set|reverse|index|base|vocab|graph)\"/;\n\n function readRegexp(stream) {\n var escaped = false, next, inSet = false;\n while ((next = stream.next()) != null) {\n if (!escaped) {\n if (next == \"/\" && !inSet) return;\n if (next == \"[\") inSet = true;\n else if (inSet && next == \"]\") inSet = false;\n }\n escaped = !escaped && next == \"\\\\\";\n }\n }\n\n // Used as scratch variables to communicate multiple values without\n // consing up tons of objects.\n var type, content;\n function ret(tp, style, cont) {\n type = tp; content = cont;\n return style;\n }\n function tokenBase(stream, state) {\n var ch = stream.next();\n if (ch == '\"' || ch == \"'\") {\n state.tokenize = tokenString(ch);\n return state.tokenize(stream, state);\n } else if (ch == \".\" && stream.match(/^\\d[\\d_]*(?:[eE][+\\-]?[\\d_]+)?/)) {\n return ret(\"number\", \"number\");\n } else if (ch == \".\" && stream.match(\"..\")) {\n return ret(\"spread\", \"meta\");\n } else if (/[\\[\\]{}\\(\\),;\\:\\.]/.test(ch)) {\n return ret(ch);\n } else if (ch == \"=\" && stream.eat(\">\")) {\n return ret(\"=>\", \"operator\");\n } else if (ch == \"0\" && stream.match(/^(?:x[\\dA-Fa-f_]+|o[0-7_]+|b[01_]+)n?/)) {\n return ret(\"number\", \"number\");\n } else if (/\\d/.test(ch)) {\n stream.match(/^[\\d_]*(?:n|(?:\\.[\\d_]*)?(?:[eE][+\\-]?[\\d_]+)?)?/);\n return ret(\"number\", \"number\");\n } else if (ch == \"/\") {\n if (stream.eat(\"*\")) {\n state.tokenize = tokenComment;\n return tokenComment(stream, state);\n } else if (stream.eat(\"/\")) {\n stream.skipToEnd();\n return ret(\"comment\", \"comment\");\n } else if (expressionAllowed(stream, state, 1)) {\n readRegexp(stream);\n stream.match(/^\\b(([gimyus])(?![gimyus]*\\2))+\\b/);\n return ret(\"regexp\", \"string-2\");\n } else {\n stream.eat(\"=\");\n return ret(\"operator\", \"operator\", stream.current());\n }\n } else if (ch == \"`\") {\n state.tokenize = tokenQuasi;\n return tokenQuasi(stream, state);\n } else if (ch == \"#\" && stream.peek() == \"!\") {\n stream.skipToEnd();\n return ret(\"meta\", \"meta\");\n } else if (ch == \"#\" && stream.eatWhile(wordRE)) {\n return ret(\"variable\", \"property\")\n } else if (ch == \"<\" && stream.match(\"!--\") ||\n (ch == \"-\" && stream.match(\"->\") && !/\\S/.test(stream.string.slice(0, stream.start)))) {\n stream.skipToEnd()\n return ret(\"comment\", \"comment\")\n } else if (isOperatorChar.test(ch)) {\n if (ch != \">\" || !state.lexical || state.lexical.type != \">\") {\n if (stream.eat(\"=\")) {\n if (ch == \"!\" || ch == \"=\") stream.eat(\"=\")\n } else if (/[<>*+\\-|&?]/.test(ch)) {\n stream.eat(ch)\n if (ch == \">\") stream.eat(ch)\n }\n }\n if (ch == \"?\" && stream.eat(\".\")) return ret(\".\")\n return ret(\"operator\", \"operator\", stream.current());\n } else if (wordRE.test(ch)) {\n stream.eatWhile(wordRE);\n var word = stream.current()\n if (state.lastType != \".\") {\n if (keywords.propertyIsEnumerable(word)) {\n var kw = keywords[word]\n return ret(kw.type, kw.style, word)\n }\n if (word == \"async\" && stream.match(/^(\\s|\\/\\*([^*]|\\*(?!\\/))*?\\*\\/)*[\\[\\(\\w]/, false))\n return ret(\"async\", \"keyword\", word)\n }\n return ret(\"variable\", \"variable\", word)\n }\n }\n\n function tokenString(quote) {\n return function(stream, state) {\n var escaped = false, next;\n if (jsonldMode && stream.peek() == \"@\" && stream.match(isJsonldKeyword)){\n state.tokenize = tokenBase;\n return ret(\"jsonld-keyword\", \"meta\");\n }\n while ((next = stream.next()) != null) {\n if (next == quote && !escaped) break;\n escaped = !escaped && next == \"\\\\\";\n }\n if (!escaped) state.tokenize = tokenBase;\n return ret(\"string\", \"string\");\n };\n }\n\n function tokenComment(stream, state) {\n var maybeEnd = false, ch;\n while (ch = stream.next()) {\n if (ch == \"/\" && maybeEnd) {\n state.tokenize = tokenBase;\n break;\n }\n maybeEnd = (ch == \"*\");\n }\n return ret(\"comment\", \"comment\");\n }\n\n function tokenQuasi(stream, state) {\n var escaped = false, next;\n while ((next = stream.next()) != null) {\n if (!escaped && (next == \"`\" || next == \"$\" && stream.eat(\"{\"))) {\n state.tokenize = tokenBase;\n break;\n }\n escaped = !escaped && next == \"\\\\\";\n }\n return ret(\"quasi\", \"string-2\", stream.current());\n }\n\n var brackets = \"([{}])\";\n // This is a crude lookahead trick to try and notice that we're\n // parsing the argument patterns for a fat-arrow function before we\n // actually hit the arrow token. It only works if the arrow is on\n // the same line as the arguments and there's no strange noise\n // (comments) in between. Fallback is to only notice when we hit the\n // arrow, and not declare the arguments as locals for the arrow\n // body.\n function findFatArrow(stream, state) {\n if (state.fatArrowAt) state.fatArrowAt = null;\n var arrow = stream.string.indexOf(\"=>\", stream.start);\n if (arrow < 0) return;\n\n if (isTS) { // Try to skip TypeScript return type declarations after the arguments\n var m = /:\\s*(?:\\w+(?:<[^>]*>|\\[\\])?|\\{[^}]*\\})\\s*$/.exec(stream.string.slice(stream.start, arrow))\n if (m) arrow = m.index\n }\n\n var depth = 0, sawSomething = false;\n for (var pos = arrow - 1; pos >= 0; --pos) {\n var ch = stream.string.charAt(pos);\n var bracket = brackets.indexOf(ch);\n if (bracket >= 0 && bracket < 3) {\n if (!depth) { ++pos; break; }\n if (--depth == 0) { if (ch == \"(\") sawSomething = true; break; }\n } else if (bracket >= 3 && bracket < 6) {\n ++depth;\n } else if (wordRE.test(ch)) {\n sawSomething = true;\n } else if (/[\"'\\/`]/.test(ch)) {\n for (;; --pos) {\n if (pos == 0) return\n var next = stream.string.charAt(pos - 1)\n if (next == ch && stream.string.charAt(pos - 2) != \"\\\\\") { pos--; break }\n }\n } else if (sawSomething && !depth) {\n ++pos;\n break;\n }\n }\n if (sawSomething && !depth) state.fatArrowAt = pos;\n }\n\n // Parser\n\n var atomicTypes = {\"atom\": true, \"number\": true, \"variable\": true, \"string\": true,\n \"regexp\": true, \"this\": true, \"import\": true, \"jsonld-keyword\": true};\n\n function JSLexical(indented, column, type, align, prev, info) {\n this.indented = indented;\n this.column = column;\n this.type = type;\n this.prev = prev;\n this.info = info;\n if (align != null) this.align = align;\n }\n\n function inScope(state, varname) {\n if (!trackScope) return false\n for (var v = state.localVars; v; v = v.next)\n if (v.name == varname) return true;\n for (var cx = state.context; cx; cx = cx.prev) {\n for (var v = cx.vars; v; v = v.next)\n if (v.name == varname) return true;\n }\n }\n\n function parseJS(state, style, type, content, stream) {\n var cc = state.cc;\n // Communicate our context to the combinators.\n // (Less wasteful than consing up a hundred closures on every call.)\n cx.state = state; cx.stream = stream; cx.marked = null, cx.cc = cc; cx.style = style;\n\n if (!state.lexical.hasOwnProperty(\"align\"))\n state.lexical.align = true;\n\n while(true) {\n var combinator = cc.length ? cc.pop() : jsonMode ? expression : statement;\n if (combinator(type, content)) {\n while(cc.length && cc[cc.length - 1].lex)\n cc.pop()();\n if (cx.marked) return cx.marked;\n if (type == \"variable\" && inScope(state, content)) return \"variable-2\";\n return style;\n }\n }\n }\n\n // Combinator utils\n\n var cx = {state: null, column: null, marked: null, cc: null};\n function pass() {\n for (var i = arguments.length - 1; i >= 0; i--) cx.cc.push(arguments[i]);\n }\n function cont() {\n pass.apply(null, arguments);\n return true;\n }\n function inList(name, list) {\n for (var v = list; v; v = v.next) if (v.name == name) return true\n return false;\n }\n function register(varname) {\n var state = cx.state;\n cx.marked = \"def\";\n if (!trackScope) return\n if (state.context) {\n if (state.lexical.info == \"var\" && state.context && state.context.block) {\n // FIXME function decls are also not block scoped\n var newContext = registerVarScoped(varname, state.context)\n if (newContext != null) {\n state.context = newContext\n return\n }\n } else if (!inList(varname, state.localVars)) {\n state.localVars = new Var(varname, state.localVars)\n return\n }\n }\n // Fall through means this is global\n if (parserConfig.globalVars && !inList(varname, state.globalVars))\n state.globalVars = new Var(varname, state.globalVars)\n }\n function registerVarScoped(varname, context) {\n if (!context) {\n return null\n } else if (context.block) {\n var inner = registerVarScoped(varname, context.prev)\n if (!inner) return null\n if (inner == context.prev) return context\n return new Context(inner, context.vars, true)\n } else if (inList(varname, context.vars)) {\n return context\n } else {\n return new Context(context.prev, new Var(varname, context.vars), false)\n }\n }\n\n function isModifier(name) {\n return name == \"public\" || name == \"private\" || name == \"protected\" || name == \"abstract\" || name == \"readonly\"\n }\n\n // Combinators\n\n function Context(prev, vars, block) { this.prev = prev; this.vars = vars; this.block = block }\n function Var(name, next) { this.name = name; this.next = next }\n\n var defaultVars = new Var(\"this\", new Var(\"arguments\", null))\n function pushcontext() {\n cx.state.context = new Context(cx.state.context, cx.state.localVars, false)\n cx.state.localVars = defaultVars\n }\n function pushblockcontext() {\n cx.state.context = new Context(cx.state.context, cx.state.localVars, true)\n cx.state.localVars = null\n }\n function popcontext() {\n cx.state.localVars = cx.state.context.vars\n cx.state.context = cx.state.context.prev\n }\n popcontext.lex = true\n function pushlex(type, info) {\n var result = function() {\n var state = cx.state, indent = state.indented;\n if (state.lexical.type == \"stat\") indent = state.lexical.indented;\n else for (var outer = state.lexical; outer && outer.type == \")\" && outer.align; outer = outer.prev)\n indent = outer.indented;\n state.lexical = new JSLexical(indent, cx.stream.column(), type, null, state.lexical, info);\n };\n result.lex = true;\n return result;\n }\n function poplex() {\n var state = cx.state;\n if (state.lexical.prev) {\n if (state.lexical.type == \")\")\n state.indented = state.lexical.indented;\n state.lexical = state.lexical.prev;\n }\n }\n poplex.lex = true;\n\n function expect(wanted) {\n function exp(type) {\n if (type == wanted) return cont();\n else if (wanted == \";\" || type == \"}\" || type == \")\" || type == \"]\") return pass();\n else return cont(exp);\n };\n return exp;\n }\n\n function statement(type, value) {\n if (type == \"var\") return cont(pushlex(\"vardef\", value), vardef, expect(\";\"), poplex);\n if (type == \"keyword a\") return cont(pushlex(\"form\"), parenExpr, statement, poplex);\n if (type == \"keyword b\") return cont(pushlex(\"form\"), statement, poplex);\n if (type == \"keyword d\") return cx.stream.match(/^\\s*$/, false) ? cont() : cont(pushlex(\"stat\"), maybeexpression, expect(\";\"), poplex);\n if (type == \"debugger\") return cont(expect(\";\"));\n if (type == \"{\") return cont(pushlex(\"}\"), pushblockcontext, block, poplex, popcontext);\n if (type == \";\") return cont();\n if (type == \"if\") {\n if (cx.state.lexical.info == \"else\" && cx.state.cc[cx.state.cc.length - 1] == poplex)\n cx.state.cc.pop()();\n return cont(pushlex(\"form\"), parenExpr, statement, poplex, maybeelse);\n }\n if (type == \"function\") return cont(functiondef);\n if (type == \"for\") return cont(pushlex(\"form\"), pushblockcontext, forspec, statement, popcontext, poplex);\n if (type == \"class\" || (isTS && value == \"interface\")) {\n cx.marked = \"keyword\"\n return cont(pushlex(\"form\", type == \"class\" ? type : value), className, poplex)\n }\n if (type == \"variable\") {\n if (isTS && value == \"declare\") {\n cx.marked = \"keyword\"\n return cont(statement)\n } else if (isTS && (value == \"module\" || value == \"enum\" || value == \"type\") && cx.stream.match(/^\\s*\\w/, false)) {\n cx.marked = \"keyword\"\n if (value == \"enum\") return cont(enumdef);\n else if (value == \"type\") return cont(typename, expect(\"operator\"), typeexpr, expect(\";\"));\n else return cont(pushlex(\"form\"), pattern, expect(\"{\"), pushlex(\"}\"), block, poplex, poplex)\n } else if (isTS && value == \"namespace\") {\n cx.marked = \"keyword\"\n return cont(pushlex(\"form\"), expression, statement, poplex)\n } else if (isTS && value == \"abstract\") {\n cx.marked = \"keyword\"\n return cont(statement)\n } else {\n return cont(pushlex(\"stat\"), maybelabel);\n }\n }\n if (type == \"switch\") return cont(pushlex(\"form\"), parenExpr, expect(\"{\"), pushlex(\"}\", \"switch\"), pushblockcontext,\n block, poplex, poplex, popcontext);\n if (type == \"case\") return cont(expression, expect(\":\"));\n if (type == \"default\") return cont(expect(\":\"));\n if (type == \"catch\") return cont(pushlex(\"form\"), pushcontext, maybeCatchBinding, statement, poplex, popcontext);\n if (type == \"export\") return cont(pushlex(\"stat\"), afterExport, poplex);\n if (type == \"import\") return cont(pushlex(\"stat\"), afterImport, poplex);\n if (type == \"async\") return cont(statement)\n if (value == \"@\") return cont(expression, statement)\n return pass(pushlex(\"stat\"), expression, expect(\";\"), poplex);\n }\n function maybeCatchBinding(type) {\n if (type == \"(\") return cont(funarg, expect(\")\"))\n }\n function expression(type, value) {\n return expressionInner(type, value, false);\n }\n function expressionNoComma(type, value) {\n return expressionInner(type, value, true);\n }\n function parenExpr(type) {\n if (type != \"(\") return pass()\n return cont(pushlex(\")\"), maybeexpression, expect(\")\"), poplex)\n }\n function expressionInner(type, value, noComma) {\n if (cx.state.fatArrowAt == cx.stream.start) {\n var body = noComma ? arrowBodyNoComma : arrowBody;\n if (type == \"(\") return cont(pushcontext, pushlex(\")\"), commasep(funarg, \")\"), poplex, expect(\"=>\"), body, popcontext);\n else if (type == \"variable\") return pass(pushcontext, pattern, expect(\"=>\"), body, popcontext);\n }\n\n var maybeop = noComma ? maybeoperatorNoComma : maybeoperatorComma;\n if (atomicTypes.hasOwnProperty(type)) return cont(maybeop);\n if (type == \"function\") return cont(functiondef, maybeop);\n if (type == \"class\" || (isTS && value == \"interface\")) { cx.marked = \"keyword\"; return cont(pushlex(\"form\"), classExpression, poplex); }\n if (type == \"keyword c\" || type == \"async\") return cont(noComma ? expressionNoComma : expression);\n if (type == \"(\") return cont(pushlex(\")\"), maybeexpression, expect(\")\"), poplex, maybeop);\n if (type == \"operator\" || type == \"spread\") return cont(noComma ? expressionNoComma : expression);\n if (type == \"[\") return cont(pushlex(\"]\"), arrayLiteral, poplex, maybeop);\n if (type == \"{\") return contCommasep(objprop, \"}\", null, maybeop);\n if (type == \"quasi\") return pass(quasi, maybeop);\n if (type == \"new\") return cont(maybeTarget(noComma));\n return cont();\n }\n function maybeexpression(type) {\n if (type.match(/[;\\}\\)\\],]/)) return pass();\n return pass(expression);\n }\n\n function maybeoperatorComma(type, value) {\n if (type == \",\") return cont(maybeexpression);\n return maybeoperatorNoComma(type, value, false);\n }\n function maybeoperatorNoComma(type, value, noComma) {\n var me = noComma == false ? maybeoperatorComma : maybeoperatorNoComma;\n var expr = noComma == false ? expression : expressionNoComma;\n if (type == \"=>\") return cont(pushcontext, noComma ? arrowBodyNoComma : arrowBody, popcontext);\n if (type == \"operator\") {\n if (/\\+\\+|--/.test(value) || isTS && value == \"!\") return cont(me);\n if (isTS && value == \"<\" && cx.stream.match(/^([^<>]|<[^<>]*>)*>\\s*\\(/, false))\n return cont(pushlex(\">\"), commasep(typeexpr, \">\"), poplex, me);\n if (value == \"?\") return cont(expression, expect(\":\"), expr);\n return cont(expr);\n }\n if (type == \"quasi\") { return pass(quasi, me); }\n if (type == \";\") return;\n if (type == \"(\") return contCommasep(expressionNoComma, \")\", \"call\", me);\n if (type == \".\") return cont(property, me);\n if (type == \"[\") return cont(pushlex(\"]\"), maybeexpression, expect(\"]\"), poplex, me);\n if (isTS && value == \"as\") { cx.marked = \"keyword\"; return cont(typeexpr, me) }\n if (type == \"regexp\") {\n cx.state.lastType = cx.marked = \"operator\"\n cx.stream.backUp(cx.stream.pos - cx.stream.start - 1)\n return cont(expr)\n }\n }\n function quasi(type, value) {\n if (type != \"quasi\") return pass();\n if (value.slice(value.length - 2) != \"${\") return cont(quasi);\n return cont(maybeexpression, continueQuasi);\n }\n function continueQuasi(type) {\n if (type == \"}\") {\n cx.marked = \"string-2\";\n cx.state.tokenize = tokenQuasi;\n return cont(quasi);\n }\n }\n function arrowBody(type) {\n findFatArrow(cx.stream, cx.state);\n return pass(type == \"{\" ? statement : expression);\n }\n function arrowBodyNoComma(type) {\n findFatArrow(cx.stream, cx.state);\n return pass(type == \"{\" ? statement : expressionNoComma);\n }\n function maybeTarget(noComma) {\n return function(type) {\n if (type == \".\") return cont(noComma ? targetNoComma : target);\n else if (type == \"variable\" && isTS) return cont(maybeTypeArgs, noComma ? maybeoperatorNoComma : maybeoperatorComma)\n else return pass(noComma ? expressionNoComma : expression);\n };\n }\n function target(_, value) {\n if (value == \"target\") { cx.marked = \"keyword\"; return cont(maybeoperatorComma); }\n }\n function targetNoComma(_, value) {\n if (value == \"target\") { cx.marked = \"keyword\"; return cont(maybeoperatorNoComma); }\n }\n function maybelabel(type) {\n if (type == \":\") return cont(poplex, statement);\n return pass(maybeoperatorComma, expect(\";\"), poplex);\n }\n function property(type) {\n if (type == \"variable\") {cx.marked = \"property\"; return cont();}\n }\n function objprop(type, value) {\n if (type == \"async\") {\n cx.marked = \"property\";\n return cont(objprop);\n } else if (type == \"variable\" || cx.style == \"keyword\") {\n cx.marked = \"property\";\n if (value == \"get\" || value == \"set\") return cont(getterSetter);\n var m // Work around fat-arrow-detection complication for detecting typescript typed arrow params\n if (isTS && cx.state.fatArrowAt == cx.stream.start && (m = cx.stream.match(/^\\s*:\\s*/, false)))\n cx.state.fatArrowAt = cx.stream.pos + m[0].length\n return cont(afterprop);\n } else if (type == \"number\" || type == \"string\") {\n cx.marked = jsonldMode ? \"property\" : (cx.style + \" property\");\n return cont(afterprop);\n } else if (type == \"jsonld-keyword\") {\n return cont(afterprop);\n } else if (isTS && isModifier(value)) {\n cx.marked = \"keyword\"\n return cont(objprop)\n } else if (type == \"[\") {\n return cont(expression, maybetype, expect(\"]\"), afterprop);\n } else if (type == \"spread\") {\n return cont(expressionNoComma, afterprop);\n } else if (value == \"*\") {\n cx.marked = \"keyword\";\n return cont(objprop);\n } else if (type == \":\") {\n return pass(afterprop)\n }\n }\n function getterSetter(type) {\n if (type != \"variable\") return pass(afterprop);\n cx.marked = \"property\";\n return cont(functiondef);\n }\n function afterprop(type) {\n if (type == \":\") return cont(expressionNoComma);\n if (type == \"(\") return pass(functiondef);\n }\n function commasep(what, end, sep) {\n function proceed(type, value) {\n if (sep ? sep.indexOf(type) > -1 : type == \",\") {\n var lex = cx.state.lexical;\n if (lex.info == \"call\") lex.pos = (lex.pos || 0) + 1;\n return cont(function(type, value) {\n if (type == end || value == end) return pass()\n return pass(what)\n }, proceed);\n }\n if (type == end || value == end) return cont();\n if (sep && sep.indexOf(\";\") > -1) return pass(what)\n return cont(expect(end));\n }\n return function(type, value) {\n if (type == end || value == end) return cont();\n return pass(what, proceed);\n };\n }\n function contCommasep(what, end, info) {\n for (var i = 3; i < arguments.length; i++)\n cx.cc.push(arguments[i]);\n return cont(pushlex(end, info), commasep(what, end), poplex);\n }\n function block(type) {\n if (type == \"}\") return cont();\n return pass(statement, block);\n }\n function maybetype(type, value) {\n if (isTS) {\n if (type == \":\") return cont(typeexpr);\n if (value == \"?\") return cont(maybetype);\n }\n }\n function maybetypeOrIn(type, value) {\n if (isTS && (type == \":\" || value == \"in\")) return cont(typeexpr)\n }\n function mayberettype(type) {\n if (isTS && type == \":\") {\n if (cx.stream.match(/^\\s*\\w+\\s+is\\b/, false)) return cont(expression, isKW, typeexpr)\n else return cont(typeexpr)\n }\n }\n function isKW(_, value) {\n if (value == \"is\") {\n cx.marked = \"keyword\"\n return cont()\n }\n }\n function typeexpr(type, value) {\n if (value == \"keyof\" || value == \"typeof\" || value == \"infer\" || value == \"readonly\") {\n cx.marked = \"keyword\"\n return cont(value == \"typeof\" ? expressionNoComma : typeexpr)\n }\n if (type == \"variable\" || value == \"void\") {\n cx.marked = \"type\"\n return cont(afterType)\n }\n if (value == \"|\" || value == \"&\") return cont(typeexpr)\n if (type == \"string\" || type == \"number\" || type == \"atom\") return cont(afterType);\n if (type == \"[\") return cont(pushlex(\"]\"), commasep(typeexpr, \"]\", \",\"), poplex, afterType)\n if (type == \"{\") return cont(pushlex(\"}\"), typeprops, poplex, afterType)\n if (type == \"(\") return cont(commasep(typearg, \")\"), maybeReturnType, afterType)\n if (type == \"<\") return cont(commasep(typeexpr, \">\"), typeexpr)\n if (type == \"quasi\") { return pass(quasiType, afterType); }\n }\n function maybeReturnType(type) {\n if (type == \"=>\") return cont(typeexpr)\n }\n function typeprops(type) {\n if (type.match(/[\\}\\)\\]]/)) return cont()\n if (type == \",\" || type == \";\") return cont(typeprops)\n return pass(typeprop, typeprops)\n }\n function typeprop(type, value) {\n if (type == \"variable\" || cx.style == \"keyword\") {\n cx.marked = \"property\"\n return cont(typeprop)\n } else if (value == \"?\" || type == \"number\" || type == \"string\") {\n return cont(typeprop)\n } else if (type == \":\") {\n return cont(typeexpr)\n } else if (type == \"[\") {\n return cont(expect(\"variable\"), maybetypeOrIn, expect(\"]\"), typeprop)\n } else if (type == \"(\") {\n return pass(functiondecl, typeprop)\n } else if (!type.match(/[;\\}\\)\\],]/)) {\n return cont()\n }\n }\n function quasiType(type, value) {\n if (type != \"quasi\") return pass();\n if (value.slice(value.length - 2) != \"${\") return cont(quasiType);\n return cont(typeexpr, continueQuasiType);\n }\n function continueQuasiType(type) {\n if (type == \"}\") {\n cx.marked = \"string-2\";\n cx.state.tokenize = tokenQuasi;\n return cont(quasiType);\n }\n }\n function typearg(type, value) {\n if (type == \"variable\" && cx.stream.match(/^\\s*[?:]/, false) || value == \"?\") return cont(typearg)\n if (type == \":\") return cont(typeexpr)\n if (type == \"spread\") return cont(typearg)\n return pass(typeexpr)\n }\n function afterType(type, value) {\n if (value == \"<\") return cont(pushlex(\">\"), commasep(typeexpr, \">\"), poplex, afterType)\n if (value == \"|\" || type == \".\" || value == \"&\") return cont(typeexpr)\n if (type == \"[\") return cont(typeexpr, expect(\"]\"), afterType)\n if (value == \"extends\" || value == \"implements\") { cx.marked = \"keyword\"; return cont(typeexpr) }\n if (value == \"?\") return cont(typeexpr, expect(\":\"), typeexpr)\n }\n function maybeTypeArgs(_, value) {\n if (value == \"<\") return cont(pushlex(\">\"), commasep(typeexpr, \">\"), poplex, afterType)\n }\n function typeparam() {\n return pass(typeexpr, maybeTypeDefault)\n }\n function maybeTypeDefault(_, value) {\n if (value == \"=\") return cont(typeexpr)\n }\n function vardef(_, value) {\n if (value == \"enum\") {cx.marked = \"keyword\"; return cont(enumdef)}\n return pass(pattern, maybetype, maybeAssign, vardefCont);\n }\n function pattern(type, value) {\n if (isTS && isModifier(value)) { cx.marked = \"keyword\"; return cont(pattern) }\n if (type == \"variable\") { register(value); return cont(); }\n if (type == \"spread\") return cont(pattern);\n if (type == \"[\") return contCommasep(eltpattern, \"]\");\n if (type == \"{\") return contCommasep(proppattern, \"}\");\n }\n function proppattern(type, value) {\n if (type == \"variable\" && !cx.stream.match(/^\\s*:/, false)) {\n register(value);\n return cont(maybeAssign);\n }\n if (type == \"variable\") cx.marked = \"property\";\n if (type == \"spread\") return cont(pattern);\n if (type == \"}\") return pass();\n if (type == \"[\") return cont(expression, expect(']'), expect(':'), proppattern);\n return cont(expect(\":\"), pattern, maybeAssign);\n }\n function eltpattern() {\n return pass(pattern, maybeAssign)\n }\n function maybeAssign(_type, value) {\n if (value == \"=\") return cont(expressionNoComma);\n }\n function vardefCont(type) {\n if (type == \",\") return cont(vardef);\n }\n function maybeelse(type, value) {\n if (type == \"keyword b\" && value == \"else\") return cont(pushlex(\"form\", \"else\"), statement, poplex);\n }\n function forspec(type, value) {\n if (value == \"await\") return cont(forspec);\n if (type == \"(\") return cont(pushlex(\")\"), forspec1, poplex);\n }\n function forspec1(type) {\n if (type == \"var\") return cont(vardef, forspec2);\n if (type == \"variable\") return cont(forspec2);\n return pass(forspec2)\n }\n function forspec2(type, value) {\n if (type == \")\") return cont()\n if (type == \";\") return cont(forspec2)\n if (value == \"in\" || value == \"of\") { cx.marked = \"keyword\"; return cont(expression, forspec2) }\n return pass(expression, forspec2)\n }\n function functiondef(type, value) {\n if (value == \"*\") {cx.marked = \"keyword\"; return cont(functiondef);}\n if (type == \"variable\") {register(value); return cont(functiondef);}\n if (type == \"(\") return cont(pushcontext, pushlex(\")\"), commasep(funarg, \")\"), poplex, mayberettype, statement, popcontext);\n if (isTS && value == \"<\") return cont(pushlex(\">\"), commasep(typeparam, \">\"), poplex, functiondef)\n }\n function functiondecl(type, value) {\n if (value == \"*\") {cx.marked = \"keyword\"; return cont(functiondecl);}\n if (type == \"variable\") {register(value); return cont(functiondecl);}\n if (type == \"(\") return cont(pushcontext, pushlex(\")\"), commasep(funarg, \")\"), poplex, mayberettype, popcontext);\n if (isTS && value == \"<\") return cont(pushlex(\">\"), commasep(typeparam, \">\"), poplex, functiondecl)\n }\n function typename(type, value) {\n if (type == \"keyword\" || type == \"variable\") {\n cx.marked = \"type\"\n return cont(typename)\n } else if (value == \"<\") {\n return cont(pushlex(\">\"), commasep(typeparam, \">\"), poplex)\n }\n }\n function funarg(type, value) {\n if (value == \"@\") cont(expression, funarg)\n if (type == \"spread\") return cont(funarg);\n if (isTS && isModifier(value)) { cx.marked = \"keyword\"; return cont(funarg); }\n if (isTS && type == \"this\") return cont(maybetype, maybeAssign)\n return pass(pattern, maybetype, maybeAssign);\n }\n function classExpression(type, value) {\n // Class expressions may have an optional name.\n if (type == \"variable\") return className(type, value);\n return classNameAfter(type, value);\n }\n function className(type, value) {\n if (type == \"variable\") {register(value); return cont(classNameAfter);}\n }\n function classNameAfter(type, value) {\n if (value == \"<\") return cont(pushlex(\">\"), commasep(typeparam, \">\"), poplex, classNameAfter)\n if (value == \"extends\" || value == \"implements\" || (isTS && type == \",\")) {\n if (value == \"implements\") cx.marked = \"keyword\";\n return cont(isTS ? typeexpr : expression, classNameAfter);\n }\n if (type == \"{\") return cont(pushlex(\"}\"), classBody, poplex);\n }\n function classBody(type, value) {\n if (type == \"async\" ||\n (type == \"variable\" &&\n (value == \"static\" || value == \"get\" || value == \"set\" || (isTS && isModifier(value))) &&\n cx.stream.match(/^\\s+[\\w$\\xa1-\\uffff]/, false))) {\n cx.marked = \"keyword\";\n return cont(classBody);\n }\n if (type == \"variable\" || cx.style == \"keyword\") {\n cx.marked = \"property\";\n return cont(classfield, classBody);\n }\n if (type == \"number\" || type == \"string\") return cont(classfield, classBody);\n if (type == \"[\")\n return cont(expression, maybetype, expect(\"]\"), classfield, classBody)\n if (value == \"*\") {\n cx.marked = \"keyword\";\n return cont(classBody);\n }\n if (isTS && type == \"(\") return pass(functiondecl, classBody)\n if (type == \";\" || type == \",\") return cont(classBody);\n if (type == \"}\") return cont();\n if (value == \"@\") return cont(expression, classBody)\n }\n function classfield(type, value) {\n if (value == \"!\") return cont(classfield)\n if (value == \"?\") return cont(classfield)\n if (type == \":\") return cont(typeexpr, maybeAssign)\n if (value == \"=\") return cont(expressionNoComma)\n var context = cx.state.lexical.prev, isInterface = context && context.info == \"interface\"\n return pass(isInterface ? functiondecl : functiondef)\n }\n function afterExport(type, value) {\n if (value == \"*\") { cx.marked = \"keyword\"; return cont(maybeFrom, expect(\";\")); }\n if (value == \"default\") { cx.marked = \"keyword\"; return cont(expression, expect(\";\")); }\n if (type == \"{\") return cont(commasep(exportField, \"}\"), maybeFrom, expect(\";\"));\n return pass(statement);\n }\n function exportField(type, value) {\n if (value == \"as\") { cx.marked = \"keyword\"; return cont(expect(\"variable\")); }\n if (type == \"variable\") return pass(expressionNoComma, exportField);\n }\n function afterImport(type) {\n if (type == \"string\") return cont();\n if (type == \"(\") return pass(expression);\n if (type == \".\") return pass(maybeoperatorComma);\n return pass(importSpec, maybeMoreImports, maybeFrom);\n }\n function importSpec(type, value) {\n if (type == \"{\") return contCommasep(importSpec, \"}\");\n if (type == \"variable\") register(value);\n if (value == \"*\") cx.marked = \"keyword\";\n return cont(maybeAs);\n }\n function maybeMoreImports(type) {\n if (type == \",\") return cont(importSpec, maybeMoreImports)\n }\n function maybeAs(_type, value) {\n if (value == \"as\") { cx.marked = \"keyword\"; return cont(importSpec); }\n }\n function maybeFrom(_type, value) {\n if (value == \"from\") { cx.marked = \"keyword\"; return cont(expression); }\n }\n function arrayLiteral(type) {\n if (type == \"]\") return cont();\n return pass(commasep(expressionNoComma, \"]\"));\n }\n function enumdef() {\n return pass(pushlex(\"form\"), pattern, expect(\"{\"), pushlex(\"}\"), commasep(enummember, \"}\"), poplex, poplex)\n }\n function enummember() {\n return pass(pattern, maybeAssign);\n }\n\n function isContinuedStatement(state, textAfter) {\n return state.lastType == \"operator\" || state.lastType == \",\" ||\n isOperatorChar.test(textAfter.charAt(0)) ||\n /[,.]/.test(textAfter.charAt(0));\n }\n\n function expressionAllowed(stream, state, backUp) {\n return state.tokenize == tokenBase &&\n /^(?:operator|sof|keyword [bcd]|case|new|export|default|spread|[\\[{}\\(,;:]|=>)$/.test(state.lastType) ||\n (state.lastType == \"quasi\" && /\\{\\s*$/.test(stream.string.slice(0, stream.pos - (backUp || 0))))\n }\n\n // Interface\n\n return {\n startState: function(basecolumn) {\n var state = {\n tokenize: tokenBase,\n lastType: \"sof\",\n cc: [],\n lexical: new JSLexical((basecolumn || 0) - indentUnit, 0, \"block\", false),\n localVars: parserConfig.localVars,\n context: parserConfig.localVars && new Context(null, null, false),\n indented: basecolumn || 0\n };\n if (parserConfig.globalVars && typeof parserConfig.globalVars == \"object\")\n state.globalVars = parserConfig.globalVars;\n return state;\n },\n\n token: function(stream, state) {\n if (stream.sol()) {\n if (!state.lexical.hasOwnProperty(\"align\"))\n state.lexical.align = false;\n state.indented = stream.indentation();\n findFatArrow(stream, state);\n }\n if (state.tokenize != tokenComment && stream.eatSpace()) return null;\n var style = state.tokenize(stream, state);\n if (type == \"comment\") return style;\n state.lastType = type == \"operator\" && (content == \"++\" || content == \"--\") ? \"incdec\" : type;\n return parseJS(state, style, type, content, stream);\n },\n\n indent: function(state, textAfter) {\n if (state.tokenize == tokenComment || state.tokenize == tokenQuasi) return CodeMirror.Pass;\n if (state.tokenize != tokenBase) return 0;\n var firstChar = textAfter && textAfter.charAt(0), lexical = state.lexical, top\n // Kludge to prevent 'maybelse' from blocking lexical scope pops\n if (!/^\\s*else\\b/.test(textAfter)) for (var i = state.cc.length - 1; i >= 0; --i) {\n var c = state.cc[i];\n if (c == poplex) lexical = lexical.prev;\n else if (c != maybeelse && c != popcontext) break;\n }\n while ((lexical.type == \"stat\" || lexical.type == \"form\") &&\n (firstChar == \"}\" || ((top = state.cc[state.cc.length - 1]) &&\n (top == maybeoperatorComma || top == maybeoperatorNoComma) &&\n !/^[,\\.=+\\-*:?[\\(]/.test(textAfter))))\n lexical = lexical.prev;\n if (statementIndent && lexical.type == \")\" && lexical.prev.type == \"stat\")\n lexical = lexical.prev;\n var type = lexical.type, closing = firstChar == type;\n\n if (type == \"vardef\") return lexical.indented + (state.lastType == \"operator\" || state.lastType == \",\" ? lexical.info.length + 1 : 0);\n else if (type == \"form\" && firstChar == \"{\") return lexical.indented;\n else if (type == \"form\") return lexical.indented + indentUnit;\n else if (type == \"stat\")\n return lexical.indented + (isContinuedStatement(state, textAfter) ? statementIndent || indentUnit : 0);\n else if (lexical.info == \"switch\" && !closing && parserConfig.doubleIndentSwitch != false)\n return lexical.indented + (/^(?:case|default)\\b/.test(textAfter) ? indentUnit : 2 * indentUnit);\n else if (lexical.align) return lexical.column + (closing ? 0 : 1);\n else return lexical.indented + (closing ? 0 : indentUnit);\n },\n\n electricInput: /^\\s*(?:case .*?:|default:|\\{|\\})$/,\n blockCommentStart: jsonMode ? null : \"/*\",\n blockCommentEnd: jsonMode ? null : \"*/\",\n blockCommentContinue: jsonMode ? null : \" * \",\n lineComment: jsonMode ? null : \"//\",\n fold: \"brace\",\n closeBrackets: \"()[]{}''\\\"\\\"``\",\n\n helperType: jsonMode ? \"json\" : \"javascript\",\n jsonldMode: jsonldMode,\n jsonMode: jsonMode,\n\n expressionAllowed: expressionAllowed,\n\n skipExpression: function(state) {\n parseJS(state, \"atom\", \"atom\", \"true\", new CodeMirror.StringStream(\"\", 2, null))\n }\n };\n});\n\nCodeMirror.registerHelper(\"wordChars\", \"javascript\", /[\\w$]/);\n\nCodeMirror.defineMIME(\"text/javascript\", \"javascript\");\nCodeMirror.defineMIME(\"text/ecmascript\", \"javascript\");\nCodeMirror.defineMIME(\"application/javascript\", \"javascript\");\nCodeMirror.defineMIME(\"application/x-javascript\", \"javascript\");\nCodeMirror.defineMIME(\"application/ecmascript\", \"javascript\");\nCodeMirror.defineMIME(\"application/json\", { name: \"javascript\", json: true });\nCodeMirror.defineMIME(\"application/x-json\", { name: \"javascript\", json: true });\nCodeMirror.defineMIME(\"application/manifest+json\", { name: \"javascript\", json: true })\nCodeMirror.defineMIME(\"application/ld+json\", { name: \"javascript\", jsonld: true });\nCodeMirror.defineMIME(\"text/typescript\", { name: \"javascript\", typescript: true });\nCodeMirror.defineMIME(\"application/typescript\", { name: \"javascript\", typescript: true });\n\n});\n","// CodeMirror, copyright (c) by Marijn Haverbeke and others\n// Distributed under an MIT license: https://codemirror.net/LICENSE\n\n(function(mod) {\n if (typeof exports == \"object\" && typeof module == \"object\") // CommonJS\n mod(require(\"../../lib/codemirror\"));\n else if (typeof define == \"function\" && define.amd) // AMD\n define([\"../../lib/codemirror\"], mod);\n else // Plain browser env\n mod(CodeMirror);\n})(function(CodeMirror) {\n\"use strict\";\n\nvar htmlConfig = {\n autoSelfClosers: {'area': true, 'base': true, 'br': true, 'col': true, 'command': true,\n 'embed': true, 'frame': true, 'hr': true, 'img': true, 'input': true,\n 'keygen': true, 'link': true, 'meta': true, 'param': true, 'source': true,\n 'track': true, 'wbr': true, 'menuitem': true},\n implicitlyClosed: {'dd': true, 'li': true, 'optgroup': true, 'option': true, 'p': true,\n 'rp': true, 'rt': true, 'tbody': true, 'td': true, 'tfoot': true,\n 'th': true, 'tr': true},\n contextGrabbers: {\n 'dd': {'dd': true, 'dt': true},\n 'dt': {'dd': true, 'dt': true},\n 'li': {'li': true},\n 'option': {'option': true, 'optgroup': true},\n 'optgroup': {'optgroup': true},\n 'p': {'address': true, 'article': true, 'aside': true, 'blockquote': true, 'dir': true,\n 'div': true, 'dl': true, 'fieldset': true, 'footer': true, 'form': true,\n 'h1': true, 'h2': true, 'h3': true, 'h4': true, 'h5': true, 'h6': true,\n 'header': true, 'hgroup': true, 'hr': true, 'menu': true, 'nav': true, 'ol': true,\n 'p': true, 'pre': true, 'section': true, 'table': true, 'ul': true},\n 'rp': {'rp': true, 'rt': true},\n 'rt': {'rp': true, 'rt': true},\n 'tbody': {'tbody': true, 'tfoot': true},\n 'td': {'td': true, 'th': true},\n 'tfoot': {'tbody': true},\n 'th': {'td': true, 'th': true},\n 'thead': {'tbody': true, 'tfoot': true},\n 'tr': {'tr': true}\n },\n doNotIndent: {\"pre\": true},\n allowUnquoted: true,\n allowMissing: true,\n caseFold: true\n}\n\nvar xmlConfig = {\n autoSelfClosers: {},\n implicitlyClosed: {},\n contextGrabbers: {},\n doNotIndent: {},\n allowUnquoted: false,\n allowMissing: false,\n allowMissingTagName: false,\n caseFold: false\n}\n\nCodeMirror.defineMode(\"xml\", function(editorConf, config_) {\n var indentUnit = editorConf.indentUnit\n var config = {}\n var defaults = config_.htmlMode ? htmlConfig : xmlConfig\n for (var prop in defaults) config[prop] = defaults[prop]\n for (var prop in config_) config[prop] = config_[prop]\n\n // Return variables for tokenizers\n var type, setStyle;\n\n function inText(stream, state) {\n function chain(parser) {\n state.tokenize = parser;\n return parser(stream, state);\n }\n\n var ch = stream.next();\n if (ch == \"<\") {\n if (stream.eat(\"!\")) {\n if (stream.eat(\"[\")) {\n if (stream.match(\"CDATA[\")) return chain(inBlock(\"atom\", \"]]>\"));\n else return null;\n } else if (stream.match(\"--\")) {\n return chain(inBlock(\"comment\", \"-->\"));\n } else if (stream.match(\"DOCTYPE\", true, true)) {\n stream.eatWhile(/[\\w\\._\\-]/);\n return chain(doctype(1));\n } else {\n return null;\n }\n } else if (stream.eat(\"?\")) {\n stream.eatWhile(/[\\w\\._\\-]/);\n state.tokenize = inBlock(\"meta\", \"?>\");\n return \"meta\";\n } else {\n type = stream.eat(\"/\") ? \"closeTag\" : \"openTag\";\n state.tokenize = inTag;\n return \"tag bracket\";\n }\n } else if (ch == \"&\") {\n var ok;\n if (stream.eat(\"#\")) {\n if (stream.eat(\"x\")) {\n ok = stream.eatWhile(/[a-fA-F\\d]/) && stream.eat(\";\");\n } else {\n ok = stream.eatWhile(/[\\d]/) && stream.eat(\";\");\n }\n } else {\n ok = stream.eatWhile(/[\\w\\.\\-:]/) && stream.eat(\";\");\n }\n return ok ? \"atom\" : \"error\";\n } else {\n stream.eatWhile(/[^&<]/);\n return null;\n }\n }\n inText.isInText = true;\n\n function inTag(stream, state) {\n var ch = stream.next();\n if (ch == \">\" || (ch == \"/\" && stream.eat(\">\"))) {\n state.tokenize = inText;\n type = ch == \">\" ? \"endTag\" : \"selfcloseTag\";\n return \"tag bracket\";\n } else if (ch == \"=\") {\n type = \"equals\";\n return null;\n } else if (ch == \"<\") {\n state.tokenize = inText;\n state.state = baseState;\n state.tagName = state.tagStart = null;\n var next = state.tokenize(stream, state);\n return next ? next + \" tag error\" : \"tag error\";\n } else if (/[\\'\\\"]/.test(ch)) {\n state.tokenize = inAttribute(ch);\n state.stringStartCol = stream.column();\n return state.tokenize(stream, state);\n } else {\n stream.match(/^[^\\s\\u00a0=<>\\\"\\']*[^\\s\\u00a0=<>\\\"\\'\\/]/);\n return \"word\";\n }\n }\n\n function inAttribute(quote) {\n var closure = function(stream, state) {\n while (!stream.eol()) {\n if (stream.next() == quote) {\n state.tokenize = inTag;\n break;\n }\n }\n return \"string\";\n };\n closure.isInAttribute = true;\n return closure;\n }\n\n function inBlock(style, terminator) {\n return function(stream, state) {\n while (!stream.eol()) {\n if (stream.match(terminator)) {\n state.tokenize = inText;\n break;\n }\n stream.next();\n }\n return style;\n }\n }\n\n function doctype(depth) {\n return function(stream, state) {\n var ch;\n while ((ch = stream.next()) != null) {\n if (ch == \"<\") {\n state.tokenize = doctype(depth + 1);\n return state.tokenize(stream, state);\n } else if (ch == \">\") {\n if (depth == 1) {\n state.tokenize = inText;\n break;\n } else {\n state.tokenize = doctype(depth - 1);\n return state.tokenize(stream, state);\n }\n }\n }\n return \"meta\";\n };\n }\n\n function Context(state, tagName, startOfLine) {\n this.prev = state.context;\n this.tagName = tagName || \"\";\n this.indent = state.indented;\n this.startOfLine = startOfLine;\n if (config.doNotIndent.hasOwnProperty(tagName) || (state.context && state.context.noIndent))\n this.noIndent = true;\n }\n function popContext(state) {\n if (state.context) state.context = state.context.prev;\n }\n function maybePopContext(state, nextTagName) {\n var parentTagName;\n while (true) {\n if (!state.context) {\n return;\n }\n parentTagName = state.context.tagName;\n if (!config.contextGrabbers.hasOwnProperty(parentTagName) ||\n !config.contextGrabbers[parentTagName].hasOwnProperty(nextTagName)) {\n return;\n }\n popContext(state);\n }\n }\n\n function baseState(type, stream, state) {\n if (type == \"openTag\") {\n state.tagStart = stream.column();\n return tagNameState;\n } else if (type == \"closeTag\") {\n return closeTagNameState;\n } else {\n return baseState;\n }\n }\n function tagNameState(type, stream, state) {\n if (type == \"word\") {\n state.tagName = stream.current();\n setStyle = \"tag\";\n return attrState;\n } else if (config.allowMissingTagName && type == \"endTag\") {\n setStyle = \"tag bracket\";\n return attrState(type, stream, state);\n } else {\n setStyle = \"error\";\n return tagNameState;\n }\n }\n function closeTagNameState(type, stream, state) {\n if (type == \"word\") {\n var tagName = stream.current();\n if (state.context && state.context.tagName != tagName &&\n config.implicitlyClosed.hasOwnProperty(state.context.tagName))\n popContext(state);\n if ((state.context && state.context.tagName == tagName) || config.matchClosing === false) {\n setStyle = \"tag\";\n return closeState;\n } else {\n setStyle = \"tag error\";\n return closeStateErr;\n }\n } else if (config.allowMissingTagName && type == \"endTag\") {\n setStyle = \"tag bracket\";\n return closeState(type, stream, state);\n } else {\n setStyle = \"error\";\n return closeStateErr;\n }\n }\n\n function closeState(type, _stream, state) {\n if (type != \"endTag\") {\n setStyle = \"error\";\n return closeState;\n }\n popContext(state);\n return baseState;\n }\n function closeStateErr(type, stream, state) {\n setStyle = \"error\";\n return closeState(type, stream, state);\n }\n\n function attrState(type, _stream, state) {\n if (type == \"word\") {\n setStyle = \"attribute\";\n return attrEqState;\n } else if (type == \"endTag\" || type == \"selfcloseTag\") {\n var tagName = state.tagName, tagStart = state.tagStart;\n state.tagName = state.tagStart = null;\n if (type == \"selfcloseTag\" ||\n config.autoSelfClosers.hasOwnProperty(tagName)) {\n maybePopContext(state, tagName);\n } else {\n maybePopContext(state, tagName);\n state.context = new Context(state, tagName, tagStart == state.indented);\n }\n return baseState;\n }\n setStyle = \"error\";\n return attrState;\n }\n function attrEqState(type, stream, state) {\n if (type == \"equals\") return attrValueState;\n if (!config.allowMissing) setStyle = \"error\";\n return attrState(type, stream, state);\n }\n function attrValueState(type, stream, state) {\n if (type == \"string\") return attrContinuedState;\n if (type == \"word\" && config.allowUnquoted) {setStyle = \"string\"; return attrState;}\n setStyle = \"error\";\n return attrState(type, stream, state);\n }\n function attrContinuedState(type, stream, state) {\n if (type == \"string\") return attrContinuedState;\n return attrState(type, stream, state);\n }\n\n return {\n startState: function(baseIndent) {\n var state = {tokenize: inText,\n state: baseState,\n indented: baseIndent || 0,\n tagName: null, tagStart: null,\n context: null}\n if (baseIndent != null) state.baseIndent = baseIndent\n return state\n },\n\n token: function(stream, state) {\n if (!state.tagName && stream.sol())\n state.indented = stream.indentation();\n\n if (stream.eatSpace()) return null;\n type = null;\n var style = state.tokenize(stream, state);\n if ((style || type) && style != \"comment\") {\n setStyle = null;\n state.state = state.state(type || style, stream, state);\n if (setStyle)\n style = setStyle == \"error\" ? style + \" error\" : setStyle;\n }\n return style;\n },\n\n indent: function(state, textAfter, fullLine) {\n var context = state.context;\n // Indent multi-line strings (e.g. css).\n if (state.tokenize.isInAttribute) {\n if (state.tagStart == state.indented)\n return state.stringStartCol + 1;\n else\n return state.indented + indentUnit;\n }\n if (context && context.noIndent) return CodeMirror.Pass;\n if (state.tokenize != inTag && state.tokenize != inText)\n return fullLine ? fullLine.match(/^(\\s*)/)[0].length : 0;\n // Indent the starts of attribute names.\n if (state.tagName) {\n if (config.multilineTagIndentPastTag !== false)\n return state.tagStart + state.tagName.length + 2;\n else\n return state.tagStart + indentUnit * (config.multilineTagIndentFactor || 1);\n }\n if (config.alignCDATA && /$/,\n blockCommentStart: \"\",\n\n configuration: config.htmlMode ? \"html\" : \"xml\",\n helperType: config.htmlMode ? \"html\" : \"xml\",\n\n skipAttribute: function(state) {\n if (state.state == attrValueState)\n state.state = attrState\n },\n\n xmlCurrentTag: function(state) {\n return state.tagName ? {name: state.tagName, close: state.type == \"closeTag\"} : null\n },\n\n xmlCurrentContext: function(state) {\n var context = []\n for (var cx = state.context; cx; cx = cx.prev)\n context.push(cx.tagName)\n return context.reverse()\n }\n };\n});\n\nCodeMirror.defineMIME(\"text/xml\", \"xml\");\nCodeMirror.defineMIME(\"application/xml\", \"xml\");\nif (!CodeMirror.mimeModes.hasOwnProperty(\"text/html\"))\n CodeMirror.defineMIME(\"text/html\", {name: \"xml\", htmlMode: true});\n\n});\n","// CodeMirror, copyright (c) by Marijn Haverbeke and others\n// Distributed under an MIT license: https://codemirror.net/LICENSE\n\n(function(mod) {\n if (typeof exports == \"object\" && typeof module == \"object\") // CommonJS\n mod(require(\"../../lib/codemirror\"), require(\"../xml/xml\"), require(\"../javascript/javascript\"), require(\"../css/css\"));\n else if (typeof define == \"function\" && define.amd) // AMD\n define([\"../../lib/codemirror\", \"../xml/xml\", \"../javascript/javascript\", \"../css/css\"], mod);\n else // Plain browser env\n mod(CodeMirror);\n})(function(CodeMirror) {\n \"use strict\";\n\n var defaultTags = {\n script: [\n [\"lang\", /(javascript|babel)/i, \"javascript\"],\n [\"type\", /^(?:text|application)\\/(?:x-)?(?:java|ecma)script$|^module$|^$/i, \"javascript\"],\n [\"type\", /./, \"text/plain\"],\n [null, null, \"javascript\"]\n ],\n style: [\n [\"lang\", /^css$/i, \"css\"],\n [\"type\", /^(text\\/)?(x-)?(stylesheet|css)$/i, \"css\"],\n [\"type\", /./, \"text/plain\"],\n [null, null, \"css\"]\n ]\n };\n\n function maybeBackup(stream, pat, style) {\n var cur = stream.current(), close = cur.search(pat);\n if (close > -1) {\n stream.backUp(cur.length - close);\n } else if (cur.match(/<\\/?$/)) {\n stream.backUp(cur.length);\n if (!stream.match(pat, false)) stream.match(cur);\n }\n return style;\n }\n\n var attrRegexpCache = {};\n function getAttrRegexp(attr) {\n var regexp = attrRegexpCache[attr];\n if (regexp) return regexp;\n return attrRegexpCache[attr] = new RegExp(\"\\\\s+\" + attr + \"\\\\s*=\\\\s*('|\\\")?([^'\\\"]+)('|\\\")?\\\\s*\");\n }\n\n function getAttrValue(text, attr) {\n var match = text.match(getAttrRegexp(attr))\n return match ? /^\\s*(.*?)\\s*$/.exec(match[2])[1] : \"\"\n }\n\n function getTagRegexp(tagName, anchored) {\n return new RegExp((anchored ? \"^\" : \"\") + \"<\\/\\s*\" + tagName + \"\\s*>\", \"i\");\n }\n\n function addTags(from, to) {\n for (var tag in from) {\n var dest = to[tag] || (to[tag] = []);\n var source = from[tag];\n for (var i = source.length - 1; i >= 0; i--)\n dest.unshift(source[i])\n }\n }\n\n function findMatchingMode(tagInfo, tagText) {\n for (var i = 0; i < tagInfo.length; i++) {\n var spec = tagInfo[i];\n if (!spec[0] || spec[1].test(getAttrValue(tagText, spec[0]))) return spec[2];\n }\n }\n\n CodeMirror.defineMode(\"htmlmixed\", function (config, parserConfig) {\n var htmlMode = CodeMirror.getMode(config, {\n name: \"xml\",\n htmlMode: true,\n multilineTagIndentFactor: parserConfig.multilineTagIndentFactor,\n multilineTagIndentPastTag: parserConfig.multilineTagIndentPastTag,\n allowMissingTagName: parserConfig.allowMissingTagName,\n });\n\n var tags = {};\n var configTags = parserConfig && parserConfig.tags, configScript = parserConfig && parserConfig.scriptTypes;\n addTags(defaultTags, tags);\n if (configTags) addTags(configTags, tags);\n if (configScript) for (var i = configScript.length - 1; i >= 0; i--)\n tags.script.unshift([\"type\", configScript[i].matches, configScript[i].mode])\n\n function html(stream, state) {\n var style = htmlMode.token(stream, state.htmlState), tag = /\\btag\\b/.test(style), tagName\n if (tag && !/[<>\\s\\/]/.test(stream.current()) &&\n (tagName = state.htmlState.tagName && state.htmlState.tagName.toLowerCase()) &&\n tags.hasOwnProperty(tagName)) {\n state.inTag = tagName + \" \"\n } else if (state.inTag && tag && />$/.test(stream.current())) {\n var inTag = /^([\\S]+) (.*)/.exec(state.inTag)\n state.inTag = null\n var modeSpec = stream.current() == \">\" && findMatchingMode(tags[inTag[1]], inTag[2])\n var mode = CodeMirror.getMode(config, modeSpec)\n var endTagA = getTagRegexp(inTag[1], true), endTag = getTagRegexp(inTag[1], false);\n state.token = function (stream, state) {\n if (stream.match(endTagA, false)) {\n state.token = html;\n state.localState = state.localMode = null;\n return null;\n }\n return maybeBackup(stream, endTag, state.localMode.token(stream, state.localState));\n };\n state.localMode = mode;\n state.localState = CodeMirror.startState(mode, htmlMode.indent(state.htmlState, \"\", \"\"));\n } else if (state.inTag) {\n state.inTag += stream.current()\n if (stream.eol()) state.inTag += \" \"\n }\n return style;\n };\n\n return {\n startState: function () {\n var state = CodeMirror.startState(htmlMode);\n return {token: html, inTag: null, localMode: null, localState: null, htmlState: state};\n },\n\n copyState: function (state) {\n var local;\n if (state.localState) {\n local = CodeMirror.copyState(state.localMode, state.localState);\n }\n return {token: state.token, inTag: state.inTag,\n localMode: state.localMode, localState: local,\n htmlState: CodeMirror.copyState(htmlMode, state.htmlState)};\n },\n\n token: function (stream, state) {\n return state.token(stream, state);\n },\n\n indent: function (state, textAfter, line) {\n if (!state.localMode || /^\\s*<\\//.test(textAfter))\n return htmlMode.indent(state.htmlState, textAfter, line);\n else if (state.localMode.indent)\n return state.localMode.indent(state.localState, textAfter, line);\n else\n return CodeMirror.Pass;\n },\n\n innerMode: function (state) {\n return {state: state.localState || state.htmlState, mode: state.localMode || htmlMode};\n }\n };\n }, \"xml\", \"javascript\", \"css\");\n\n CodeMirror.defineMIME(\"text/html\", \"htmlmixed\");\n});\n","// CodeMirror, copyright (c) by Marijn Haverbeke and others\n// Distributed under an MIT license: https://codemirror.net/LICENSE\n\n(function(mod) {\n if (typeof exports == \"object\" && typeof module == \"object\") // CommonJS\n mod(require(\"../../lib/codemirror\"));\n else if (typeof define == \"function\" && define.amd) // AMD\n define([\"../../lib/codemirror\"], mod);\n else // Plain browser env\n mod(CodeMirror);\n})(function(CodeMirror) {\n\"use strict\";\n\nCodeMirror.defineMode(\"css\", function(config, parserConfig) {\n var inline = parserConfig.inline\n if (!parserConfig.propertyKeywords) parserConfig = CodeMirror.resolveMode(\"text/css\");\n\n var indentUnit = config.indentUnit,\n tokenHooks = parserConfig.tokenHooks,\n documentTypes = parserConfig.documentTypes || {},\n mediaTypes = parserConfig.mediaTypes || {},\n mediaFeatures = parserConfig.mediaFeatures || {},\n mediaValueKeywords = parserConfig.mediaValueKeywords || {},\n propertyKeywords = parserConfig.propertyKeywords || {},\n nonStandardPropertyKeywords = parserConfig.nonStandardPropertyKeywords || {},\n fontProperties = parserConfig.fontProperties || {},\n counterDescriptors = parserConfig.counterDescriptors || {},\n colorKeywords = parserConfig.colorKeywords || {},\n valueKeywords = parserConfig.valueKeywords || {},\n allowNested = parserConfig.allowNested,\n lineComment = parserConfig.lineComment,\n supportsAtComponent = parserConfig.supportsAtComponent === true,\n highlightNonStandardPropertyKeywords = config.highlightNonStandardPropertyKeywords !== false;\n\n var type, override;\n function ret(style, tp) { type = tp; return style; }\n\n // Tokenizers\n\n function tokenBase(stream, state) {\n var ch = stream.next();\n if (tokenHooks[ch]) {\n var result = tokenHooks[ch](stream, state);\n if (result !== false) return result;\n }\n if (ch == \"@\") {\n stream.eatWhile(/[\\w\\\\\\-]/);\n return ret(\"def\", stream.current());\n } else if (ch == \"=\" || (ch == \"~\" || ch == \"|\") && stream.eat(\"=\")) {\n return ret(null, \"compare\");\n } else if (ch == \"\\\"\" || ch == \"'\") {\n state.tokenize = tokenString(ch);\n return state.tokenize(stream, state);\n } else if (ch == \"#\") {\n stream.eatWhile(/[\\w\\\\\\-]/);\n return ret(\"atom\", \"hash\");\n } else if (ch == \"!\") {\n stream.match(/^\\s*\\w*/);\n return ret(\"keyword\", \"important\");\n } else if (/\\d/.test(ch) || ch == \".\" && stream.eat(/\\d/)) {\n stream.eatWhile(/[\\w.%]/);\n return ret(\"number\", \"unit\");\n } else if (ch === \"-\") {\n if (/[\\d.]/.test(stream.peek())) {\n stream.eatWhile(/[\\w.%]/);\n return ret(\"number\", \"unit\");\n } else if (stream.match(/^-[\\w\\\\\\-]*/)) {\n stream.eatWhile(/[\\w\\\\\\-]/);\n if (stream.match(/^\\s*:/, false))\n return ret(\"variable-2\", \"variable-definition\");\n return ret(\"variable-2\", \"variable\");\n } else if (stream.match(/^\\w+-/)) {\n return ret(\"meta\", \"meta\");\n }\n } else if (/[,+>*\\/]/.test(ch)) {\n return ret(null, \"select-op\");\n } else if (ch == \".\" && stream.match(/^-?[_a-z][_a-z0-9-]*/i)) {\n return ret(\"qualifier\", \"qualifier\");\n } else if (/[:;{}\\[\\]\\(\\)]/.test(ch)) {\n return ret(null, ch);\n } else if (stream.match(/^[\\w-.]+(?=\\()/)) {\n if (/^(url(-prefix)?|domain|regexp)$/i.test(stream.current())) {\n state.tokenize = tokenParenthesized;\n }\n return ret(\"variable callee\", \"variable\");\n } else if (/[\\w\\\\\\-]/.test(ch)) {\n stream.eatWhile(/[\\w\\\\\\-]/);\n return ret(\"property\", \"word\");\n } else {\n return ret(null, null);\n }\n }\n\n function tokenString(quote) {\n return function(stream, state) {\n var escaped = false, ch;\n while ((ch = stream.next()) != null) {\n if (ch == quote && !escaped) {\n if (quote == \")\") stream.backUp(1);\n break;\n }\n escaped = !escaped && ch == \"\\\\\";\n }\n if (ch == quote || !escaped && quote != \")\") state.tokenize = null;\n return ret(\"string\", \"string\");\n };\n }\n\n function tokenParenthesized(stream, state) {\n stream.next(); // Must be '('\n if (!stream.match(/^\\s*[\\\"\\')]/, false))\n state.tokenize = tokenString(\")\");\n else\n state.tokenize = null;\n return ret(null, \"(\");\n }\n\n // Context management\n\n function Context(type, indent, prev) {\n this.type = type;\n this.indent = indent;\n this.prev = prev;\n }\n\n function pushContext(state, stream, type, indent) {\n state.context = new Context(type, stream.indentation() + (indent === false ? 0 : indentUnit), state.context);\n return type;\n }\n\n function popContext(state) {\n if (state.context.prev)\n state.context = state.context.prev;\n return state.context.type;\n }\n\n function pass(type, stream, state) {\n return states[state.context.type](type, stream, state);\n }\n function popAndPass(type, stream, state, n) {\n for (var i = n || 1; i > 0; i--)\n state.context = state.context.prev;\n return pass(type, stream, state);\n }\n\n // Parser\n\n function wordAsValue(stream) {\n var word = stream.current().toLowerCase();\n if (valueKeywords.hasOwnProperty(word))\n override = \"atom\";\n else if (colorKeywords.hasOwnProperty(word))\n override = \"keyword\";\n else\n override = \"variable\";\n }\n\n var states = {};\n\n states.top = function(type, stream, state) {\n if (type == \"{\") {\n return pushContext(state, stream, \"block\");\n } else if (type == \"}\" && state.context.prev) {\n return popContext(state);\n } else if (supportsAtComponent && /@component/i.test(type)) {\n return pushContext(state, stream, \"atComponentBlock\");\n } else if (/^@(-moz-)?document$/i.test(type)) {\n return pushContext(state, stream, \"documentTypes\");\n } else if (/^@(media|supports|(-moz-)?document|import)$/i.test(type)) {\n return pushContext(state, stream, \"atBlock\");\n } else if (/^@(font-face|counter-style)/i.test(type)) {\n state.stateArg = type;\n return \"restricted_atBlock_before\";\n } else if (/^@(-(moz|ms|o|webkit)-)?keyframes$/i.test(type)) {\n return \"keyframes\";\n } else if (type && type.charAt(0) == \"@\") {\n return pushContext(state, stream, \"at\");\n } else if (type == \"hash\") {\n override = \"builtin\";\n } else if (type == \"word\") {\n override = \"tag\";\n } else if (type == \"variable-definition\") {\n return \"maybeprop\";\n } else if (type == \"interpolation\") {\n return pushContext(state, stream, \"interpolation\");\n } else if (type == \":\") {\n return \"pseudo\";\n } else if (allowNested && type == \"(\") {\n return pushContext(state, stream, \"parens\");\n }\n return state.context.type;\n };\n\n states.block = function(type, stream, state) {\n if (type == \"word\") {\n var word = stream.current().toLowerCase();\n if (propertyKeywords.hasOwnProperty(word)) {\n override = \"property\";\n return \"maybeprop\";\n } else if (nonStandardPropertyKeywords.hasOwnProperty(word)) {\n override = highlightNonStandardPropertyKeywords ? \"string-2\" : \"property\";\n return \"maybeprop\";\n } else if (allowNested) {\n override = stream.match(/^\\s*:(?:\\s|$)/, false) ? \"property\" : \"tag\";\n return \"block\";\n } else {\n override += \" error\";\n return \"maybeprop\";\n }\n } else if (type == \"meta\") {\n return \"block\";\n } else if (!allowNested && (type == \"hash\" || type == \"qualifier\")) {\n override = \"error\";\n return \"block\";\n } else {\n return states.top(type, stream, state);\n }\n };\n\n states.maybeprop = function(type, stream, state) {\n if (type == \":\") return pushContext(state, stream, \"prop\");\n return pass(type, stream, state);\n };\n\n states.prop = function(type, stream, state) {\n if (type == \";\") return popContext(state);\n if (type == \"{\" && allowNested) return pushContext(state, stream, \"propBlock\");\n if (type == \"}\" || type == \"{\") return popAndPass(type, stream, state);\n if (type == \"(\") return pushContext(state, stream, \"parens\");\n\n if (type == \"hash\" && !/^#([0-9a-fA-f]{3,4}|[0-9a-fA-f]{6}|[0-9a-fA-f]{8})$/.test(stream.current())) {\n override += \" error\";\n } else if (type == \"word\") {\n wordAsValue(stream);\n } else if (type == \"interpolation\") {\n return pushContext(state, stream, \"interpolation\");\n }\n return \"prop\";\n };\n\n states.propBlock = function(type, _stream, state) {\n if (type == \"}\") return popContext(state);\n if (type == \"word\") { override = \"property\"; return \"maybeprop\"; }\n return state.context.type;\n };\n\n states.parens = function(type, stream, state) {\n if (type == \"{\" || type == \"}\") return popAndPass(type, stream, state);\n if (type == \")\") return popContext(state);\n if (type == \"(\") return pushContext(state, stream, \"parens\");\n if (type == \"interpolation\") return pushContext(state, stream, \"interpolation\");\n if (type == \"word\") wordAsValue(stream);\n return \"parens\";\n };\n\n states.pseudo = function(type, stream, state) {\n if (type == \"meta\") return \"pseudo\";\n\n if (type == \"word\") {\n override = \"variable-3\";\n return state.context.type;\n }\n return pass(type, stream, state);\n };\n\n states.documentTypes = function(type, stream, state) {\n if (type == \"word\" && documentTypes.hasOwnProperty(stream.current())) {\n override = \"tag\";\n return state.context.type;\n } else {\n return states.atBlock(type, stream, state);\n }\n };\n\n states.atBlock = function(type, stream, state) {\n if (type == \"(\") return pushContext(state, stream, \"atBlock_parens\");\n if (type == \"}\" || type == \";\") return popAndPass(type, stream, state);\n if (type == \"{\") return popContext(state) && pushContext(state, stream, allowNested ? \"block\" : \"top\");\n\n if (type == \"interpolation\") return pushContext(state, stream, \"interpolation\");\n\n if (type == \"word\") {\n var word = stream.current().toLowerCase();\n if (word == \"only\" || word == \"not\" || word == \"and\" || word == \"or\")\n override = \"keyword\";\n else if (mediaTypes.hasOwnProperty(word))\n override = \"attribute\";\n else if (mediaFeatures.hasOwnProperty(word))\n override = \"property\";\n else if (mediaValueKeywords.hasOwnProperty(word))\n override = \"keyword\";\n else if (propertyKeywords.hasOwnProperty(word))\n override = \"property\";\n else if (nonStandardPropertyKeywords.hasOwnProperty(word))\n override = highlightNonStandardPropertyKeywords ? \"string-2\" : \"property\";\n else if (valueKeywords.hasOwnProperty(word))\n override = \"atom\";\n else if (colorKeywords.hasOwnProperty(word))\n override = \"keyword\";\n else\n override = \"error\";\n }\n return state.context.type;\n };\n\n states.atComponentBlock = function(type, stream, state) {\n if (type == \"}\")\n return popAndPass(type, stream, state);\n if (type == \"{\")\n return popContext(state) && pushContext(state, stream, allowNested ? \"block\" : \"top\", false);\n if (type == \"word\")\n override = \"error\";\n return state.context.type;\n };\n\n states.atBlock_parens = function(type, stream, state) {\n if (type == \")\") return popContext(state);\n if (type == \"{\" || type == \"}\") return popAndPass(type, stream, state, 2);\n return states.atBlock(type, stream, state);\n };\n\n states.restricted_atBlock_before = function(type, stream, state) {\n if (type == \"{\")\n return pushContext(state, stream, \"restricted_atBlock\");\n if (type == \"word\" && state.stateArg == \"@counter-style\") {\n override = \"variable\";\n return \"restricted_atBlock_before\";\n }\n return pass(type, stream, state);\n };\n\n states.restricted_atBlock = function(type, stream, state) {\n if (type == \"}\") {\n state.stateArg = null;\n return popContext(state);\n }\n if (type == \"word\") {\n if ((state.stateArg == \"@font-face\" && !fontProperties.hasOwnProperty(stream.current().toLowerCase())) ||\n (state.stateArg == \"@counter-style\" && !counterDescriptors.hasOwnProperty(stream.current().toLowerCase())))\n override = \"error\";\n else\n override = \"property\";\n return \"maybeprop\";\n }\n return \"restricted_atBlock\";\n };\n\n states.keyframes = function(type, stream, state) {\n if (type == \"word\") { override = \"variable\"; return \"keyframes\"; }\n if (type == \"{\") return pushContext(state, stream, \"top\");\n return pass(type, stream, state);\n };\n\n states.at = function(type, stream, state) {\n if (type == \";\") return popContext(state);\n if (type == \"{\" || type == \"}\") return popAndPass(type, stream, state);\n if (type == \"word\") override = \"tag\";\n else if (type == \"hash\") override = \"builtin\";\n return \"at\";\n };\n\n states.interpolation = function(type, stream, state) {\n if (type == \"}\") return popContext(state);\n if (type == \"{\" || type == \";\") return popAndPass(type, stream, state);\n if (type == \"word\") override = \"variable\";\n else if (type != \"variable\" && type != \"(\" && type != \")\") override = \"error\";\n return \"interpolation\";\n };\n\n return {\n startState: function(base) {\n return {tokenize: null,\n state: inline ? \"block\" : \"top\",\n stateArg: null,\n context: new Context(inline ? \"block\" : \"top\", base || 0, null)};\n },\n\n token: function(stream, state) {\n if (!state.tokenize && stream.eatSpace()) return null;\n var style = (state.tokenize || tokenBase)(stream, state);\n if (style && typeof style == \"object\") {\n type = style[1];\n style = style[0];\n }\n override = style;\n if (type != \"comment\")\n state.state = states[state.state](type, stream, state);\n return override;\n },\n\n indent: function(state, textAfter) {\n var cx = state.context, ch = textAfter && textAfter.charAt(0);\n var indent = cx.indent;\n if (cx.type == \"prop\" && (ch == \"}\" || ch == \")\")) cx = cx.prev;\n if (cx.prev) {\n if (ch == \"}\" && (cx.type == \"block\" || cx.type == \"top\" ||\n cx.type == \"interpolation\" || cx.type == \"restricted_atBlock\")) {\n // Resume indentation from parent context.\n cx = cx.prev;\n indent = cx.indent;\n } else if (ch == \")\" && (cx.type == \"parens\" || cx.type == \"atBlock_parens\") ||\n ch == \"{\" && (cx.type == \"at\" || cx.type == \"atBlock\")) {\n // Dedent relative to current context.\n indent = Math.max(0, cx.indent - indentUnit);\n }\n }\n return indent;\n },\n\n electricChars: \"}\",\n blockCommentStart: \"/*\",\n blockCommentEnd: \"*/\",\n blockCommentContinue: \" * \",\n lineComment: lineComment,\n fold: \"brace\"\n };\n});\n\n function keySet(array) {\n var keys = {};\n for (var i = 0; i < array.length; ++i) {\n keys[array[i].toLowerCase()] = true;\n }\n return keys;\n }\n\n var documentTypes_ = [\n \"domain\", \"regexp\", \"url\", \"url-prefix\"\n ], documentTypes = keySet(documentTypes_);\n\n var mediaTypes_ = [\n \"all\", \"aural\", \"braille\", \"handheld\", \"print\", \"projection\", \"screen\",\n \"tty\", \"tv\", \"embossed\"\n ], mediaTypes = keySet(mediaTypes_);\n\n var mediaFeatures_ = [\n \"width\", \"min-width\", \"max-width\", \"height\", \"min-height\", \"max-height\",\n \"device-width\", \"min-device-width\", \"max-device-width\", \"device-height\",\n \"min-device-height\", \"max-device-height\", \"aspect-ratio\",\n \"min-aspect-ratio\", \"max-aspect-ratio\", \"device-aspect-ratio\",\n \"min-device-aspect-ratio\", \"max-device-aspect-ratio\", \"color\", \"min-color\",\n \"max-color\", \"color-index\", \"min-color-index\", \"max-color-index\",\n \"monochrome\", \"min-monochrome\", \"max-monochrome\", \"resolution\",\n \"min-resolution\", \"max-resolution\", \"scan\", \"grid\", \"orientation\",\n \"device-pixel-ratio\", \"min-device-pixel-ratio\", \"max-device-pixel-ratio\",\n \"pointer\", \"any-pointer\", \"hover\", \"any-hover\", \"prefers-color-scheme\"\n ], mediaFeatures = keySet(mediaFeatures_);\n\n var mediaValueKeywords_ = [\n \"landscape\", \"portrait\", \"none\", \"coarse\", \"fine\", \"on-demand\", \"hover\",\n \"interlace\", \"progressive\",\n \"dark\", \"light\"\n ], mediaValueKeywords = keySet(mediaValueKeywords_);\n\n var propertyKeywords_ = [\n \"align-content\", \"align-items\", \"align-self\", \"alignment-adjust\",\n \"alignment-baseline\", \"all\", \"anchor-point\", \"animation\", \"animation-delay\",\n \"animation-direction\", \"animation-duration\", \"animation-fill-mode\",\n \"animation-iteration-count\", \"animation-name\", \"animation-play-state\",\n \"animation-timing-function\", \"appearance\", \"azimuth\", \"backdrop-filter\",\n \"backface-visibility\", \"background\", \"background-attachment\",\n \"background-blend-mode\", \"background-clip\", \"background-color\",\n \"background-image\", \"background-origin\", \"background-position\",\n \"background-position-x\", \"background-position-y\", \"background-repeat\",\n \"background-size\", \"baseline-shift\", \"binding\", \"bleed\", \"block-size\",\n \"bookmark-label\", \"bookmark-level\", \"bookmark-state\", \"bookmark-target\",\n \"border\", \"border-bottom\", \"border-bottom-color\", \"border-bottom-left-radius\",\n \"border-bottom-right-radius\", \"border-bottom-style\", \"border-bottom-width\",\n \"border-collapse\", \"border-color\", \"border-image\", \"border-image-outset\",\n \"border-image-repeat\", \"border-image-slice\", \"border-image-source\",\n \"border-image-width\", \"border-left\", \"border-left-color\", \"border-left-style\",\n \"border-left-width\", \"border-radius\", \"border-right\", \"border-right-color\",\n \"border-right-style\", \"border-right-width\", \"border-spacing\", \"border-style\",\n \"border-top\", \"border-top-color\", \"border-top-left-radius\",\n \"border-top-right-radius\", \"border-top-style\", \"border-top-width\",\n \"border-width\", \"bottom\", \"box-decoration-break\", \"box-shadow\", \"box-sizing\",\n \"break-after\", \"break-before\", \"break-inside\", \"caption-side\", \"caret-color\",\n \"clear\", \"clip\", \"color\", \"color-profile\", \"column-count\", \"column-fill\",\n \"column-gap\", \"column-rule\", \"column-rule-color\", \"column-rule-style\",\n \"column-rule-width\", \"column-span\", \"column-width\", \"columns\", \"contain\",\n \"content\", \"counter-increment\", \"counter-reset\", \"crop\", \"cue\", \"cue-after\",\n \"cue-before\", \"cursor\", \"direction\", \"display\", \"dominant-baseline\",\n \"drop-initial-after-adjust\", \"drop-initial-after-align\",\n \"drop-initial-before-adjust\", \"drop-initial-before-align\", \"drop-initial-size\",\n \"drop-initial-value\", \"elevation\", \"empty-cells\", \"fit\", \"fit-content\", \"fit-position\",\n \"flex\", \"flex-basis\", \"flex-direction\", \"flex-flow\", \"flex-grow\",\n \"flex-shrink\", \"flex-wrap\", \"float\", \"float-offset\", \"flow-from\", \"flow-into\",\n \"font\", \"font-family\", \"font-feature-settings\", \"font-kerning\",\n \"font-language-override\", \"font-optical-sizing\", \"font-size\",\n \"font-size-adjust\", \"font-stretch\", \"font-style\", \"font-synthesis\",\n \"font-variant\", \"font-variant-alternates\", \"font-variant-caps\",\n \"font-variant-east-asian\", \"font-variant-ligatures\", \"font-variant-numeric\",\n \"font-variant-position\", \"font-variation-settings\", \"font-weight\", \"gap\",\n \"grid\", \"grid-area\", \"grid-auto-columns\", \"grid-auto-flow\", \"grid-auto-rows\",\n \"grid-column\", \"grid-column-end\", \"grid-column-gap\", \"grid-column-start\",\n \"grid-gap\", \"grid-row\", \"grid-row-end\", \"grid-row-gap\", \"grid-row-start\",\n \"grid-template\", \"grid-template-areas\", \"grid-template-columns\",\n \"grid-template-rows\", \"hanging-punctuation\", \"height\", \"hyphens\", \"icon\",\n \"image-orientation\", \"image-rendering\", \"image-resolution\", \"inline-box-align\",\n \"inset\", \"inset-block\", \"inset-block-end\", \"inset-block-start\", \"inset-inline\",\n \"inset-inline-end\", \"inset-inline-start\", \"isolation\", \"justify-content\",\n \"justify-items\", \"justify-self\", \"left\", \"letter-spacing\", \"line-break\",\n \"line-height\", \"line-height-step\", \"line-stacking\", \"line-stacking-ruby\",\n \"line-stacking-shift\", \"line-stacking-strategy\", \"list-style\",\n \"list-style-image\", \"list-style-position\", \"list-style-type\", \"margin\",\n \"margin-bottom\", \"margin-left\", \"margin-right\", \"margin-top\", \"marks\",\n \"marquee-direction\", \"marquee-loop\", \"marquee-play-count\", \"marquee-speed\",\n \"marquee-style\", \"mask-clip\", \"mask-composite\", \"mask-image\", \"mask-mode\",\n \"mask-origin\", \"mask-position\", \"mask-repeat\", \"mask-size\",\"mask-type\",\n \"max-block-size\", \"max-height\", \"max-inline-size\",\n \"max-width\", \"min-block-size\", \"min-height\", \"min-inline-size\", \"min-width\",\n \"mix-blend-mode\", \"move-to\", \"nav-down\", \"nav-index\", \"nav-left\", \"nav-right\",\n \"nav-up\", \"object-fit\", \"object-position\", \"offset\", \"offset-anchor\",\n \"offset-distance\", \"offset-path\", \"offset-position\", \"offset-rotate\",\n \"opacity\", \"order\", \"orphans\", \"outline\", \"outline-color\", \"outline-offset\",\n \"outline-style\", \"outline-width\", \"overflow\", \"overflow-style\",\n \"overflow-wrap\", \"overflow-x\", \"overflow-y\", \"padding\", \"padding-bottom\",\n \"padding-left\", \"padding-right\", \"padding-top\", \"page\", \"page-break-after\",\n \"page-break-before\", \"page-break-inside\", \"page-policy\", \"pause\",\n \"pause-after\", \"pause-before\", \"perspective\", \"perspective-origin\", \"pitch\",\n \"pitch-range\", \"place-content\", \"place-items\", \"place-self\", \"play-during\",\n \"position\", \"presentation-level\", \"punctuation-trim\", \"quotes\",\n \"region-break-after\", \"region-break-before\", \"region-break-inside\",\n \"region-fragment\", \"rendering-intent\", \"resize\", \"rest\", \"rest-after\",\n \"rest-before\", \"richness\", \"right\", \"rotate\", \"rotation\", \"rotation-point\",\n \"row-gap\", \"ruby-align\", \"ruby-overhang\", \"ruby-position\", \"ruby-span\",\n \"scale\", \"scroll-behavior\", \"scroll-margin\", \"scroll-margin-block\",\n \"scroll-margin-block-end\", \"scroll-margin-block-start\", \"scroll-margin-bottom\",\n \"scroll-margin-inline\", \"scroll-margin-inline-end\",\n \"scroll-margin-inline-start\", \"scroll-margin-left\", \"scroll-margin-right\",\n \"scroll-margin-top\", \"scroll-padding\", \"scroll-padding-block\",\n \"scroll-padding-block-end\", \"scroll-padding-block-start\",\n \"scroll-padding-bottom\", \"scroll-padding-inline\", \"scroll-padding-inline-end\",\n \"scroll-padding-inline-start\", \"scroll-padding-left\", \"scroll-padding-right\",\n \"scroll-padding-top\", \"scroll-snap-align\", \"scroll-snap-type\",\n \"shape-image-threshold\", \"shape-inside\", \"shape-margin\", \"shape-outside\",\n \"size\", \"speak\", \"speak-as\", \"speak-header\", \"speak-numeral\",\n \"speak-punctuation\", \"speech-rate\", \"stress\", \"string-set\", \"tab-size\",\n \"table-layout\", \"target\", \"target-name\", \"target-new\", \"target-position\",\n \"text-align\", \"text-align-last\", \"text-combine-upright\", \"text-decoration\",\n \"text-decoration-color\", \"text-decoration-line\", \"text-decoration-skip\",\n \"text-decoration-skip-ink\", \"text-decoration-style\", \"text-emphasis\",\n \"text-emphasis-color\", \"text-emphasis-position\", \"text-emphasis-style\",\n \"text-height\", \"text-indent\", \"text-justify\", \"text-orientation\",\n \"text-outline\", \"text-overflow\", \"text-rendering\", \"text-shadow\",\n \"text-size-adjust\", \"text-space-collapse\", \"text-transform\",\n \"text-underline-position\", \"text-wrap\", \"top\", \"touch-action\", \"transform\", \"transform-origin\",\n \"transform-style\", \"transition\", \"transition-delay\", \"transition-duration\",\n \"transition-property\", \"transition-timing-function\", \"translate\",\n \"unicode-bidi\", \"user-select\", \"vertical-align\", \"visibility\", \"voice-balance\",\n \"voice-duration\", \"voice-family\", \"voice-pitch\", \"voice-range\", \"voice-rate\",\n \"voice-stress\", \"voice-volume\", \"volume\", \"white-space\", \"widows\", \"width\",\n \"will-change\", \"word-break\", \"word-spacing\", \"word-wrap\", \"writing-mode\", \"z-index\",\n // SVG-specific\n \"clip-path\", \"clip-rule\", \"mask\", \"enable-background\", \"filter\", \"flood-color\",\n \"flood-opacity\", \"lighting-color\", \"stop-color\", \"stop-opacity\", \"pointer-events\",\n \"color-interpolation\", \"color-interpolation-filters\",\n \"color-rendering\", \"fill\", \"fill-opacity\", \"fill-rule\", \"image-rendering\",\n \"marker\", \"marker-end\", \"marker-mid\", \"marker-start\", \"paint-order\", \"shape-rendering\", \"stroke\",\n \"stroke-dasharray\", \"stroke-dashoffset\", \"stroke-linecap\", \"stroke-linejoin\",\n \"stroke-miterlimit\", \"stroke-opacity\", \"stroke-width\", \"text-rendering\",\n \"baseline-shift\", \"dominant-baseline\", \"glyph-orientation-horizontal\",\n \"glyph-orientation-vertical\", \"text-anchor\", \"writing-mode\",\n ], propertyKeywords = keySet(propertyKeywords_);\n\n var nonStandardPropertyKeywords_ = [\n \"accent-color\", \"aspect-ratio\", \"border-block\", \"border-block-color\", \"border-block-end\",\n \"border-block-end-color\", \"border-block-end-style\", \"border-block-end-width\",\n \"border-block-start\", \"border-block-start-color\", \"border-block-start-style\",\n \"border-block-start-width\", \"border-block-style\", \"border-block-width\",\n \"border-inline\", \"border-inline-color\", \"border-inline-end\",\n \"border-inline-end-color\", \"border-inline-end-style\",\n \"border-inline-end-width\", \"border-inline-start\", \"border-inline-start-color\",\n \"border-inline-start-style\", \"border-inline-start-width\",\n \"border-inline-style\", \"border-inline-width\", \"content-visibility\", \"margin-block\",\n \"margin-block-end\", \"margin-block-start\", \"margin-inline\", \"margin-inline-end\",\n \"margin-inline-start\", \"overflow-anchor\", \"overscroll-behavior\", \"padding-block\", \"padding-block-end\",\n \"padding-block-start\", \"padding-inline\", \"padding-inline-end\",\n \"padding-inline-start\", \"scroll-snap-stop\", \"scrollbar-3d-light-color\",\n \"scrollbar-arrow-color\", \"scrollbar-base-color\", \"scrollbar-dark-shadow-color\",\n \"scrollbar-face-color\", \"scrollbar-highlight-color\", \"scrollbar-shadow-color\",\n \"scrollbar-track-color\", \"searchfield-cancel-button\", \"searchfield-decoration\",\n \"searchfield-results-button\", \"searchfield-results-decoration\", \"shape-inside\", \"zoom\"\n ], nonStandardPropertyKeywords = keySet(nonStandardPropertyKeywords_);\n\n var fontProperties_ = [\n \"font-display\", \"font-family\", \"src\", \"unicode-range\", \"font-variant\",\n \"font-feature-settings\", \"font-stretch\", \"font-weight\", \"font-style\"\n ], fontProperties = keySet(fontProperties_);\n\n var counterDescriptors_ = [\n \"additive-symbols\", \"fallback\", \"negative\", \"pad\", \"prefix\", \"range\",\n \"speak-as\", \"suffix\", \"symbols\", \"system\"\n ], counterDescriptors = keySet(counterDescriptors_);\n\n var colorKeywords_ = [\n \"aliceblue\", \"antiquewhite\", \"aqua\", \"aquamarine\", \"azure\", \"beige\",\n \"bisque\", \"black\", \"blanchedalmond\", \"blue\", \"blueviolet\", \"brown\",\n \"burlywood\", \"cadetblue\", \"chartreuse\", \"chocolate\", \"coral\", \"cornflowerblue\",\n \"cornsilk\", \"crimson\", \"cyan\", \"darkblue\", \"darkcyan\", \"darkgoldenrod\",\n \"darkgray\", \"darkgreen\", \"darkgrey\", \"darkkhaki\", \"darkmagenta\", \"darkolivegreen\",\n \"darkorange\", \"darkorchid\", \"darkred\", \"darksalmon\", \"darkseagreen\",\n \"darkslateblue\", \"darkslategray\", \"darkslategrey\", \"darkturquoise\", \"darkviolet\",\n \"deeppink\", \"deepskyblue\", \"dimgray\", \"dimgrey\", \"dodgerblue\", \"firebrick\",\n \"floralwhite\", \"forestgreen\", \"fuchsia\", \"gainsboro\", \"ghostwhite\",\n \"gold\", \"goldenrod\", \"gray\", \"grey\", \"green\", \"greenyellow\", \"honeydew\",\n \"hotpink\", \"indianred\", \"indigo\", \"ivory\", \"khaki\", \"lavender\",\n \"lavenderblush\", \"lawngreen\", \"lemonchiffon\", \"lightblue\", \"lightcoral\",\n \"lightcyan\", \"lightgoldenrodyellow\", \"lightgray\", \"lightgreen\", \"lightgrey\", \"lightpink\",\n \"lightsalmon\", \"lightseagreen\", \"lightskyblue\", \"lightslategray\", \"lightslategrey\",\n \"lightsteelblue\", \"lightyellow\", \"lime\", \"limegreen\", \"linen\", \"magenta\",\n \"maroon\", \"mediumaquamarine\", \"mediumblue\", \"mediumorchid\", \"mediumpurple\",\n \"mediumseagreen\", \"mediumslateblue\", \"mediumspringgreen\", \"mediumturquoise\",\n \"mediumvioletred\", \"midnightblue\", \"mintcream\", \"mistyrose\", \"moccasin\",\n \"navajowhite\", \"navy\", \"oldlace\", \"olive\", \"olivedrab\", \"orange\", \"orangered\",\n \"orchid\", \"palegoldenrod\", \"palegreen\", \"paleturquoise\", \"palevioletred\",\n \"papayawhip\", \"peachpuff\", \"peru\", \"pink\", \"plum\", \"powderblue\",\n \"purple\", \"rebeccapurple\", \"red\", \"rosybrown\", \"royalblue\", \"saddlebrown\",\n \"salmon\", \"sandybrown\", \"seagreen\", \"seashell\", \"sienna\", \"silver\", \"skyblue\",\n \"slateblue\", \"slategray\", \"slategrey\", \"snow\", \"springgreen\", \"steelblue\", \"tan\",\n \"teal\", \"thistle\", \"tomato\", \"turquoise\", \"violet\", \"wheat\", \"white\",\n \"whitesmoke\", \"yellow\", \"yellowgreen\"\n ], colorKeywords = keySet(colorKeywords_);\n\n var valueKeywords_ = [\n \"above\", \"absolute\", \"activeborder\", \"additive\", \"activecaption\", \"afar\",\n \"after-white-space\", \"ahead\", \"alias\", \"all\", \"all-scroll\", \"alphabetic\", \"alternate\",\n \"always\", \"amharic\", \"amharic-abegede\", \"antialiased\", \"appworkspace\",\n \"arabic-indic\", \"armenian\", \"asterisks\", \"attr\", \"auto\", \"auto-flow\", \"avoid\", \"avoid-column\", \"avoid-page\",\n \"avoid-region\", \"axis-pan\", \"background\", \"backwards\", \"baseline\", \"below\", \"bidi-override\", \"binary\",\n \"bengali\", \"blink\", \"block\", \"block-axis\", \"blur\", \"bold\", \"bolder\", \"border\", \"border-box\",\n \"both\", \"bottom\", \"break\", \"break-all\", \"break-word\", \"brightness\", \"bullets\", \"button\", \"button-bevel\",\n \"buttonface\", \"buttonhighlight\", \"buttonshadow\", \"buttontext\", \"calc\", \"cambodian\",\n \"capitalize\", \"caps-lock-indicator\", \"caption\", \"captiontext\", \"caret\",\n \"cell\", \"center\", \"checkbox\", \"circle\", \"cjk-decimal\", \"cjk-earthly-branch\",\n \"cjk-heavenly-stem\", \"cjk-ideographic\", \"clear\", \"clip\", \"close-quote\",\n \"col-resize\", \"collapse\", \"color\", \"color-burn\", \"color-dodge\", \"column\", \"column-reverse\",\n \"compact\", \"condensed\", \"contain\", \"content\", \"contents\",\n \"content-box\", \"context-menu\", \"continuous\", \"contrast\", \"copy\", \"counter\", \"counters\", \"cover\", \"crop\",\n \"cross\", \"crosshair\", \"cubic-bezier\", \"currentcolor\", \"cursive\", \"cyclic\", \"darken\", \"dashed\", \"decimal\",\n \"decimal-leading-zero\", \"default\", \"default-button\", \"dense\", \"destination-atop\",\n \"destination-in\", \"destination-out\", \"destination-over\", \"devanagari\", \"difference\",\n \"disc\", \"discard\", \"disclosure-closed\", \"disclosure-open\", \"document\",\n \"dot-dash\", \"dot-dot-dash\",\n \"dotted\", \"double\", \"down\", \"drop-shadow\", \"e-resize\", \"ease\", \"ease-in\", \"ease-in-out\", \"ease-out\",\n \"element\", \"ellipse\", \"ellipsis\", \"embed\", \"end\", \"ethiopic\", \"ethiopic-abegede\",\n \"ethiopic-abegede-am-et\", \"ethiopic-abegede-gez\", \"ethiopic-abegede-ti-er\",\n \"ethiopic-abegede-ti-et\", \"ethiopic-halehame-aa-er\",\n \"ethiopic-halehame-aa-et\", \"ethiopic-halehame-am-et\",\n \"ethiopic-halehame-gez\", \"ethiopic-halehame-om-et\",\n \"ethiopic-halehame-sid-et\", \"ethiopic-halehame-so-et\",\n \"ethiopic-halehame-ti-er\", \"ethiopic-halehame-ti-et\", \"ethiopic-halehame-tig\",\n \"ethiopic-numeric\", \"ew-resize\", \"exclusion\", \"expanded\", \"extends\", \"extra-condensed\",\n \"extra-expanded\", \"fantasy\", \"fast\", \"fill\", \"fill-box\", \"fixed\", \"flat\", \"flex\", \"flex-end\", \"flex-start\", \"footnotes\",\n \"forwards\", \"from\", \"geometricPrecision\", \"georgian\", \"grayscale\", \"graytext\", \"grid\", \"groove\",\n \"gujarati\", \"gurmukhi\", \"hand\", \"hangul\", \"hangul-consonant\", \"hard-light\", \"hebrew\",\n \"help\", \"hidden\", \"hide\", \"higher\", \"highlight\", \"highlighttext\",\n \"hiragana\", \"hiragana-iroha\", \"horizontal\", \"hsl\", \"hsla\", \"hue\", \"hue-rotate\", \"icon\", \"ignore\",\n \"inactiveborder\", \"inactivecaption\", \"inactivecaptiontext\", \"infinite\",\n \"infobackground\", \"infotext\", \"inherit\", \"initial\", \"inline\", \"inline-axis\",\n \"inline-block\", \"inline-flex\", \"inline-grid\", \"inline-table\", \"inset\", \"inside\", \"intrinsic\", \"invert\",\n \"italic\", \"japanese-formal\", \"japanese-informal\", \"justify\", \"kannada\",\n \"katakana\", \"katakana-iroha\", \"keep-all\", \"khmer\",\n \"korean-hangul-formal\", \"korean-hanja-formal\", \"korean-hanja-informal\",\n \"landscape\", \"lao\", \"large\", \"larger\", \"left\", \"level\", \"lighter\", \"lighten\",\n \"line-through\", \"linear\", \"linear-gradient\", \"lines\", \"list-item\", \"listbox\", \"listitem\",\n \"local\", \"logical\", \"loud\", \"lower\", \"lower-alpha\", \"lower-armenian\",\n \"lower-greek\", \"lower-hexadecimal\", \"lower-latin\", \"lower-norwegian\",\n \"lower-roman\", \"lowercase\", \"ltr\", \"luminosity\", \"malayalam\", \"manipulation\", \"match\", \"matrix\", \"matrix3d\",\n \"media-controls-background\", \"media-current-time-display\",\n \"media-fullscreen-button\", \"media-mute-button\", \"media-play-button\",\n \"media-return-to-realtime-button\", \"media-rewind-button\",\n \"media-seek-back-button\", \"media-seek-forward-button\", \"media-slider\",\n \"media-sliderthumb\", \"media-time-remaining-display\", \"media-volume-slider\",\n \"media-volume-slider-container\", \"media-volume-sliderthumb\", \"medium\",\n \"menu\", \"menulist\", \"menulist-button\", \"menulist-text\",\n \"menulist-textfield\", \"menutext\", \"message-box\", \"middle\", \"min-intrinsic\",\n \"mix\", \"mongolian\", \"monospace\", \"move\", \"multiple\", \"multiple_mask_images\", \"multiply\", \"myanmar\", \"n-resize\",\n \"narrower\", \"ne-resize\", \"nesw-resize\", \"no-close-quote\", \"no-drop\",\n \"no-open-quote\", \"no-repeat\", \"none\", \"normal\", \"not-allowed\", \"nowrap\",\n \"ns-resize\", \"numbers\", \"numeric\", \"nw-resize\", \"nwse-resize\", \"oblique\", \"octal\", \"opacity\", \"open-quote\",\n \"optimizeLegibility\", \"optimizeSpeed\", \"oriya\", \"oromo\", \"outset\",\n \"outside\", \"outside-shape\", \"overlay\", \"overline\", \"padding\", \"padding-box\",\n \"painted\", \"page\", \"paused\", \"persian\", \"perspective\", \"pinch-zoom\", \"plus-darker\", \"plus-lighter\",\n \"pointer\", \"polygon\", \"portrait\", \"pre\", \"pre-line\", \"pre-wrap\", \"preserve-3d\",\n \"progress\", \"push-button\", \"radial-gradient\", \"radio\", \"read-only\",\n \"read-write\", \"read-write-plaintext-only\", \"rectangle\", \"region\",\n \"relative\", \"repeat\", \"repeating-linear-gradient\",\n \"repeating-radial-gradient\", \"repeat-x\", \"repeat-y\", \"reset\", \"reverse\",\n \"rgb\", \"rgba\", \"ridge\", \"right\", \"rotate\", \"rotate3d\", \"rotateX\", \"rotateY\",\n \"rotateZ\", \"round\", \"row\", \"row-resize\", \"row-reverse\", \"rtl\", \"run-in\", \"running\",\n \"s-resize\", \"sans-serif\", \"saturate\", \"saturation\", \"scale\", \"scale3d\", \"scaleX\", \"scaleY\", \"scaleZ\", \"screen\",\n \"scroll\", \"scrollbar\", \"scroll-position\", \"se-resize\", \"searchfield\",\n \"searchfield-cancel-button\", \"searchfield-decoration\",\n \"searchfield-results-button\", \"searchfield-results-decoration\", \"self-start\", \"self-end\",\n \"semi-condensed\", \"semi-expanded\", \"separate\", \"sepia\", \"serif\", \"show\", \"sidama\",\n \"simp-chinese-formal\", \"simp-chinese-informal\", \"single\",\n \"skew\", \"skewX\", \"skewY\", \"skip-white-space\", \"slide\", \"slider-horizontal\",\n \"slider-vertical\", \"sliderthumb-horizontal\", \"sliderthumb-vertical\", \"slow\",\n \"small\", \"small-caps\", \"small-caption\", \"smaller\", \"soft-light\", \"solid\", \"somali\",\n \"source-atop\", \"source-in\", \"source-out\", \"source-over\", \"space\", \"space-around\", \"space-between\", \"space-evenly\", \"spell-out\", \"square\",\n \"square-button\", \"start\", \"static\", \"status-bar\", \"stretch\", \"stroke\", \"stroke-box\", \"sub\",\n \"subpixel-antialiased\", \"svg_masks\", \"super\", \"sw-resize\", \"symbolic\", \"symbols\", \"system-ui\", \"table\",\n \"table-caption\", \"table-cell\", \"table-column\", \"table-column-group\",\n \"table-footer-group\", \"table-header-group\", \"table-row\", \"table-row-group\",\n \"tamil\",\n \"telugu\", \"text\", \"text-bottom\", \"text-top\", \"textarea\", \"textfield\", \"thai\",\n \"thick\", \"thin\", \"threeddarkshadow\", \"threedface\", \"threedhighlight\",\n \"threedlightshadow\", \"threedshadow\", \"tibetan\", \"tigre\", \"tigrinya-er\",\n \"tigrinya-er-abegede\", \"tigrinya-et\", \"tigrinya-et-abegede\", \"to\", \"top\",\n \"trad-chinese-formal\", \"trad-chinese-informal\", \"transform\",\n \"translate\", \"translate3d\", \"translateX\", \"translateY\", \"translateZ\",\n \"transparent\", \"ultra-condensed\", \"ultra-expanded\", \"underline\", \"unidirectional-pan\", \"unset\", \"up\",\n \"upper-alpha\", \"upper-armenian\", \"upper-greek\", \"upper-hexadecimal\",\n \"upper-latin\", \"upper-norwegian\", \"upper-roman\", \"uppercase\", \"urdu\", \"url\",\n \"var\", \"vertical\", \"vertical-text\", \"view-box\", \"visible\", \"visibleFill\", \"visiblePainted\",\n \"visibleStroke\", \"visual\", \"w-resize\", \"wait\", \"wave\", \"wider\",\n \"window\", \"windowframe\", \"windowtext\", \"words\", \"wrap\", \"wrap-reverse\", \"x-large\", \"x-small\", \"xor\",\n \"xx-large\", \"xx-small\"\n ], valueKeywords = keySet(valueKeywords_);\n\n var allWords = documentTypes_.concat(mediaTypes_).concat(mediaFeatures_).concat(mediaValueKeywords_)\n .concat(propertyKeywords_).concat(nonStandardPropertyKeywords_).concat(colorKeywords_)\n .concat(valueKeywords_);\n CodeMirror.registerHelper(\"hintWords\", \"css\", allWords);\n\n function tokenCComment(stream, state) {\n var maybeEnd = false, ch;\n while ((ch = stream.next()) != null) {\n if (maybeEnd && ch == \"/\") {\n state.tokenize = null;\n break;\n }\n maybeEnd = (ch == \"*\");\n }\n return [\"comment\", \"comment\"];\n }\n\n CodeMirror.defineMIME(\"text/css\", {\n documentTypes: documentTypes,\n mediaTypes: mediaTypes,\n mediaFeatures: mediaFeatures,\n mediaValueKeywords: mediaValueKeywords,\n propertyKeywords: propertyKeywords,\n nonStandardPropertyKeywords: nonStandardPropertyKeywords,\n fontProperties: fontProperties,\n counterDescriptors: counterDescriptors,\n colorKeywords: colorKeywords,\n valueKeywords: valueKeywords,\n tokenHooks: {\n \"/\": function(stream, state) {\n if (!stream.eat(\"*\")) return false;\n state.tokenize = tokenCComment;\n return tokenCComment(stream, state);\n }\n },\n name: \"css\"\n });\n\n CodeMirror.defineMIME(\"text/x-scss\", {\n mediaTypes: mediaTypes,\n mediaFeatures: mediaFeatures,\n mediaValueKeywords: mediaValueKeywords,\n propertyKeywords: propertyKeywords,\n nonStandardPropertyKeywords: nonStandardPropertyKeywords,\n colorKeywords: colorKeywords,\n valueKeywords: valueKeywords,\n fontProperties: fontProperties,\n allowNested: true,\n lineComment: \"//\",\n tokenHooks: {\n \"/\": function(stream, state) {\n if (stream.eat(\"/\")) {\n stream.skipToEnd();\n return [\"comment\", \"comment\"];\n } else if (stream.eat(\"*\")) {\n state.tokenize = tokenCComment;\n return tokenCComment(stream, state);\n } else {\n return [\"operator\", \"operator\"];\n }\n },\n \":\": function(stream) {\n if (stream.match(/^\\s*\\{/, false))\n return [null, null]\n return false;\n },\n \"$\": function(stream) {\n stream.match(/^[\\w-]+/);\n if (stream.match(/^\\s*:/, false))\n return [\"variable-2\", \"variable-definition\"];\n return [\"variable-2\", \"variable\"];\n },\n \"#\": function(stream) {\n if (!stream.eat(\"{\")) return false;\n return [null, \"interpolation\"];\n }\n },\n name: \"css\",\n helperType: \"scss\"\n });\n\n CodeMirror.defineMIME(\"text/x-less\", {\n mediaTypes: mediaTypes,\n mediaFeatures: mediaFeatures,\n mediaValueKeywords: mediaValueKeywords,\n propertyKeywords: propertyKeywords,\n nonStandardPropertyKeywords: nonStandardPropertyKeywords,\n colorKeywords: colorKeywords,\n valueKeywords: valueKeywords,\n fontProperties: fontProperties,\n allowNested: true,\n lineComment: \"//\",\n tokenHooks: {\n \"/\": function(stream, state) {\n if (stream.eat(\"/\")) {\n stream.skipToEnd();\n return [\"comment\", \"comment\"];\n } else if (stream.eat(\"*\")) {\n state.tokenize = tokenCComment;\n return tokenCComment(stream, state);\n } else {\n return [\"operator\", \"operator\"];\n }\n },\n \"@\": function(stream) {\n if (stream.eat(\"{\")) return [null, \"interpolation\"];\n if (stream.match(/^(charset|document|font-face|import|(-(moz|ms|o|webkit)-)?keyframes|media|namespace|page|supports)\\b/i, false)) return false;\n stream.eatWhile(/[\\w\\\\\\-]/);\n if (stream.match(/^\\s*:/, false))\n return [\"variable-2\", \"variable-definition\"];\n return [\"variable-2\", \"variable\"];\n },\n \"&\": function() {\n return [\"atom\", \"atom\"];\n }\n },\n name: \"css\",\n helperType: \"less\"\n });\n\n CodeMirror.defineMIME(\"text/x-gss\", {\n documentTypes: documentTypes,\n mediaTypes: mediaTypes,\n mediaFeatures: mediaFeatures,\n propertyKeywords: propertyKeywords,\n nonStandardPropertyKeywords: nonStandardPropertyKeywords,\n fontProperties: fontProperties,\n counterDescriptors: counterDescriptors,\n colorKeywords: colorKeywords,\n valueKeywords: valueKeywords,\n supportsAtComponent: true,\n tokenHooks: {\n \"/\": function(stream, state) {\n if (!stream.eat(\"*\")) return false;\n state.tokenize = tokenCComment;\n return tokenCComment(stream, state);\n }\n },\n name: \"css\",\n helperType: \"gss\"\n });\n\n});\n","'use strict';\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = convertNodeToElement;\n\nvar _elementTypes = require('./elementTypes');\n\nvar _elementTypes2 = _interopRequireDefault(_elementTypes);\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n/**\n * Converts a htmlparser2 node to a React element\n *\n * @param {Object} node The htmlparser2 node to convert\n * @param {Number} index The index of the current node\n * @param {Function} transform Transform function to apply to children of the node\n * @returns {React.Element}\n */\nfunction convertNodeToElement(node, index, transform) {\n return _elementTypes2.default[node.type](node, index, transform);\n}","var Tokenizer = require(\"./Tokenizer.js\");\n\n/*\n\tOptions:\n\n\txmlMode: Disables the special behavior for script/style tags (false by default)\n\tlowerCaseAttributeNames: call .toLowerCase for each attribute name (true if xmlMode is `false`)\n\tlowerCaseTags: call .toLowerCase for each tag name (true if xmlMode is `false`)\n*/\n\n/*\n\tCallbacks:\n\n\toncdataend,\n\toncdatastart,\n\tonclosetag,\n\toncomment,\n\toncommentend,\n\tonerror,\n\tonopentag,\n\tonprocessinginstruction,\n\tonreset,\n\tontext\n*/\n\nvar formTags = {\n input: true,\n option: true,\n optgroup: true,\n select: true,\n button: true,\n datalist: true,\n textarea: true\n};\n\nvar openImpliesClose = {\n tr: { tr: true, th: true, td: true },\n th: { th: true },\n td: { thead: true, th: true, td: true },\n body: { head: true, link: true, script: true },\n li: { li: true },\n p: { p: true },\n h1: { p: true },\n h2: { p: true },\n h3: { p: true },\n h4: { p: true },\n h5: { p: true },\n h6: { p: true },\n select: formTags,\n input: formTags,\n output: formTags,\n button: formTags,\n datalist: formTags,\n textarea: formTags,\n option: { option: true },\n optgroup: { optgroup: true }\n};\n\nvar voidElements = {\n __proto__: null,\n area: true,\n base: true,\n basefont: true,\n br: true,\n col: true,\n command: true,\n embed: true,\n frame: true,\n hr: true,\n img: true,\n input: true,\n isindex: true,\n keygen: true,\n link: true,\n meta: true,\n param: true,\n source: true,\n track: true,\n wbr: true\n};\n\nvar foreignContextElements = {\n __proto__: null,\n math: true,\n svg: true\n};\nvar htmlIntegrationElements = {\n __proto__: null,\n mi: true,\n mo: true,\n mn: true,\n ms: true,\n mtext: true,\n \"annotation-xml\": true,\n foreignObject: true,\n desc: true,\n title: true\n};\n\nvar re_nameEnd = /\\s|\\//;\n\nfunction Parser(cbs, options) {\n this._options = options || {};\n this._cbs = cbs || {};\n\n this._tagname = \"\";\n this._attribname = \"\";\n this._attribvalue = \"\";\n this._attribs = null;\n this._stack = [];\n this._foreignContext = [];\n\n this.startIndex = 0;\n this.endIndex = null;\n\n this._lowerCaseTagNames =\n \"lowerCaseTags\" in this._options\n ? !!this._options.lowerCaseTags\n : !this._options.xmlMode;\n this._lowerCaseAttributeNames =\n \"lowerCaseAttributeNames\" in this._options\n ? !!this._options.lowerCaseAttributeNames\n : !this._options.xmlMode;\n\n if (this._options.Tokenizer) {\n Tokenizer = this._options.Tokenizer;\n }\n this._tokenizer = new Tokenizer(this._options, this);\n\n if (this._cbs.onparserinit) this._cbs.onparserinit(this);\n}\n\nrequire(\"inherits\")(Parser, require(\"events\").EventEmitter);\n\nParser.prototype._updatePosition = function(initialOffset) {\n if (this.endIndex === null) {\n if (this._tokenizer._sectionStart <= initialOffset) {\n this.startIndex = 0;\n } else {\n this.startIndex = this._tokenizer._sectionStart - initialOffset;\n }\n } else this.startIndex = this.endIndex + 1;\n this.endIndex = this._tokenizer.getAbsoluteIndex();\n};\n\n//Tokenizer event handlers\nParser.prototype.ontext = function(data) {\n this._updatePosition(1);\n this.endIndex--;\n\n if (this._cbs.ontext) this._cbs.ontext(data);\n};\n\nParser.prototype.onopentagname = function(name) {\n if (this._lowerCaseTagNames) {\n name = name.toLowerCase();\n }\n\n this._tagname = name;\n\n if (!this._options.xmlMode && name in openImpliesClose) {\n for (\n var el;\n (el = this._stack[this._stack.length - 1]) in\n openImpliesClose[name];\n this.onclosetag(el)\n );\n }\n\n if (this._options.xmlMode || !(name in voidElements)) {\n this._stack.push(name);\n if (name in foreignContextElements) this._foreignContext.push(true);\n else if (name in htmlIntegrationElements)\n this._foreignContext.push(false);\n }\n\n if (this._cbs.onopentagname) this._cbs.onopentagname(name);\n if (this._cbs.onopentag) this._attribs = {};\n};\n\nParser.prototype.onopentagend = function() {\n this._updatePosition(1);\n\n if (this._attribs) {\n if (this._cbs.onopentag)\n this._cbs.onopentag(this._tagname, this._attribs);\n this._attribs = null;\n }\n\n if (\n !this._options.xmlMode &&\n this._cbs.onclosetag &&\n this._tagname in voidElements\n ) {\n this._cbs.onclosetag(this._tagname);\n }\n\n this._tagname = \"\";\n};\n\nParser.prototype.onclosetag = function(name) {\n this._updatePosition(1);\n\n if (this._lowerCaseTagNames) {\n name = name.toLowerCase();\n }\n \n if (name in foreignContextElements || name in htmlIntegrationElements) {\n this._foreignContext.pop();\n }\n\n if (\n this._stack.length &&\n (!(name in voidElements) || this._options.xmlMode)\n ) {\n var pos = this._stack.lastIndexOf(name);\n if (pos !== -1) {\n if (this._cbs.onclosetag) {\n pos = this._stack.length - pos;\n while (pos--) this._cbs.onclosetag(this._stack.pop());\n } else this._stack.length = pos;\n } else if (name === \"p\" && !this._options.xmlMode) {\n this.onopentagname(name);\n this._closeCurrentTag();\n }\n } else if (!this._options.xmlMode && (name === \"br\" || name === \"p\")) {\n this.onopentagname(name);\n this._closeCurrentTag();\n }\n};\n\nParser.prototype.onselfclosingtag = function() {\n if (\n this._options.xmlMode ||\n this._options.recognizeSelfClosing ||\n this._foreignContext[this._foreignContext.length - 1]\n ) {\n this._closeCurrentTag();\n } else {\n this.onopentagend();\n }\n};\n\nParser.prototype._closeCurrentTag = function() {\n var name = this._tagname;\n\n this.onopentagend();\n\n //self-closing tags will be on the top of the stack\n //(cheaper check than in onclosetag)\n if (this._stack[this._stack.length - 1] === name) {\n if (this._cbs.onclosetag) {\n this._cbs.onclosetag(name);\n }\n this._stack.pop();\n \n }\n};\n\nParser.prototype.onattribname = function(name) {\n if (this._lowerCaseAttributeNames) {\n name = name.toLowerCase();\n }\n this._attribname = name;\n};\n\nParser.prototype.onattribdata = function(value) {\n this._attribvalue += value;\n};\n\nParser.prototype.onattribend = function() {\n if (this._cbs.onattribute)\n this._cbs.onattribute(this._attribname, this._attribvalue);\n if (\n this._attribs &&\n !Object.prototype.hasOwnProperty.call(this._attribs, this._attribname)\n ) {\n this._attribs[this._attribname] = this._attribvalue;\n }\n this._attribname = \"\";\n this._attribvalue = \"\";\n};\n\nParser.prototype._getInstructionName = function(value) {\n var idx = value.search(re_nameEnd),\n name = idx < 0 ? value : value.substr(0, idx);\n\n if (this._lowerCaseTagNames) {\n name = name.toLowerCase();\n }\n\n return name;\n};\n\nParser.prototype.ondeclaration = function(value) {\n if (this._cbs.onprocessinginstruction) {\n var name = this._getInstructionName(value);\n this._cbs.onprocessinginstruction(\"!\" + name, \"!\" + value);\n }\n};\n\nParser.prototype.onprocessinginstruction = function(value) {\n if (this._cbs.onprocessinginstruction) {\n var name = this._getInstructionName(value);\n this._cbs.onprocessinginstruction(\"?\" + name, \"?\" + value);\n }\n};\n\nParser.prototype.oncomment = function(value) {\n this._updatePosition(4);\n\n if (this._cbs.oncomment) this._cbs.oncomment(value);\n if (this._cbs.oncommentend) this._cbs.oncommentend();\n};\n\nParser.prototype.oncdata = function(value) {\n this._updatePosition(1);\n\n if (this._options.xmlMode || this._options.recognizeCDATA) {\n if (this._cbs.oncdatastart) this._cbs.oncdatastart();\n if (this._cbs.ontext) this._cbs.ontext(value);\n if (this._cbs.oncdataend) this._cbs.oncdataend();\n } else {\n this.oncomment(\"[CDATA[\" + value + \"]]\");\n }\n};\n\nParser.prototype.onerror = function(err) {\n if (this._cbs.onerror) this._cbs.onerror(err);\n};\n\nParser.prototype.onend = function() {\n if (this._cbs.onclosetag) {\n for (\n var i = this._stack.length;\n i > 0;\n this._cbs.onclosetag(this._stack[--i])\n );\n }\n if (this._cbs.onend) this._cbs.onend();\n};\n\n//Resets the parser to a blank state, ready to parse a new HTML document\nParser.prototype.reset = function() {\n if (this._cbs.onreset) this._cbs.onreset();\n this._tokenizer.reset();\n\n this._tagname = \"\";\n this._attribname = \"\";\n this._attribs = null;\n this._stack = [];\n\n if (this._cbs.onparserinit) this._cbs.onparserinit(this);\n};\n\n//Parses a complete HTML document and pushes it to the handler\nParser.prototype.parseComplete = function(data) {\n this.reset();\n this.end(data);\n};\n\nParser.prototype.write = function(chunk) {\n this._tokenizer.write(chunk);\n};\n\nParser.prototype.end = function(chunk) {\n this._tokenizer.end(chunk);\n};\n\nParser.prototype.pause = function() {\n this._tokenizer.pause();\n};\n\nParser.prototype.resume = function() {\n this._tokenizer.resume();\n};\n\n//alias for backwards compat\nParser.prototype.parseChunk = Parser.prototype.write;\nParser.prototype.done = Parser.prototype.end;\n\nmodule.exports = Parser;\n","module.exports = Tokenizer;\n\nvar decodeCodePoint = require(\"entities/lib/decode_codepoint.js\");\nvar entityMap = require(\"entities/maps/entities.json\");\nvar legacyMap = require(\"entities/maps/legacy.json\");\nvar xmlMap = require(\"entities/maps/xml.json\");\n\nvar i = 0;\n\nvar TEXT = i++;\nvar BEFORE_TAG_NAME = i++; //after <\nvar IN_TAG_NAME = i++;\nvar IN_SELF_CLOSING_TAG = i++;\nvar BEFORE_CLOSING_TAG_NAME = i++;\nvar IN_CLOSING_TAG_NAME = i++;\nvar AFTER_CLOSING_TAG_NAME = i++;\n\n//attributes\nvar BEFORE_ATTRIBUTE_NAME = i++;\nvar IN_ATTRIBUTE_NAME = i++;\nvar AFTER_ATTRIBUTE_NAME = i++;\nvar BEFORE_ATTRIBUTE_VALUE = i++;\nvar IN_ATTRIBUTE_VALUE_DQ = i++; // \"\nvar IN_ATTRIBUTE_VALUE_SQ = i++; // '\nvar IN_ATTRIBUTE_VALUE_NQ = i++;\n\n//declarations\nvar BEFORE_DECLARATION = i++; // !\nvar IN_DECLARATION = i++;\n\n//processing instructions\nvar IN_PROCESSING_INSTRUCTION = i++; // ?\n\n//comments\nvar BEFORE_COMMENT = i++;\nvar IN_COMMENT = i++;\nvar AFTER_COMMENT_1 = i++;\nvar AFTER_COMMENT_2 = i++;\n\n//cdata\nvar BEFORE_CDATA_1 = i++; // [\nvar BEFORE_CDATA_2 = i++; // C\nvar BEFORE_CDATA_3 = i++; // D\nvar BEFORE_CDATA_4 = i++; // A\nvar BEFORE_CDATA_5 = i++; // T\nvar BEFORE_CDATA_6 = i++; // A\nvar IN_CDATA = i++; // [\nvar AFTER_CDATA_1 = i++; // ]\nvar AFTER_CDATA_2 = i++; // ]\n\n//special tags\nvar BEFORE_SPECIAL = i++; //S\nvar BEFORE_SPECIAL_END = i++; //S\n\nvar BEFORE_SCRIPT_1 = i++; //C\nvar BEFORE_SCRIPT_2 = i++; //R\nvar BEFORE_SCRIPT_3 = i++; //I\nvar BEFORE_SCRIPT_4 = i++; //P\nvar BEFORE_SCRIPT_5 = i++; //T\nvar AFTER_SCRIPT_1 = i++; //C\nvar AFTER_SCRIPT_2 = i++; //R\nvar AFTER_SCRIPT_3 = i++; //I\nvar AFTER_SCRIPT_4 = i++; //P\nvar AFTER_SCRIPT_5 = i++; //T\n\nvar BEFORE_STYLE_1 = i++; //T\nvar BEFORE_STYLE_2 = i++; //Y\nvar BEFORE_STYLE_3 = i++; //L\nvar BEFORE_STYLE_4 = i++; //E\nvar AFTER_STYLE_1 = i++; //T\nvar AFTER_STYLE_2 = i++; //Y\nvar AFTER_STYLE_3 = i++; //L\nvar AFTER_STYLE_4 = i++; //E\n\nvar BEFORE_ENTITY = i++; //&\nvar BEFORE_NUMERIC_ENTITY = i++; //#\nvar IN_NAMED_ENTITY = i++;\nvar IN_NUMERIC_ENTITY = i++;\nvar IN_HEX_ENTITY = i++; //X\n\nvar j = 0;\n\nvar SPECIAL_NONE = j++;\nvar SPECIAL_SCRIPT = j++;\nvar SPECIAL_STYLE = j++;\n\nfunction whitespace(c) {\n return c === \" \" || c === \"\\n\" || c === \"\\t\" || c === \"\\f\" || c === \"\\r\";\n}\n\nfunction ifElseState(upper, SUCCESS, FAILURE) {\n var lower = upper.toLowerCase();\n\n if (upper === lower) {\n return function(c) {\n if (c === lower) {\n this._state = SUCCESS;\n } else {\n this._state = FAILURE;\n this._index--;\n }\n };\n } else {\n return function(c) {\n if (c === lower || c === upper) {\n this._state = SUCCESS;\n } else {\n this._state = FAILURE;\n this._index--;\n }\n };\n }\n}\n\nfunction consumeSpecialNameChar(upper, NEXT_STATE) {\n var lower = upper.toLowerCase();\n\n return function(c) {\n if (c === lower || c === upper) {\n this._state = NEXT_STATE;\n } else {\n this._state = IN_TAG_NAME;\n this._index--; //consume the token again\n }\n };\n}\n\nfunction Tokenizer(options, cbs) {\n this._state = TEXT;\n this._buffer = \"\";\n this._sectionStart = 0;\n this._index = 0;\n this._bufferOffset = 0; //chars removed from _buffer\n this._baseState = TEXT;\n this._special = SPECIAL_NONE;\n this._cbs = cbs;\n this._running = true;\n this._ended = false;\n this._xmlMode = !!(options && options.xmlMode);\n this._decodeEntities = !!(options && options.decodeEntities);\n}\n\nTokenizer.prototype._stateText = function(c) {\n if (c === \"<\") {\n if (this._index > this._sectionStart) {\n this._cbs.ontext(this._getSection());\n }\n this._state = BEFORE_TAG_NAME;\n this._sectionStart = this._index;\n } else if (\n this._decodeEntities &&\n this._special === SPECIAL_NONE &&\n c === \"&\"\n ) {\n if (this._index > this._sectionStart) {\n this._cbs.ontext(this._getSection());\n }\n this._baseState = TEXT;\n this._state = BEFORE_ENTITY;\n this._sectionStart = this._index;\n }\n};\n\nTokenizer.prototype._stateBeforeTagName = function(c) {\n if (c === \"/\") {\n this._state = BEFORE_CLOSING_TAG_NAME;\n } else if (c === \"<\") {\n this._cbs.ontext(this._getSection());\n this._sectionStart = this._index;\n } else if (c === \">\" || this._special !== SPECIAL_NONE || whitespace(c)) {\n this._state = TEXT;\n } else if (c === \"!\") {\n this._state = BEFORE_DECLARATION;\n this._sectionStart = this._index + 1;\n } else if (c === \"?\") {\n this._state = IN_PROCESSING_INSTRUCTION;\n this._sectionStart = this._index + 1;\n } else {\n this._state =\n !this._xmlMode && (c === \"s\" || c === \"S\")\n ? BEFORE_SPECIAL\n : IN_TAG_NAME;\n this._sectionStart = this._index;\n }\n};\n\nTokenizer.prototype._stateInTagName = function(c) {\n if (c === \"/\" || c === \">\" || whitespace(c)) {\n this._emitToken(\"onopentagname\");\n this._state = BEFORE_ATTRIBUTE_NAME;\n this._index--;\n }\n};\n\nTokenizer.prototype._stateBeforeCloseingTagName = function(c) {\n if (whitespace(c));\n else if (c === \">\") {\n this._state = TEXT;\n } else if (this._special !== SPECIAL_NONE) {\n if (c === \"s\" || c === \"S\") {\n this._state = BEFORE_SPECIAL_END;\n } else {\n this._state = TEXT;\n this._index--;\n }\n } else {\n this._state = IN_CLOSING_TAG_NAME;\n this._sectionStart = this._index;\n }\n};\n\nTokenizer.prototype._stateInCloseingTagName = function(c) {\n if (c === \">\" || whitespace(c)) {\n this._emitToken(\"onclosetag\");\n this._state = AFTER_CLOSING_TAG_NAME;\n this._index--;\n }\n};\n\nTokenizer.prototype._stateAfterCloseingTagName = function(c) {\n //skip everything until \">\"\n if (c === \">\") {\n this._state = TEXT;\n this._sectionStart = this._index + 1;\n }\n};\n\nTokenizer.prototype._stateBeforeAttributeName = function(c) {\n if (c === \">\") {\n this._cbs.onopentagend();\n this._state = TEXT;\n this._sectionStart = this._index + 1;\n } else if (c === \"/\") {\n this._state = IN_SELF_CLOSING_TAG;\n } else if (!whitespace(c)) {\n this._state = IN_ATTRIBUTE_NAME;\n this._sectionStart = this._index;\n }\n};\n\nTokenizer.prototype._stateInSelfClosingTag = function(c) {\n if (c === \">\") {\n this._cbs.onselfclosingtag();\n this._state = TEXT;\n this._sectionStart = this._index + 1;\n } else if (!whitespace(c)) {\n this._state = BEFORE_ATTRIBUTE_NAME;\n this._index--;\n }\n};\n\nTokenizer.prototype._stateInAttributeName = function(c) {\n if (c === \"=\" || c === \"/\" || c === \">\" || whitespace(c)) {\n this._cbs.onattribname(this._getSection());\n this._sectionStart = -1;\n this._state = AFTER_ATTRIBUTE_NAME;\n this._index--;\n }\n};\n\nTokenizer.prototype._stateAfterAttributeName = function(c) {\n if (c === \"=\") {\n this._state = BEFORE_ATTRIBUTE_VALUE;\n } else if (c === \"/\" || c === \">\") {\n this._cbs.onattribend();\n this._state = BEFORE_ATTRIBUTE_NAME;\n this._index--;\n } else if (!whitespace(c)) {\n this._cbs.onattribend();\n this._state = IN_ATTRIBUTE_NAME;\n this._sectionStart = this._index;\n }\n};\n\nTokenizer.prototype._stateBeforeAttributeValue = function(c) {\n if (c === '\"') {\n this._state = IN_ATTRIBUTE_VALUE_DQ;\n this._sectionStart = this._index + 1;\n } else if (c === \"'\") {\n this._state = IN_ATTRIBUTE_VALUE_SQ;\n this._sectionStart = this._index + 1;\n } else if (!whitespace(c)) {\n this._state = IN_ATTRIBUTE_VALUE_NQ;\n this._sectionStart = this._index;\n this._index--; //reconsume token\n }\n};\n\nTokenizer.prototype._stateInAttributeValueDoubleQuotes = function(c) {\n if (c === '\"') {\n this._emitToken(\"onattribdata\");\n this._cbs.onattribend();\n this._state = BEFORE_ATTRIBUTE_NAME;\n } else if (this._decodeEntities && c === \"&\") {\n this._emitToken(\"onattribdata\");\n this._baseState = this._state;\n this._state = BEFORE_ENTITY;\n this._sectionStart = this._index;\n }\n};\n\nTokenizer.prototype._stateInAttributeValueSingleQuotes = function(c) {\n if (c === \"'\") {\n this._emitToken(\"onattribdata\");\n this._cbs.onattribend();\n this._state = BEFORE_ATTRIBUTE_NAME;\n } else if (this._decodeEntities && c === \"&\") {\n this._emitToken(\"onattribdata\");\n this._baseState = this._state;\n this._state = BEFORE_ENTITY;\n this._sectionStart = this._index;\n }\n};\n\nTokenizer.prototype._stateInAttributeValueNoQuotes = function(c) {\n if (whitespace(c) || c === \">\") {\n this._emitToken(\"onattribdata\");\n this._cbs.onattribend();\n this._state = BEFORE_ATTRIBUTE_NAME;\n this._index--;\n } else if (this._decodeEntities && c === \"&\") {\n this._emitToken(\"onattribdata\");\n this._baseState = this._state;\n this._state = BEFORE_ENTITY;\n this._sectionStart = this._index;\n }\n};\n\nTokenizer.prototype._stateBeforeDeclaration = function(c) {\n this._state =\n c === \"[\"\n ? BEFORE_CDATA_1\n : c === \"-\"\n ? BEFORE_COMMENT\n : IN_DECLARATION;\n};\n\nTokenizer.prototype._stateInDeclaration = function(c) {\n if (c === \">\") {\n this._cbs.ondeclaration(this._getSection());\n this._state = TEXT;\n this._sectionStart = this._index + 1;\n }\n};\n\nTokenizer.prototype._stateInProcessingInstruction = function(c) {\n if (c === \">\") {\n this._cbs.onprocessinginstruction(this._getSection());\n this._state = TEXT;\n this._sectionStart = this._index + 1;\n }\n};\n\nTokenizer.prototype._stateBeforeComment = function(c) {\n if (c === \"-\") {\n this._state = IN_COMMENT;\n this._sectionStart = this._index + 1;\n } else {\n this._state = IN_DECLARATION;\n }\n};\n\nTokenizer.prototype._stateInComment = function(c) {\n if (c === \"-\") this._state = AFTER_COMMENT_1;\n};\n\nTokenizer.prototype._stateAfterComment1 = function(c) {\n if (c === \"-\") {\n this._state = AFTER_COMMENT_2;\n } else {\n this._state = IN_COMMENT;\n }\n};\n\nTokenizer.prototype._stateAfterComment2 = function(c) {\n if (c === \">\") {\n //remove 2 trailing chars\n this._cbs.oncomment(\n this._buffer.substring(this._sectionStart, this._index - 2)\n );\n this._state = TEXT;\n this._sectionStart = this._index + 1;\n } else if (c !== \"-\") {\n this._state = IN_COMMENT;\n }\n // else: stay in AFTER_COMMENT_2 (`--->`)\n};\n\nTokenizer.prototype._stateBeforeCdata1 = ifElseState(\n \"C\",\n BEFORE_CDATA_2,\n IN_DECLARATION\n);\nTokenizer.prototype._stateBeforeCdata2 = ifElseState(\n \"D\",\n BEFORE_CDATA_3,\n IN_DECLARATION\n);\nTokenizer.prototype._stateBeforeCdata3 = ifElseState(\n \"A\",\n BEFORE_CDATA_4,\n IN_DECLARATION\n);\nTokenizer.prototype._stateBeforeCdata4 = ifElseState(\n \"T\",\n BEFORE_CDATA_5,\n IN_DECLARATION\n);\nTokenizer.prototype._stateBeforeCdata5 = ifElseState(\n \"A\",\n BEFORE_CDATA_6,\n IN_DECLARATION\n);\n\nTokenizer.prototype._stateBeforeCdata6 = function(c) {\n if (c === \"[\") {\n this._state = IN_CDATA;\n this._sectionStart = this._index + 1;\n } else {\n this._state = IN_DECLARATION;\n this._index--;\n }\n};\n\nTokenizer.prototype._stateInCdata = function(c) {\n if (c === \"]\") this._state = AFTER_CDATA_1;\n};\n\nTokenizer.prototype._stateAfterCdata1 = function(c) {\n if (c === \"]\") this._state = AFTER_CDATA_2;\n else this._state = IN_CDATA;\n};\n\nTokenizer.prototype._stateAfterCdata2 = function(c) {\n if (c === \">\") {\n //remove 2 trailing chars\n this._cbs.oncdata(\n this._buffer.substring(this._sectionStart, this._index - 2)\n );\n this._state = TEXT;\n this._sectionStart = this._index + 1;\n } else if (c !== \"]\") {\n this._state = IN_CDATA;\n }\n //else: stay in AFTER_CDATA_2 (`]]]>`)\n};\n\nTokenizer.prototype._stateBeforeSpecial = function(c) {\n if (c === \"c\" || c === \"C\") {\n this._state = BEFORE_SCRIPT_1;\n } else if (c === \"t\" || c === \"T\") {\n this._state = BEFORE_STYLE_1;\n } else {\n this._state = IN_TAG_NAME;\n this._index--; //consume the token again\n }\n};\n\nTokenizer.prototype._stateBeforeSpecialEnd = function(c) {\n if (this._special === SPECIAL_SCRIPT && (c === \"c\" || c === \"C\")) {\n this._state = AFTER_SCRIPT_1;\n } else if (this._special === SPECIAL_STYLE && (c === \"t\" || c === \"T\")) {\n this._state = AFTER_STYLE_1;\n } else this._state = TEXT;\n};\n\nTokenizer.prototype._stateBeforeScript1 = consumeSpecialNameChar(\n \"R\",\n BEFORE_SCRIPT_2\n);\nTokenizer.prototype._stateBeforeScript2 = consumeSpecialNameChar(\n \"I\",\n BEFORE_SCRIPT_3\n);\nTokenizer.prototype._stateBeforeScript3 = consumeSpecialNameChar(\n \"P\",\n BEFORE_SCRIPT_4\n);\nTokenizer.prototype._stateBeforeScript4 = consumeSpecialNameChar(\n \"T\",\n BEFORE_SCRIPT_5\n);\n\nTokenizer.prototype._stateBeforeScript5 = function(c) {\n if (c === \"/\" || c === \">\" || whitespace(c)) {\n this._special = SPECIAL_SCRIPT;\n }\n this._state = IN_TAG_NAME;\n this._index--; //consume the token again\n};\n\nTokenizer.prototype._stateAfterScript1 = ifElseState(\"R\", AFTER_SCRIPT_2, TEXT);\nTokenizer.prototype._stateAfterScript2 = ifElseState(\"I\", AFTER_SCRIPT_3, TEXT);\nTokenizer.prototype._stateAfterScript3 = ifElseState(\"P\", AFTER_SCRIPT_4, TEXT);\nTokenizer.prototype._stateAfterScript4 = ifElseState(\"T\", AFTER_SCRIPT_5, TEXT);\n\nTokenizer.prototype._stateAfterScript5 = function(c) {\n if (c === \">\" || whitespace(c)) {\n this._special = SPECIAL_NONE;\n this._state = IN_CLOSING_TAG_NAME;\n this._sectionStart = this._index - 6;\n this._index--; //reconsume the token\n } else this._state = TEXT;\n};\n\nTokenizer.prototype._stateBeforeStyle1 = consumeSpecialNameChar(\n \"Y\",\n BEFORE_STYLE_2\n);\nTokenizer.prototype._stateBeforeStyle2 = consumeSpecialNameChar(\n \"L\",\n BEFORE_STYLE_3\n);\nTokenizer.prototype._stateBeforeStyle3 = consumeSpecialNameChar(\n \"E\",\n BEFORE_STYLE_4\n);\n\nTokenizer.prototype._stateBeforeStyle4 = function(c) {\n if (c === \"/\" || c === \">\" || whitespace(c)) {\n this._special = SPECIAL_STYLE;\n }\n this._state = IN_TAG_NAME;\n this._index--; //consume the token again\n};\n\nTokenizer.prototype._stateAfterStyle1 = ifElseState(\"Y\", AFTER_STYLE_2, TEXT);\nTokenizer.prototype._stateAfterStyle2 = ifElseState(\"L\", AFTER_STYLE_3, TEXT);\nTokenizer.prototype._stateAfterStyle3 = ifElseState(\"E\", AFTER_STYLE_4, TEXT);\n\nTokenizer.prototype._stateAfterStyle4 = function(c) {\n if (c === \">\" || whitespace(c)) {\n this._special = SPECIAL_NONE;\n this._state = IN_CLOSING_TAG_NAME;\n this._sectionStart = this._index - 5;\n this._index--; //reconsume the token\n } else this._state = TEXT;\n};\n\nTokenizer.prototype._stateBeforeEntity = ifElseState(\n \"#\",\n BEFORE_NUMERIC_ENTITY,\n IN_NAMED_ENTITY\n);\nTokenizer.prototype._stateBeforeNumericEntity = ifElseState(\n \"X\",\n IN_HEX_ENTITY,\n IN_NUMERIC_ENTITY\n);\n\n//for entities terminated with a semicolon\nTokenizer.prototype._parseNamedEntityStrict = function() {\n //offset = 1\n if (this._sectionStart + 1 < this._index) {\n var entity = this._buffer.substring(\n this._sectionStart + 1,\n this._index\n ),\n map = this._xmlMode ? xmlMap : entityMap;\n\n if (map.hasOwnProperty(entity)) {\n this._emitPartial(map[entity]);\n this._sectionStart = this._index + 1;\n }\n }\n};\n\n//parses legacy entities (without trailing semicolon)\nTokenizer.prototype._parseLegacyEntity = function() {\n var start = this._sectionStart + 1,\n limit = this._index - start;\n\n if (limit > 6) limit = 6; //the max length of legacy entities is 6\n\n while (limit >= 2) {\n //the min length of legacy entities is 2\n var entity = this._buffer.substr(start, limit);\n\n if (legacyMap.hasOwnProperty(entity)) {\n this._emitPartial(legacyMap[entity]);\n this._sectionStart += limit + 1;\n return;\n } else {\n limit--;\n }\n }\n};\n\nTokenizer.prototype._stateInNamedEntity = function(c) {\n if (c === \";\") {\n this._parseNamedEntityStrict();\n if (this._sectionStart + 1 < this._index && !this._xmlMode) {\n this._parseLegacyEntity();\n }\n this._state = this._baseState;\n } else if (\n (c < \"a\" || c > \"z\") &&\n (c < \"A\" || c > \"Z\") &&\n (c < \"0\" || c > \"9\")\n ) {\n if (this._xmlMode);\n else if (this._sectionStart + 1 === this._index);\n else if (this._baseState !== TEXT) {\n if (c !== \"=\") {\n this._parseNamedEntityStrict();\n }\n } else {\n this._parseLegacyEntity();\n }\n\n this._state = this._baseState;\n this._index--;\n }\n};\n\nTokenizer.prototype._decodeNumericEntity = function(offset, base) {\n var sectionStart = this._sectionStart + offset;\n\n if (sectionStart !== this._index) {\n //parse entity\n var entity = this._buffer.substring(sectionStart, this._index);\n var parsed = parseInt(entity, base);\n\n this._emitPartial(decodeCodePoint(parsed));\n this._sectionStart = this._index;\n } else {\n this._sectionStart--;\n }\n\n this._state = this._baseState;\n};\n\nTokenizer.prototype._stateInNumericEntity = function(c) {\n if (c === \";\") {\n this._decodeNumericEntity(2, 10);\n this._sectionStart++;\n } else if (c < \"0\" || c > \"9\") {\n if (!this._xmlMode) {\n this._decodeNumericEntity(2, 10);\n } else {\n this._state = this._baseState;\n }\n this._index--;\n }\n};\n\nTokenizer.prototype._stateInHexEntity = function(c) {\n if (c === \";\") {\n this._decodeNumericEntity(3, 16);\n this._sectionStart++;\n } else if (\n (c < \"a\" || c > \"f\") &&\n (c < \"A\" || c > \"F\") &&\n (c < \"0\" || c > \"9\")\n ) {\n if (!this._xmlMode) {\n this._decodeNumericEntity(3, 16);\n } else {\n this._state = this._baseState;\n }\n this._index--;\n }\n};\n\nTokenizer.prototype._cleanup = function() {\n if (this._sectionStart < 0) {\n this._buffer = \"\";\n this._bufferOffset += this._index;\n this._index = 0;\n } else if (this._running) {\n if (this._state === TEXT) {\n if (this._sectionStart !== this._index) {\n this._cbs.ontext(this._buffer.substr(this._sectionStart));\n }\n this._buffer = \"\";\n this._bufferOffset += this._index;\n this._index = 0;\n } else if (this._sectionStart === this._index) {\n //the section just started\n this._buffer = \"\";\n this._bufferOffset += this._index;\n this._index = 0;\n } else {\n //remove everything unnecessary\n this._buffer = this._buffer.substr(this._sectionStart);\n this._index -= this._sectionStart;\n this._bufferOffset += this._sectionStart;\n }\n\n this._sectionStart = 0;\n }\n};\n\n//TODO make events conditional\nTokenizer.prototype.write = function(chunk) {\n if (this._ended) this._cbs.onerror(Error(\".write() after done!\"));\n\n this._buffer += chunk;\n this._parse();\n};\n\nTokenizer.prototype._parse = function() {\n while (this._index < this._buffer.length && this._running) {\n var c = this._buffer.charAt(this._index);\n if (this._state === TEXT) {\n this._stateText(c);\n } else if (this._state === BEFORE_TAG_NAME) {\n this._stateBeforeTagName(c);\n } else if (this._state === IN_TAG_NAME) {\n this._stateInTagName(c);\n } else if (this._state === BEFORE_CLOSING_TAG_NAME) {\n this._stateBeforeCloseingTagName(c);\n } else if (this._state === IN_CLOSING_TAG_NAME) {\n this._stateInCloseingTagName(c);\n } else if (this._state === AFTER_CLOSING_TAG_NAME) {\n this._stateAfterCloseingTagName(c);\n } else if (this._state === IN_SELF_CLOSING_TAG) {\n this._stateInSelfClosingTag(c);\n } else if (this._state === BEFORE_ATTRIBUTE_NAME) {\n\n /*\n\t\t*\tattributes\n\t\t*/\n this._stateBeforeAttributeName(c);\n } else if (this._state === IN_ATTRIBUTE_NAME) {\n this._stateInAttributeName(c);\n } else if (this._state === AFTER_ATTRIBUTE_NAME) {\n this._stateAfterAttributeName(c);\n } else if (this._state === BEFORE_ATTRIBUTE_VALUE) {\n this._stateBeforeAttributeValue(c);\n } else if (this._state === IN_ATTRIBUTE_VALUE_DQ) {\n this._stateInAttributeValueDoubleQuotes(c);\n } else if (this._state === IN_ATTRIBUTE_VALUE_SQ) {\n this._stateInAttributeValueSingleQuotes(c);\n } else if (this._state === IN_ATTRIBUTE_VALUE_NQ) {\n this._stateInAttributeValueNoQuotes(c);\n } else if (this._state === BEFORE_DECLARATION) {\n\n /*\n\t\t*\tdeclarations\n\t\t*/\n this._stateBeforeDeclaration(c);\n } else if (this._state === IN_DECLARATION) {\n this._stateInDeclaration(c);\n } else if (this._state === IN_PROCESSING_INSTRUCTION) {\n\n /*\n\t\t*\tprocessing instructions\n\t\t*/\n this._stateInProcessingInstruction(c);\n } else if (this._state === BEFORE_COMMENT) {\n\n /*\n\t\t*\tcomments\n\t\t*/\n this._stateBeforeComment(c);\n } else if (this._state === IN_COMMENT) {\n this._stateInComment(c);\n } else if (this._state === AFTER_COMMENT_1) {\n this._stateAfterComment1(c);\n } else if (this._state === AFTER_COMMENT_2) {\n this._stateAfterComment2(c);\n } else if (this._state === BEFORE_CDATA_1) {\n\n /*\n\t\t*\tcdata\n\t\t*/\n this._stateBeforeCdata1(c);\n } else if (this._state === BEFORE_CDATA_2) {\n this._stateBeforeCdata2(c);\n } else if (this._state === BEFORE_CDATA_3) {\n this._stateBeforeCdata3(c);\n } else if (this._state === BEFORE_CDATA_4) {\n this._stateBeforeCdata4(c);\n } else if (this._state === BEFORE_CDATA_5) {\n this._stateBeforeCdata5(c);\n } else if (this._state === BEFORE_CDATA_6) {\n this._stateBeforeCdata6(c);\n } else if (this._state === IN_CDATA) {\n this._stateInCdata(c);\n } else if (this._state === AFTER_CDATA_1) {\n this._stateAfterCdata1(c);\n } else if (this._state === AFTER_CDATA_2) {\n this._stateAfterCdata2(c);\n } else if (this._state === BEFORE_SPECIAL) {\n\n /*\n\t\t* special tags\n\t\t*/\n this._stateBeforeSpecial(c);\n } else if (this._state === BEFORE_SPECIAL_END) {\n this._stateBeforeSpecialEnd(c);\n } else if (this._state === BEFORE_SCRIPT_1) {\n\n /*\n\t\t* script\n\t\t*/\n this._stateBeforeScript1(c);\n } else if (this._state === BEFORE_SCRIPT_2) {\n this._stateBeforeScript2(c);\n } else if (this._state === BEFORE_SCRIPT_3) {\n this._stateBeforeScript3(c);\n } else if (this._state === BEFORE_SCRIPT_4) {\n this._stateBeforeScript4(c);\n } else if (this._state === BEFORE_SCRIPT_5) {\n this._stateBeforeScript5(c);\n } else if (this._state === AFTER_SCRIPT_1) {\n this._stateAfterScript1(c);\n } else if (this._state === AFTER_SCRIPT_2) {\n this._stateAfterScript2(c);\n } else if (this._state === AFTER_SCRIPT_3) {\n this._stateAfterScript3(c);\n } else if (this._state === AFTER_SCRIPT_4) {\n this._stateAfterScript4(c);\n } else if (this._state === AFTER_SCRIPT_5) {\n this._stateAfterScript5(c);\n } else if (this._state === BEFORE_STYLE_1) {\n\n /*\n\t\t* style\n\t\t*/\n this._stateBeforeStyle1(c);\n } else if (this._state === BEFORE_STYLE_2) {\n this._stateBeforeStyle2(c);\n } else if (this._state === BEFORE_STYLE_3) {\n this._stateBeforeStyle3(c);\n } else if (this._state === BEFORE_STYLE_4) {\n this._stateBeforeStyle4(c);\n } else if (this._state === AFTER_STYLE_1) {\n this._stateAfterStyle1(c);\n } else if (this._state === AFTER_STYLE_2) {\n this._stateAfterStyle2(c);\n } else if (this._state === AFTER_STYLE_3) {\n this._stateAfterStyle3(c);\n } else if (this._state === AFTER_STYLE_4) {\n this._stateAfterStyle4(c);\n } else if (this._state === BEFORE_ENTITY) {\n\n /*\n\t\t* entities\n\t\t*/\n this._stateBeforeEntity(c);\n } else if (this._state === BEFORE_NUMERIC_ENTITY) {\n this._stateBeforeNumericEntity(c);\n } else if (this._state === IN_NAMED_ENTITY) {\n this._stateInNamedEntity(c);\n } else if (this._state === IN_NUMERIC_ENTITY) {\n this._stateInNumericEntity(c);\n } else if (this._state === IN_HEX_ENTITY) {\n this._stateInHexEntity(c);\n } else {\n this._cbs.onerror(Error(\"unknown _state\"), this._state);\n }\n\n this._index++;\n }\n\n this._cleanup();\n};\n\nTokenizer.prototype.pause = function() {\n this._running = false;\n};\nTokenizer.prototype.resume = function() {\n this._running = true;\n\n if (this._index < this._buffer.length) {\n this._parse();\n }\n if (this._ended) {\n this._finish();\n }\n};\n\nTokenizer.prototype.end = function(chunk) {\n if (this._ended) this._cbs.onerror(Error(\".end() after done!\"));\n if (chunk) this.write(chunk);\n\n this._ended = true;\n\n if (this._running) this._finish();\n};\n\nTokenizer.prototype._finish = function() {\n //if there is remaining data, emit it in a reasonable way\n if (this._sectionStart < this._index) {\n this._handleTrailingData();\n }\n\n this._cbs.onend();\n};\n\nTokenizer.prototype._handleTrailingData = function() {\n var data = this._buffer.substr(this._sectionStart);\n\n if (\n this._state === IN_CDATA ||\n this._state === AFTER_CDATA_1 ||\n this._state === AFTER_CDATA_2\n ) {\n this._cbs.oncdata(data);\n } else if (\n this._state === IN_COMMENT ||\n this._state === AFTER_COMMENT_1 ||\n this._state === AFTER_COMMENT_2\n ) {\n this._cbs.oncomment(data);\n } else if (this._state === IN_NAMED_ENTITY && !this._xmlMode) {\n this._parseLegacyEntity();\n if (this._sectionStart < this._index) {\n this._state = this._baseState;\n this._handleTrailingData();\n }\n } else if (this._state === IN_NUMERIC_ENTITY && !this._xmlMode) {\n this._decodeNumericEntity(2, 10);\n if (this._sectionStart < this._index) {\n this._state = this._baseState;\n this._handleTrailingData();\n }\n } else if (this._state === IN_HEX_ENTITY && !this._xmlMode) {\n this._decodeNumericEntity(3, 16);\n if (this._sectionStart < this._index) {\n this._state = this._baseState;\n this._handleTrailingData();\n }\n } else if (\n this._state !== IN_TAG_NAME &&\n this._state !== BEFORE_ATTRIBUTE_NAME &&\n this._state !== BEFORE_ATTRIBUTE_VALUE &&\n this._state !== AFTER_ATTRIBUTE_NAME &&\n this._state !== IN_ATTRIBUTE_NAME &&\n this._state !== IN_ATTRIBUTE_VALUE_SQ &&\n this._state !== IN_ATTRIBUTE_VALUE_DQ &&\n this._state !== IN_ATTRIBUTE_VALUE_NQ &&\n this._state !== IN_CLOSING_TAG_NAME\n ) {\n this._cbs.ontext(data);\n }\n //else, ignore remaining data\n //TODO add a way to remove current tag\n};\n\nTokenizer.prototype.reset = function() {\n Tokenizer.call(\n this,\n { xmlMode: this._xmlMode, decodeEntities: this._decodeEntities },\n this._cbs\n );\n};\n\nTokenizer.prototype.getAbsoluteIndex = function() {\n return this._bufferOffset + this._index;\n};\n\nTokenizer.prototype._getSection = function() {\n return this._buffer.substring(this._sectionStart, this._index);\n};\n\nTokenizer.prototype._emitToken = function(name) {\n this._cbs[name](this._getSection());\n this._sectionStart = -1;\n};\n\nTokenizer.prototype._emitPartial = function(value) {\n if (this._baseState !== TEXT) {\n this._cbs.onattribdata(value); //TODO implement the new event\n } else {\n this._cbs.ontext(value);\n }\n};\n","var ElementType = require(\"domelementtype\");\n\nvar re_whitespace = /\\s+/g;\nvar NodePrototype = require(\"./lib/node\");\nvar ElementPrototype = require(\"./lib/element\");\n\nfunction DomHandler(callback, options, elementCB){\n\tif(typeof callback === \"object\"){\n\t\telementCB = options;\n\t\toptions = callback;\n\t\tcallback = null;\n\t} else if(typeof options === \"function\"){\n\t\telementCB = options;\n\t\toptions = defaultOpts;\n\t}\n\tthis._callback = callback;\n\tthis._options = options || defaultOpts;\n\tthis._elementCB = elementCB;\n\tthis.dom = [];\n\tthis._done = false;\n\tthis._tagStack = [];\n\tthis._parser = this._parser || null;\n}\n\n//default options\nvar defaultOpts = {\n\tnormalizeWhitespace: false, //Replace all whitespace with single spaces\n\twithStartIndices: false, //Add startIndex properties to nodes\n\twithEndIndices: false, //Add endIndex properties to nodes\n};\n\nDomHandler.prototype.onparserinit = function(parser){\n\tthis._parser = parser;\n};\n\n//Resets the handler back to starting state\nDomHandler.prototype.onreset = function(){\n\tDomHandler.call(this, this._callback, this._options, this._elementCB);\n};\n\n//Signals the handler that parsing is done\nDomHandler.prototype.onend = function(){\n\tif(this._done) return;\n\tthis._done = true;\n\tthis._parser = null;\n\tthis._handleCallback(null);\n};\n\nDomHandler.prototype._handleCallback =\nDomHandler.prototype.onerror = function(error){\n\tif(typeof this._callback === \"function\"){\n\t\tthis._callback(error, this.dom);\n\t} else {\n\t\tif(error) throw error;\n\t}\n};\n\nDomHandler.prototype.onclosetag = function(){\n\t//if(this._tagStack.pop().name !== name) this._handleCallback(Error(\"Tagname didn't match!\"));\n\t\n\tvar elem = this._tagStack.pop();\n\n\tif(this._options.withEndIndices && elem){\n\t\telem.endIndex = this._parser.endIndex;\n\t}\n\n\tif(this._elementCB) this._elementCB(elem);\n};\n\nDomHandler.prototype._createDomElement = function(properties){\n\tif (!this._options.withDomLvl1) return properties;\n\n\tvar element;\n\tif (properties.type === \"tag\") {\n\t\telement = Object.create(ElementPrototype);\n\t} else {\n\t\telement = Object.create(NodePrototype);\n\t}\n\n\tfor (var key in properties) {\n\t\tif (properties.hasOwnProperty(key)) {\n\t\t\telement[key] = properties[key];\n\t\t}\n\t}\n\n\treturn element;\n};\n\nDomHandler.prototype._addDomElement = function(element){\n\tvar parent = this._tagStack[this._tagStack.length - 1];\n\tvar siblings = parent ? parent.children : this.dom;\n\tvar previousSibling = siblings[siblings.length - 1];\n\n\telement.next = null;\n\n\tif(this._options.withStartIndices){\n\t\telement.startIndex = this._parser.startIndex;\n\t}\n\tif(this._options.withEndIndices){\n\t\telement.endIndex = this._parser.endIndex;\n\t}\n\n\tif(previousSibling){\n\t\telement.prev = previousSibling;\n\t\tpreviousSibling.next = element;\n\t} else {\n\t\telement.prev = null;\n\t}\n\n\tsiblings.push(element);\n\telement.parent = parent || null;\n};\n\nDomHandler.prototype.onopentag = function(name, attribs){\n\tvar properties = {\n\t\ttype: name === \"script\" ? ElementType.Script : name === \"style\" ? ElementType.Style : ElementType.Tag,\n\t\tname: name,\n\t\tattribs: attribs,\n\t\tchildren: []\n\t};\n\n\tvar element = this._createDomElement(properties);\n\n\tthis._addDomElement(element);\n\n\tthis._tagStack.push(element);\n};\n\nDomHandler.prototype.ontext = function(data){\n\t//the ignoreWhitespace is officially dropped, but for now,\n\t//it's an alias for normalizeWhitespace\n\tvar normalize = this._options.normalizeWhitespace || this._options.ignoreWhitespace;\n\n\tvar lastTag;\n\n\tif(!this._tagStack.length && this.dom.length && (lastTag = this.dom[this.dom.length-1]).type === ElementType.Text){\n\t\tif(normalize){\n\t\t\tlastTag.data = (lastTag.data + data).replace(re_whitespace, \" \");\n\t\t} else {\n\t\t\tlastTag.data += data;\n\t\t}\n\t} else {\n\t\tif(\n\t\t\tthis._tagStack.length &&\n\t\t\t(lastTag = this._tagStack[this._tagStack.length - 1]) &&\n\t\t\t(lastTag = lastTag.children[lastTag.children.length - 1]) &&\n\t\t\tlastTag.type === ElementType.Text\n\t\t){\n\t\t\tif(normalize){\n\t\t\t\tlastTag.data = (lastTag.data + data).replace(re_whitespace, \" \");\n\t\t\t} else {\n\t\t\t\tlastTag.data += data;\n\t\t\t}\n\t\t} else {\n\t\t\tif(normalize){\n\t\t\t\tdata = data.replace(re_whitespace, \" \");\n\t\t\t}\n\n\t\t\tvar element = this._createDomElement({\n\t\t\t\tdata: data,\n\t\t\t\ttype: ElementType.Text\n\t\t\t});\n\n\t\t\tthis._addDomElement(element);\n\t\t}\n\t}\n};\n\nDomHandler.prototype.oncomment = function(data){\n\tvar lastTag = this._tagStack[this._tagStack.length - 1];\n\n\tif(lastTag && lastTag.type === ElementType.Comment){\n\t\tlastTag.data += data;\n\t\treturn;\n\t}\n\n\tvar properties = {\n\t\tdata: data,\n\t\ttype: ElementType.Comment\n\t};\n\n\tvar element = this._createDomElement(properties);\n\n\tthis._addDomElement(element);\n\tthis._tagStack.push(element);\n};\n\nDomHandler.prototype.oncdatastart = function(){\n\tvar properties = {\n\t\tchildren: [{\n\t\t\tdata: \"\",\n\t\t\ttype: ElementType.Text\n\t\t}],\n\t\ttype: ElementType.CDATA\n\t};\n\n\tvar element = this._createDomElement(properties);\n\n\tthis._addDomElement(element);\n\tthis._tagStack.push(element);\n};\n\nDomHandler.prototype.oncommentend = DomHandler.prototype.oncdataend = function(){\n\tthis._tagStack.pop();\n};\n\nDomHandler.prototype.onprocessinginstruction = function(name, data){\n\tvar element = this._createDomElement({\n\t\tname: name,\n\t\tdata: data,\n\t\ttype: ElementType.Directive\n\t});\n\n\tthis._addDomElement(element);\n};\n\nmodule.exports = DomHandler;\n","// This object will be used as the prototype for Nodes when creating a\n// DOM-Level-1-compliant structure.\nvar NodePrototype = module.exports = {\n\tget firstChild() {\n\t\tvar children = this.children;\n\t\treturn children && children[0] || null;\n\t},\n\tget lastChild() {\n\t\tvar children = this.children;\n\t\treturn children && children[children.length - 1] || null;\n\t},\n\tget nodeType() {\n\t\treturn nodeTypes[this.type] || nodeTypes.element;\n\t}\n};\n\nvar domLvl1 = {\n\ttagName: \"name\",\n\tchildNodes: \"children\",\n\tparentNode: \"parent\",\n\tpreviousSibling: \"prev\",\n\tnextSibling: \"next\",\n\tnodeValue: \"data\"\n};\n\nvar nodeTypes = {\n\telement: 1,\n\ttext: 3,\n\tcdata: 4,\n\tcomment: 8\n};\n\nObject.keys(domLvl1).forEach(function(key) {\n\tvar shorthand = domLvl1[key];\n\tObject.defineProperty(NodePrototype, key, {\n\t\tget: function() {\n\t\t\treturn this[shorthand] || null;\n\t\t},\n\t\tset: function(val) {\n\t\t\tthis[shorthand] = val;\n\t\t\treturn val;\n\t\t}\n\t});\n});\n","var DomUtils = module.exports;\n\n[\n\trequire(\"./lib/stringify\"),\n\trequire(\"./lib/traversal\"),\n\trequire(\"./lib/manipulation\"),\n\trequire(\"./lib/querying\"),\n\trequire(\"./lib/legacy\"),\n\trequire(\"./lib/helpers\")\n].forEach(function(ext){\n\tObject.keys(ext).forEach(function(key){\n\t\tDomUtils[key] = ext[key].bind(DomUtils);\n\t});\n});\n","\"use strict\";\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.decodeHTML = exports.decodeHTMLStrict = exports.decodeXML = void 0;\nvar entities_json_1 = __importDefault(require(\"./maps/entities.json\"));\nvar legacy_json_1 = __importDefault(require(\"./maps/legacy.json\"));\nvar xml_json_1 = __importDefault(require(\"./maps/xml.json\"));\nvar decode_codepoint_1 = __importDefault(require(\"./decode_codepoint\"));\nexports.decodeXML = getStrictDecoder(xml_json_1.default);\nexports.decodeHTMLStrict = getStrictDecoder(entities_json_1.default);\nfunction getStrictDecoder(map) {\n var keys = Object.keys(map).join(\"|\");\n var replace = getReplacer(map);\n keys += \"|#[xX][\\\\da-fA-F]+|#\\\\d+\";\n var re = new RegExp(\"&(?:\" + keys + \");\", \"g\");\n return function (str) { return String(str).replace(re, replace); };\n}\nvar sorter = function (a, b) { return (a < b ? 1 : -1); };\nexports.decodeHTML = (function () {\n var legacy = Object.keys(legacy_json_1.default).sort(sorter);\n var keys = Object.keys(entities_json_1.default).sort(sorter);\n for (var i = 0, j = 0; i < keys.length; i++) {\n if (legacy[j] === keys[i]) {\n keys[i] += \";?\";\n j++;\n }\n else {\n keys[i] += \";\";\n }\n }\n var re = new RegExp(\"&(?:\" + keys.join(\"|\") + \"|#[xX][\\\\da-fA-F]+;?|#\\\\d+;?)\", \"g\");\n var replace = getReplacer(entities_json_1.default);\n function replacer(str) {\n if (str.substr(-1) !== \";\")\n str += \";\";\n return replace(str);\n }\n //TODO consider creating a merged map\n return function (str) { return String(str).replace(re, replacer); };\n})();\nfunction getReplacer(map) {\n return function replace(str) {\n if (str.charAt(1) === \"#\") {\n var secondChar = str.charAt(2);\n if (secondChar === \"X\" || secondChar === \"x\") {\n return decode_codepoint_1.default(parseInt(str.substr(3), 16));\n }\n return decode_codepoint_1.default(parseInt(str.substr(2), 10));\n }\n return map[str.slice(1, -1)];\n };\n}\n","\"use strict\";\nvar __importDefault = (this && this.__importDefault) || function (mod) {\n return (mod && mod.__esModule) ? mod : { \"default\": mod };\n};\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.escape = exports.encodeHTML = exports.encodeXML = void 0;\nvar xml_json_1 = __importDefault(require(\"./maps/xml.json\"));\nvar inverseXML = getInverseObj(xml_json_1.default);\nvar xmlReplacer = getInverseReplacer(inverseXML);\nexports.encodeXML = getInverse(inverseXML, xmlReplacer);\nvar entities_json_1 = __importDefault(require(\"./maps/entities.json\"));\nvar inverseHTML = getInverseObj(entities_json_1.default);\nvar htmlReplacer = getInverseReplacer(inverseHTML);\nexports.encodeHTML = getInverse(inverseHTML, htmlReplacer);\nfunction getInverseObj(obj) {\n return Object.keys(obj)\n .sort()\n .reduce(function (inverse, name) {\n inverse[obj[name]] = \"&\" + name + \";\";\n return inverse;\n }, {});\n}\nfunction getInverseReplacer(inverse) {\n var single = [];\n var multiple = [];\n for (var _i = 0, _a = Object.keys(inverse); _i < _a.length; _i++) {\n var k = _a[_i];\n if (k.length === 1) {\n // Add value to single array\n single.push(\"\\\\\" + k);\n }\n else {\n // Add value to multiple array\n multiple.push(k);\n }\n }\n // Add ranges to single characters.\n single.sort();\n for (var start = 0; start < single.length - 1; start++) {\n // Find the end of a run of characters\n var end = start;\n while (end < single.length - 1 &&\n single[end].charCodeAt(1) + 1 === single[end + 1].charCodeAt(1)) {\n end += 1;\n }\n var count = 1 + end - start;\n // We want to replace at least three characters\n if (count < 3)\n continue;\n single.splice(start, count, single[start] + \"-\" + single[end]);\n }\n multiple.unshift(\"[\" + single.join(\"\") + \"]\");\n return new RegExp(multiple.join(\"|\"), \"g\");\n}\nvar reNonASCII = /(?:[\\x80-\\uD7FF\\uE000-\\uFFFF]|[\\uD800-\\uDBFF][\\uDC00-\\uDFFF]|[\\uD800-\\uDBFF](?![\\uDC00-\\uDFFF])|(?:[^\\uD800-\\uDBFF]|^)[\\uDC00-\\uDFFF])/g;\nfunction singleCharReplacer(c) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return \"&#x\" + c.codePointAt(0).toString(16).toUpperCase() + \";\";\n}\nfunction getInverse(inverse, re) {\n return function (data) {\n return data\n .replace(re, function (name) { return inverse[name]; })\n .replace(reNonASCII, singleCharReplacer);\n };\n}\nvar reXmlChars = getInverseReplacer(inverseXML);\nfunction escape(data) {\n return data\n .replace(reXmlChars, singleCharReplacer)\n .replace(reNonASCII, singleCharReplacer);\n}\nexports.escape = escape;\n","module.exports = Stream;\n\nvar Parser = require(\"./Parser.js\");\nvar WritableStream = require(\"readable-stream\").Writable;\nvar StringDecoder = require(\"string_decoder\").StringDecoder;\nvar Buffer = require(\"buffer\").Buffer;\n\nfunction Stream(cbs, options) {\n var parser = (this._parser = new Parser(cbs, options));\n var decoder = (this._decoder = new StringDecoder());\n\n WritableStream.call(this, { decodeStrings: false });\n\n this.once(\"finish\", function() {\n parser.end(decoder.end());\n });\n}\n\nrequire(\"inherits\")(Stream, WritableStream);\n\nStream.prototype._write = function(chunk, encoding, cb) {\n if (chunk instanceof Buffer) chunk = this._decoder.write(chunk);\n this._parser.write(chunk);\n cb();\n};\n","/*!\n * The buffer module from node.js, for the browser.\n *\n * @author Feross Aboukhadijeh \n * @license MIT\n */\n/* eslint-disable no-proto */\n\n'use strict'\n\nvar base64 = require('base64-js')\nvar ieee754 = require('ieee754')\nvar isArray = require('isarray')\n\nexports.Buffer = Buffer\nexports.SlowBuffer = SlowBuffer\nexports.INSPECT_MAX_BYTES = 50\n\n/**\n * If `Buffer.TYPED_ARRAY_SUPPORT`:\n * === true Use Uint8Array implementation (fastest)\n * === false Use Object implementation (most compatible, even IE6)\n *\n * Browsers that support typed arrays are IE 10+, Firefox 4+, Chrome 7+, Safari 5.1+,\n * Opera 11.6+, iOS 4.2+.\n *\n * Due to various browser bugs, sometimes the Object implementation will be used even\n * when the browser supports typed arrays.\n *\n * Note:\n *\n * - Firefox 4-29 lacks support for adding new properties to `Uint8Array` instances,\n * See: https://bugzilla.mozilla.org/show_bug.cgi?id=695438.\n *\n * - Chrome 9-10 is missing the `TypedArray.prototype.subarray` function.\n *\n * - IE10 has a broken `TypedArray.prototype.subarray` function which returns arrays of\n * incorrect length in some situations.\n\n * We detect these buggy browsers and set `Buffer.TYPED_ARRAY_SUPPORT` to `false` so they\n * get the Object implementation, which is slower but behaves correctly.\n */\nBuffer.TYPED_ARRAY_SUPPORT = global.TYPED_ARRAY_SUPPORT !== undefined\n ? global.TYPED_ARRAY_SUPPORT\n : typedArraySupport()\n\n/*\n * Export kMaxLength after typed array support is determined.\n */\nexports.kMaxLength = kMaxLength()\n\nfunction typedArraySupport () {\n try {\n var arr = new Uint8Array(1)\n arr.__proto__ = {__proto__: Uint8Array.prototype, foo: function () { return 42 }}\n return arr.foo() === 42 && // typed array instances can be augmented\n typeof arr.subarray === 'function' && // chrome 9-10 lack `subarray`\n arr.subarray(1, 1).byteLength === 0 // ie10 has broken `subarray`\n } catch (e) {\n return false\n }\n}\n\nfunction kMaxLength () {\n return Buffer.TYPED_ARRAY_SUPPORT\n ? 0x7fffffff\n : 0x3fffffff\n}\n\nfunction createBuffer (that, length) {\n if (kMaxLength() < length) {\n throw new RangeError('Invalid typed array length')\n }\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n // Return an augmented `Uint8Array` instance, for best performance\n that = new Uint8Array(length)\n that.__proto__ = Buffer.prototype\n } else {\n // Fallback: Return an object instance of the Buffer class\n if (that === null) {\n that = new Buffer(length)\n }\n that.length = length\n }\n\n return that\n}\n\n/**\n * The Buffer constructor returns instances of `Uint8Array` that have their\n * prototype changed to `Buffer.prototype`. Furthermore, `Buffer` is a subclass of\n * `Uint8Array`, so the returned instances will have all the node `Buffer` methods\n * and the `Uint8Array` methods. Square bracket notation works as expected -- it\n * returns a single octet.\n *\n * The `Uint8Array` prototype remains unmodified.\n */\n\nfunction Buffer (arg, encodingOrOffset, length) {\n if (!Buffer.TYPED_ARRAY_SUPPORT && !(this instanceof Buffer)) {\n return new Buffer(arg, encodingOrOffset, length)\n }\n\n // Common case.\n if (typeof arg === 'number') {\n if (typeof encodingOrOffset === 'string') {\n throw new Error(\n 'If encoding is specified then the first argument must be a string'\n )\n }\n return allocUnsafe(this, arg)\n }\n return from(this, arg, encodingOrOffset, length)\n}\n\nBuffer.poolSize = 8192 // not used by this implementation\n\n// TODO: Legacy, not needed anymore. Remove in next major version.\nBuffer._augment = function (arr) {\n arr.__proto__ = Buffer.prototype\n return arr\n}\n\nfunction from (that, value, encodingOrOffset, length) {\n if (typeof value === 'number') {\n throw new TypeError('\"value\" argument must not be a number')\n }\n\n if (typeof ArrayBuffer !== 'undefined' && value instanceof ArrayBuffer) {\n return fromArrayBuffer(that, value, encodingOrOffset, length)\n }\n\n if (typeof value === 'string') {\n return fromString(that, value, encodingOrOffset)\n }\n\n return fromObject(that, value)\n}\n\n/**\n * Functionally equivalent to Buffer(arg, encoding) but throws a TypeError\n * if value is a number.\n * Buffer.from(str[, encoding])\n * Buffer.from(array)\n * Buffer.from(buffer)\n * Buffer.from(arrayBuffer[, byteOffset[, length]])\n **/\nBuffer.from = function (value, encodingOrOffset, length) {\n return from(null, value, encodingOrOffset, length)\n}\n\nif (Buffer.TYPED_ARRAY_SUPPORT) {\n Buffer.prototype.__proto__ = Uint8Array.prototype\n Buffer.__proto__ = Uint8Array\n if (typeof Symbol !== 'undefined' && Symbol.species &&\n Buffer[Symbol.species] === Buffer) {\n // Fix subarray() in ES2016. See: https://github.com/feross/buffer/pull/97\n Object.defineProperty(Buffer, Symbol.species, {\n value: null,\n configurable: true\n })\n }\n}\n\nfunction assertSize (size) {\n if (typeof size !== 'number') {\n throw new TypeError('\"size\" argument must be a number')\n } else if (size < 0) {\n throw new RangeError('\"size\" argument must not be negative')\n }\n}\n\nfunction alloc (that, size, fill, encoding) {\n assertSize(size)\n if (size <= 0) {\n return createBuffer(that, size)\n }\n if (fill !== undefined) {\n // Only pay attention to encoding if it's a string. This\n // prevents accidentally sending in a number that would\n // be interpretted as a start offset.\n return typeof encoding === 'string'\n ? createBuffer(that, size).fill(fill, encoding)\n : createBuffer(that, size).fill(fill)\n }\n return createBuffer(that, size)\n}\n\n/**\n * Creates a new filled Buffer instance.\n * alloc(size[, fill[, encoding]])\n **/\nBuffer.alloc = function (size, fill, encoding) {\n return alloc(null, size, fill, encoding)\n}\n\nfunction allocUnsafe (that, size) {\n assertSize(size)\n that = createBuffer(that, size < 0 ? 0 : checked(size) | 0)\n if (!Buffer.TYPED_ARRAY_SUPPORT) {\n for (var i = 0; i < size; ++i) {\n that[i] = 0\n }\n }\n return that\n}\n\n/**\n * Equivalent to Buffer(num), by default creates a non-zero-filled Buffer instance.\n * */\nBuffer.allocUnsafe = function (size) {\n return allocUnsafe(null, size)\n}\n/**\n * Equivalent to SlowBuffer(num), by default creates a non-zero-filled Buffer instance.\n */\nBuffer.allocUnsafeSlow = function (size) {\n return allocUnsafe(null, size)\n}\n\nfunction fromString (that, string, encoding) {\n if (typeof encoding !== 'string' || encoding === '') {\n encoding = 'utf8'\n }\n\n if (!Buffer.isEncoding(encoding)) {\n throw new TypeError('\"encoding\" must be a valid string encoding')\n }\n\n var length = byteLength(string, encoding) | 0\n that = createBuffer(that, length)\n\n var actual = that.write(string, encoding)\n\n if (actual !== length) {\n // Writing a hex string, for example, that contains invalid characters will\n // cause everything after the first invalid character to be ignored. (e.g.\n // 'abxxcd' will be treated as 'ab')\n that = that.slice(0, actual)\n }\n\n return that\n}\n\nfunction fromArrayLike (that, array) {\n var length = array.length < 0 ? 0 : checked(array.length) | 0\n that = createBuffer(that, length)\n for (var i = 0; i < length; i += 1) {\n that[i] = array[i] & 255\n }\n return that\n}\n\nfunction fromArrayBuffer (that, array, byteOffset, length) {\n array.byteLength // this throws if `array` is not a valid ArrayBuffer\n\n if (byteOffset < 0 || array.byteLength < byteOffset) {\n throw new RangeError('\\'offset\\' is out of bounds')\n }\n\n if (array.byteLength < byteOffset + (length || 0)) {\n throw new RangeError('\\'length\\' is out of bounds')\n }\n\n if (byteOffset === undefined && length === undefined) {\n array = new Uint8Array(array)\n } else if (length === undefined) {\n array = new Uint8Array(array, byteOffset)\n } else {\n array = new Uint8Array(array, byteOffset, length)\n }\n\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n // Return an augmented `Uint8Array` instance, for best performance\n that = array\n that.__proto__ = Buffer.prototype\n } else {\n // Fallback: Return an object instance of the Buffer class\n that = fromArrayLike(that, array)\n }\n return that\n}\n\nfunction fromObject (that, obj) {\n if (Buffer.isBuffer(obj)) {\n var len = checked(obj.length) | 0\n that = createBuffer(that, len)\n\n if (that.length === 0) {\n return that\n }\n\n obj.copy(that, 0, 0, len)\n return that\n }\n\n if (obj) {\n if ((typeof ArrayBuffer !== 'undefined' &&\n obj.buffer instanceof ArrayBuffer) || 'length' in obj) {\n if (typeof obj.length !== 'number' || isnan(obj.length)) {\n return createBuffer(that, 0)\n }\n return fromArrayLike(that, obj)\n }\n\n if (obj.type === 'Buffer' && isArray(obj.data)) {\n return fromArrayLike(that, obj.data)\n }\n }\n\n throw new TypeError('First argument must be a string, Buffer, ArrayBuffer, Array, or array-like object.')\n}\n\nfunction checked (length) {\n // Note: cannot use `length < kMaxLength()` here because that fails when\n // length is NaN (which is otherwise coerced to zero.)\n if (length >= kMaxLength()) {\n throw new RangeError('Attempt to allocate Buffer larger than maximum ' +\n 'size: 0x' + kMaxLength().toString(16) + ' bytes')\n }\n return length | 0\n}\n\nfunction SlowBuffer (length) {\n if (+length != length) { // eslint-disable-line eqeqeq\n length = 0\n }\n return Buffer.alloc(+length)\n}\n\nBuffer.isBuffer = function isBuffer (b) {\n return !!(b != null && b._isBuffer)\n}\n\nBuffer.compare = function compare (a, b) {\n if (!Buffer.isBuffer(a) || !Buffer.isBuffer(b)) {\n throw new TypeError('Arguments must be Buffers')\n }\n\n if (a === b) return 0\n\n var x = a.length\n var y = b.length\n\n for (var i = 0, len = Math.min(x, y); i < len; ++i) {\n if (a[i] !== b[i]) {\n x = a[i]\n y = b[i]\n break\n }\n }\n\n if (x < y) return -1\n if (y < x) return 1\n return 0\n}\n\nBuffer.isEncoding = function isEncoding (encoding) {\n switch (String(encoding).toLowerCase()) {\n case 'hex':\n case 'utf8':\n case 'utf-8':\n case 'ascii':\n case 'latin1':\n case 'binary':\n case 'base64':\n case 'ucs2':\n case 'ucs-2':\n case 'utf16le':\n case 'utf-16le':\n return true\n default:\n return false\n }\n}\n\nBuffer.concat = function concat (list, length) {\n if (!isArray(list)) {\n throw new TypeError('\"list\" argument must be an Array of Buffers')\n }\n\n if (list.length === 0) {\n return Buffer.alloc(0)\n }\n\n var i\n if (length === undefined) {\n length = 0\n for (i = 0; i < list.length; ++i) {\n length += list[i].length\n }\n }\n\n var buffer = Buffer.allocUnsafe(length)\n var pos = 0\n for (i = 0; i < list.length; ++i) {\n var buf = list[i]\n if (!Buffer.isBuffer(buf)) {\n throw new TypeError('\"list\" argument must be an Array of Buffers')\n }\n buf.copy(buffer, pos)\n pos += buf.length\n }\n return buffer\n}\n\nfunction byteLength (string, encoding) {\n if (Buffer.isBuffer(string)) {\n return string.length\n }\n if (typeof ArrayBuffer !== 'undefined' && typeof ArrayBuffer.isView === 'function' &&\n (ArrayBuffer.isView(string) || string instanceof ArrayBuffer)) {\n return string.byteLength\n }\n if (typeof string !== 'string') {\n string = '' + string\n }\n\n var len = string.length\n if (len === 0) return 0\n\n // Use a for loop to avoid recursion\n var loweredCase = false\n for (;;) {\n switch (encoding) {\n case 'ascii':\n case 'latin1':\n case 'binary':\n return len\n case 'utf8':\n case 'utf-8':\n case undefined:\n return utf8ToBytes(string).length\n case 'ucs2':\n case 'ucs-2':\n case 'utf16le':\n case 'utf-16le':\n return len * 2\n case 'hex':\n return len >>> 1\n case 'base64':\n return base64ToBytes(string).length\n default:\n if (loweredCase) return utf8ToBytes(string).length // assume utf8\n encoding = ('' + encoding).toLowerCase()\n loweredCase = true\n }\n }\n}\nBuffer.byteLength = byteLength\n\nfunction slowToString (encoding, start, end) {\n var loweredCase = false\n\n // No need to verify that \"this.length <= MAX_UINT32\" since it's a read-only\n // property of a typed array.\n\n // This behaves neither like String nor Uint8Array in that we set start/end\n // to their upper/lower bounds if the value passed is out of range.\n // undefined is handled specially as per ECMA-262 6th Edition,\n // Section 13.3.3.7 Runtime Semantics: KeyedBindingInitialization.\n if (start === undefined || start < 0) {\n start = 0\n }\n // Return early if start > this.length. Done here to prevent potential uint32\n // coercion fail below.\n if (start > this.length) {\n return ''\n }\n\n if (end === undefined || end > this.length) {\n end = this.length\n }\n\n if (end <= 0) {\n return ''\n }\n\n // Force coersion to uint32. This will also coerce falsey/NaN values to 0.\n end >>>= 0\n start >>>= 0\n\n if (end <= start) {\n return ''\n }\n\n if (!encoding) encoding = 'utf8'\n\n while (true) {\n switch (encoding) {\n case 'hex':\n return hexSlice(this, start, end)\n\n case 'utf8':\n case 'utf-8':\n return utf8Slice(this, start, end)\n\n case 'ascii':\n return asciiSlice(this, start, end)\n\n case 'latin1':\n case 'binary':\n return latin1Slice(this, start, end)\n\n case 'base64':\n return base64Slice(this, start, end)\n\n case 'ucs2':\n case 'ucs-2':\n case 'utf16le':\n case 'utf-16le':\n return utf16leSlice(this, start, end)\n\n default:\n if (loweredCase) throw new TypeError('Unknown encoding: ' + encoding)\n encoding = (encoding + '').toLowerCase()\n loweredCase = true\n }\n }\n}\n\n// The property is used by `Buffer.isBuffer` and `is-buffer` (in Safari 5-7) to detect\n// Buffer instances.\nBuffer.prototype._isBuffer = true\n\nfunction swap (b, n, m) {\n var i = b[n]\n b[n] = b[m]\n b[m] = i\n}\n\nBuffer.prototype.swap16 = function swap16 () {\n var len = this.length\n if (len % 2 !== 0) {\n throw new RangeError('Buffer size must be a multiple of 16-bits')\n }\n for (var i = 0; i < len; i += 2) {\n swap(this, i, i + 1)\n }\n return this\n}\n\nBuffer.prototype.swap32 = function swap32 () {\n var len = this.length\n if (len % 4 !== 0) {\n throw new RangeError('Buffer size must be a multiple of 32-bits')\n }\n for (var i = 0; i < len; i += 4) {\n swap(this, i, i + 3)\n swap(this, i + 1, i + 2)\n }\n return this\n}\n\nBuffer.prototype.swap64 = function swap64 () {\n var len = this.length\n if (len % 8 !== 0) {\n throw new RangeError('Buffer size must be a multiple of 64-bits')\n }\n for (var i = 0; i < len; i += 8) {\n swap(this, i, i + 7)\n swap(this, i + 1, i + 6)\n swap(this, i + 2, i + 5)\n swap(this, i + 3, i + 4)\n }\n return this\n}\n\nBuffer.prototype.toString = function toString () {\n var length = this.length | 0\n if (length === 0) return ''\n if (arguments.length === 0) return utf8Slice(this, 0, length)\n return slowToString.apply(this, arguments)\n}\n\nBuffer.prototype.equals = function equals (b) {\n if (!Buffer.isBuffer(b)) throw new TypeError('Argument must be a Buffer')\n if (this === b) return true\n return Buffer.compare(this, b) === 0\n}\n\nBuffer.prototype.inspect = function inspect () {\n var str = ''\n var max = exports.INSPECT_MAX_BYTES\n if (this.length > 0) {\n str = this.toString('hex', 0, max).match(/.{2}/g).join(' ')\n if (this.length > max) str += ' ... '\n }\n return ''\n}\n\nBuffer.prototype.compare = function compare (target, start, end, thisStart, thisEnd) {\n if (!Buffer.isBuffer(target)) {\n throw new TypeError('Argument must be a Buffer')\n }\n\n if (start === undefined) {\n start = 0\n }\n if (end === undefined) {\n end = target ? target.length : 0\n }\n if (thisStart === undefined) {\n thisStart = 0\n }\n if (thisEnd === undefined) {\n thisEnd = this.length\n }\n\n if (start < 0 || end > target.length || thisStart < 0 || thisEnd > this.length) {\n throw new RangeError('out of range index')\n }\n\n if (thisStart >= thisEnd && start >= end) {\n return 0\n }\n if (thisStart >= thisEnd) {\n return -1\n }\n if (start >= end) {\n return 1\n }\n\n start >>>= 0\n end >>>= 0\n thisStart >>>= 0\n thisEnd >>>= 0\n\n if (this === target) return 0\n\n var x = thisEnd - thisStart\n var y = end - start\n var len = Math.min(x, y)\n\n var thisCopy = this.slice(thisStart, thisEnd)\n var targetCopy = target.slice(start, end)\n\n for (var i = 0; i < len; ++i) {\n if (thisCopy[i] !== targetCopy[i]) {\n x = thisCopy[i]\n y = targetCopy[i]\n break\n }\n }\n\n if (x < y) return -1\n if (y < x) return 1\n return 0\n}\n\n// Finds either the first index of `val` in `buffer` at offset >= `byteOffset`,\n// OR the last index of `val` in `buffer` at offset <= `byteOffset`.\n//\n// Arguments:\n// - buffer - a Buffer to search\n// - val - a string, Buffer, or number\n// - byteOffset - an index into `buffer`; will be clamped to an int32\n// - encoding - an optional encoding, relevant is val is a string\n// - dir - true for indexOf, false for lastIndexOf\nfunction bidirectionalIndexOf (buffer, val, byteOffset, encoding, dir) {\n // Empty buffer means no match\n if (buffer.length === 0) return -1\n\n // Normalize byteOffset\n if (typeof byteOffset === 'string') {\n encoding = byteOffset\n byteOffset = 0\n } else if (byteOffset > 0x7fffffff) {\n byteOffset = 0x7fffffff\n } else if (byteOffset < -0x80000000) {\n byteOffset = -0x80000000\n }\n byteOffset = +byteOffset // Coerce to Number.\n if (isNaN(byteOffset)) {\n // byteOffset: it it's undefined, null, NaN, \"foo\", etc, search whole buffer\n byteOffset = dir ? 0 : (buffer.length - 1)\n }\n\n // Normalize byteOffset: negative offsets start from the end of the buffer\n if (byteOffset < 0) byteOffset = buffer.length + byteOffset\n if (byteOffset >= buffer.length) {\n if (dir) return -1\n else byteOffset = buffer.length - 1\n } else if (byteOffset < 0) {\n if (dir) byteOffset = 0\n else return -1\n }\n\n // Normalize val\n if (typeof val === 'string') {\n val = Buffer.from(val, encoding)\n }\n\n // Finally, search either indexOf (if dir is true) or lastIndexOf\n if (Buffer.isBuffer(val)) {\n // Special case: looking for empty string/buffer always fails\n if (val.length === 0) {\n return -1\n }\n return arrayIndexOf(buffer, val, byteOffset, encoding, dir)\n } else if (typeof val === 'number') {\n val = val & 0xFF // Search for a byte value [0-255]\n if (Buffer.TYPED_ARRAY_SUPPORT &&\n typeof Uint8Array.prototype.indexOf === 'function') {\n if (dir) {\n return Uint8Array.prototype.indexOf.call(buffer, val, byteOffset)\n } else {\n return Uint8Array.prototype.lastIndexOf.call(buffer, val, byteOffset)\n }\n }\n return arrayIndexOf(buffer, [ val ], byteOffset, encoding, dir)\n }\n\n throw new TypeError('val must be string, number or Buffer')\n}\n\nfunction arrayIndexOf (arr, val, byteOffset, encoding, dir) {\n var indexSize = 1\n var arrLength = arr.length\n var valLength = val.length\n\n if (encoding !== undefined) {\n encoding = String(encoding).toLowerCase()\n if (encoding === 'ucs2' || encoding === 'ucs-2' ||\n encoding === 'utf16le' || encoding === 'utf-16le') {\n if (arr.length < 2 || val.length < 2) {\n return -1\n }\n indexSize = 2\n arrLength /= 2\n valLength /= 2\n byteOffset /= 2\n }\n }\n\n function read (buf, i) {\n if (indexSize === 1) {\n return buf[i]\n } else {\n return buf.readUInt16BE(i * indexSize)\n }\n }\n\n var i\n if (dir) {\n var foundIndex = -1\n for (i = byteOffset; i < arrLength; i++) {\n if (read(arr, i) === read(val, foundIndex === -1 ? 0 : i - foundIndex)) {\n if (foundIndex === -1) foundIndex = i\n if (i - foundIndex + 1 === valLength) return foundIndex * indexSize\n } else {\n if (foundIndex !== -1) i -= i - foundIndex\n foundIndex = -1\n }\n }\n } else {\n if (byteOffset + valLength > arrLength) byteOffset = arrLength - valLength\n for (i = byteOffset; i >= 0; i--) {\n var found = true\n for (var j = 0; j < valLength; j++) {\n if (read(arr, i + j) !== read(val, j)) {\n found = false\n break\n }\n }\n if (found) return i\n }\n }\n\n return -1\n}\n\nBuffer.prototype.includes = function includes (val, byteOffset, encoding) {\n return this.indexOf(val, byteOffset, encoding) !== -1\n}\n\nBuffer.prototype.indexOf = function indexOf (val, byteOffset, encoding) {\n return bidirectionalIndexOf(this, val, byteOffset, encoding, true)\n}\n\nBuffer.prototype.lastIndexOf = function lastIndexOf (val, byteOffset, encoding) {\n return bidirectionalIndexOf(this, val, byteOffset, encoding, false)\n}\n\nfunction hexWrite (buf, string, offset, length) {\n offset = Number(offset) || 0\n var remaining = buf.length - offset\n if (!length) {\n length = remaining\n } else {\n length = Number(length)\n if (length > remaining) {\n length = remaining\n }\n }\n\n // must be an even number of digits\n var strLen = string.length\n if (strLen % 2 !== 0) throw new TypeError('Invalid hex string')\n\n if (length > strLen / 2) {\n length = strLen / 2\n }\n for (var i = 0; i < length; ++i) {\n var parsed = parseInt(string.substr(i * 2, 2), 16)\n if (isNaN(parsed)) return i\n buf[offset + i] = parsed\n }\n return i\n}\n\nfunction utf8Write (buf, string, offset, length) {\n return blitBuffer(utf8ToBytes(string, buf.length - offset), buf, offset, length)\n}\n\nfunction asciiWrite (buf, string, offset, length) {\n return blitBuffer(asciiToBytes(string), buf, offset, length)\n}\n\nfunction latin1Write (buf, string, offset, length) {\n return asciiWrite(buf, string, offset, length)\n}\n\nfunction base64Write (buf, string, offset, length) {\n return blitBuffer(base64ToBytes(string), buf, offset, length)\n}\n\nfunction ucs2Write (buf, string, offset, length) {\n return blitBuffer(utf16leToBytes(string, buf.length - offset), buf, offset, length)\n}\n\nBuffer.prototype.write = function write (string, offset, length, encoding) {\n // Buffer#write(string)\n if (offset === undefined) {\n encoding = 'utf8'\n length = this.length\n offset = 0\n // Buffer#write(string, encoding)\n } else if (length === undefined && typeof offset === 'string') {\n encoding = offset\n length = this.length\n offset = 0\n // Buffer#write(string, offset[, length][, encoding])\n } else if (isFinite(offset)) {\n offset = offset | 0\n if (isFinite(length)) {\n length = length | 0\n if (encoding === undefined) encoding = 'utf8'\n } else {\n encoding = length\n length = undefined\n }\n // legacy write(string, encoding, offset, length) - remove in v0.13\n } else {\n throw new Error(\n 'Buffer.write(string, encoding, offset[, length]) is no longer supported'\n )\n }\n\n var remaining = this.length - offset\n if (length === undefined || length > remaining) length = remaining\n\n if ((string.length > 0 && (length < 0 || offset < 0)) || offset > this.length) {\n throw new RangeError('Attempt to write outside buffer bounds')\n }\n\n if (!encoding) encoding = 'utf8'\n\n var loweredCase = false\n for (;;) {\n switch (encoding) {\n case 'hex':\n return hexWrite(this, string, offset, length)\n\n case 'utf8':\n case 'utf-8':\n return utf8Write(this, string, offset, length)\n\n case 'ascii':\n return asciiWrite(this, string, offset, length)\n\n case 'latin1':\n case 'binary':\n return latin1Write(this, string, offset, length)\n\n case 'base64':\n // Warning: maxLength not taken into account in base64Write\n return base64Write(this, string, offset, length)\n\n case 'ucs2':\n case 'ucs-2':\n case 'utf16le':\n case 'utf-16le':\n return ucs2Write(this, string, offset, length)\n\n default:\n if (loweredCase) throw new TypeError('Unknown encoding: ' + encoding)\n encoding = ('' + encoding).toLowerCase()\n loweredCase = true\n }\n }\n}\n\nBuffer.prototype.toJSON = function toJSON () {\n return {\n type: 'Buffer',\n data: Array.prototype.slice.call(this._arr || this, 0)\n }\n}\n\nfunction base64Slice (buf, start, end) {\n if (start === 0 && end === buf.length) {\n return base64.fromByteArray(buf)\n } else {\n return base64.fromByteArray(buf.slice(start, end))\n }\n}\n\nfunction utf8Slice (buf, start, end) {\n end = Math.min(buf.length, end)\n var res = []\n\n var i = start\n while (i < end) {\n var firstByte = buf[i]\n var codePoint = null\n var bytesPerSequence = (firstByte > 0xEF) ? 4\n : (firstByte > 0xDF) ? 3\n : (firstByte > 0xBF) ? 2\n : 1\n\n if (i + bytesPerSequence <= end) {\n var secondByte, thirdByte, fourthByte, tempCodePoint\n\n switch (bytesPerSequence) {\n case 1:\n if (firstByte < 0x80) {\n codePoint = firstByte\n }\n break\n case 2:\n secondByte = buf[i + 1]\n if ((secondByte & 0xC0) === 0x80) {\n tempCodePoint = (firstByte & 0x1F) << 0x6 | (secondByte & 0x3F)\n if (tempCodePoint > 0x7F) {\n codePoint = tempCodePoint\n }\n }\n break\n case 3:\n secondByte = buf[i + 1]\n thirdByte = buf[i + 2]\n if ((secondByte & 0xC0) === 0x80 && (thirdByte & 0xC0) === 0x80) {\n tempCodePoint = (firstByte & 0xF) << 0xC | (secondByte & 0x3F) << 0x6 | (thirdByte & 0x3F)\n if (tempCodePoint > 0x7FF && (tempCodePoint < 0xD800 || tempCodePoint > 0xDFFF)) {\n codePoint = tempCodePoint\n }\n }\n break\n case 4:\n secondByte = buf[i + 1]\n thirdByte = buf[i + 2]\n fourthByte = buf[i + 3]\n if ((secondByte & 0xC0) === 0x80 && (thirdByte & 0xC0) === 0x80 && (fourthByte & 0xC0) === 0x80) {\n tempCodePoint = (firstByte & 0xF) << 0x12 | (secondByte & 0x3F) << 0xC | (thirdByte & 0x3F) << 0x6 | (fourthByte & 0x3F)\n if (tempCodePoint > 0xFFFF && tempCodePoint < 0x110000) {\n codePoint = tempCodePoint\n }\n }\n }\n }\n\n if (codePoint === null) {\n // we did not generate a valid codePoint so insert a\n // replacement char (U+FFFD) and advance only 1 byte\n codePoint = 0xFFFD\n bytesPerSequence = 1\n } else if (codePoint > 0xFFFF) {\n // encode to utf16 (surrogate pair dance)\n codePoint -= 0x10000\n res.push(codePoint >>> 10 & 0x3FF | 0xD800)\n codePoint = 0xDC00 | codePoint & 0x3FF\n }\n\n res.push(codePoint)\n i += bytesPerSequence\n }\n\n return decodeCodePointsArray(res)\n}\n\n// Based on http://stackoverflow.com/a/22747272/680742, the browser with\n// the lowest limit is Chrome, with 0x10000 args.\n// We go 1 magnitude less, for safety\nvar MAX_ARGUMENTS_LENGTH = 0x1000\n\nfunction decodeCodePointsArray (codePoints) {\n var len = codePoints.length\n if (len <= MAX_ARGUMENTS_LENGTH) {\n return String.fromCharCode.apply(String, codePoints) // avoid extra slice()\n }\n\n // Decode in chunks to avoid \"call stack size exceeded\".\n var res = ''\n var i = 0\n while (i < len) {\n res += String.fromCharCode.apply(\n String,\n codePoints.slice(i, i += MAX_ARGUMENTS_LENGTH)\n )\n }\n return res\n}\n\nfunction asciiSlice (buf, start, end) {\n var ret = ''\n end = Math.min(buf.length, end)\n\n for (var i = start; i < end; ++i) {\n ret += String.fromCharCode(buf[i] & 0x7F)\n }\n return ret\n}\n\nfunction latin1Slice (buf, start, end) {\n var ret = ''\n end = Math.min(buf.length, end)\n\n for (var i = start; i < end; ++i) {\n ret += String.fromCharCode(buf[i])\n }\n return ret\n}\n\nfunction hexSlice (buf, start, end) {\n var len = buf.length\n\n if (!start || start < 0) start = 0\n if (!end || end < 0 || end > len) end = len\n\n var out = ''\n for (var i = start; i < end; ++i) {\n out += toHex(buf[i])\n }\n return out\n}\n\nfunction utf16leSlice (buf, start, end) {\n var bytes = buf.slice(start, end)\n var res = ''\n for (var i = 0; i < bytes.length; i += 2) {\n res += String.fromCharCode(bytes[i] + bytes[i + 1] * 256)\n }\n return res\n}\n\nBuffer.prototype.slice = function slice (start, end) {\n var len = this.length\n start = ~~start\n end = end === undefined ? len : ~~end\n\n if (start < 0) {\n start += len\n if (start < 0) start = 0\n } else if (start > len) {\n start = len\n }\n\n if (end < 0) {\n end += len\n if (end < 0) end = 0\n } else if (end > len) {\n end = len\n }\n\n if (end < start) end = start\n\n var newBuf\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n newBuf = this.subarray(start, end)\n newBuf.__proto__ = Buffer.prototype\n } else {\n var sliceLen = end - start\n newBuf = new Buffer(sliceLen, undefined)\n for (var i = 0; i < sliceLen; ++i) {\n newBuf[i] = this[i + start]\n }\n }\n\n return newBuf\n}\n\n/*\n * Need to make sure that buffer isn't trying to write out of bounds.\n */\nfunction checkOffset (offset, ext, length) {\n if ((offset % 1) !== 0 || offset < 0) throw new RangeError('offset is not uint')\n if (offset + ext > length) throw new RangeError('Trying to access beyond buffer length')\n}\n\nBuffer.prototype.readUIntLE = function readUIntLE (offset, byteLength, noAssert) {\n offset = offset | 0\n byteLength = byteLength | 0\n if (!noAssert) checkOffset(offset, byteLength, this.length)\n\n var val = this[offset]\n var mul = 1\n var i = 0\n while (++i < byteLength && (mul *= 0x100)) {\n val += this[offset + i] * mul\n }\n\n return val\n}\n\nBuffer.prototype.readUIntBE = function readUIntBE (offset, byteLength, noAssert) {\n offset = offset | 0\n byteLength = byteLength | 0\n if (!noAssert) {\n checkOffset(offset, byteLength, this.length)\n }\n\n var val = this[offset + --byteLength]\n var mul = 1\n while (byteLength > 0 && (mul *= 0x100)) {\n val += this[offset + --byteLength] * mul\n }\n\n return val\n}\n\nBuffer.prototype.readUInt8 = function readUInt8 (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 1, this.length)\n return this[offset]\n}\n\nBuffer.prototype.readUInt16LE = function readUInt16LE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 2, this.length)\n return this[offset] | (this[offset + 1] << 8)\n}\n\nBuffer.prototype.readUInt16BE = function readUInt16BE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 2, this.length)\n return (this[offset] << 8) | this[offset + 1]\n}\n\nBuffer.prototype.readUInt32LE = function readUInt32LE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 4, this.length)\n\n return ((this[offset]) |\n (this[offset + 1] << 8) |\n (this[offset + 2] << 16)) +\n (this[offset + 3] * 0x1000000)\n}\n\nBuffer.prototype.readUInt32BE = function readUInt32BE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 4, this.length)\n\n return (this[offset] * 0x1000000) +\n ((this[offset + 1] << 16) |\n (this[offset + 2] << 8) |\n this[offset + 3])\n}\n\nBuffer.prototype.readIntLE = function readIntLE (offset, byteLength, noAssert) {\n offset = offset | 0\n byteLength = byteLength | 0\n if (!noAssert) checkOffset(offset, byteLength, this.length)\n\n var val = this[offset]\n var mul = 1\n var i = 0\n while (++i < byteLength && (mul *= 0x100)) {\n val += this[offset + i] * mul\n }\n mul *= 0x80\n\n if (val >= mul) val -= Math.pow(2, 8 * byteLength)\n\n return val\n}\n\nBuffer.prototype.readIntBE = function readIntBE (offset, byteLength, noAssert) {\n offset = offset | 0\n byteLength = byteLength | 0\n if (!noAssert) checkOffset(offset, byteLength, this.length)\n\n var i = byteLength\n var mul = 1\n var val = this[offset + --i]\n while (i > 0 && (mul *= 0x100)) {\n val += this[offset + --i] * mul\n }\n mul *= 0x80\n\n if (val >= mul) val -= Math.pow(2, 8 * byteLength)\n\n return val\n}\n\nBuffer.prototype.readInt8 = function readInt8 (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 1, this.length)\n if (!(this[offset] & 0x80)) return (this[offset])\n return ((0xff - this[offset] + 1) * -1)\n}\n\nBuffer.prototype.readInt16LE = function readInt16LE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 2, this.length)\n var val = this[offset] | (this[offset + 1] << 8)\n return (val & 0x8000) ? val | 0xFFFF0000 : val\n}\n\nBuffer.prototype.readInt16BE = function readInt16BE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 2, this.length)\n var val = this[offset + 1] | (this[offset] << 8)\n return (val & 0x8000) ? val | 0xFFFF0000 : val\n}\n\nBuffer.prototype.readInt32LE = function readInt32LE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 4, this.length)\n\n return (this[offset]) |\n (this[offset + 1] << 8) |\n (this[offset + 2] << 16) |\n (this[offset + 3] << 24)\n}\n\nBuffer.prototype.readInt32BE = function readInt32BE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 4, this.length)\n\n return (this[offset] << 24) |\n (this[offset + 1] << 16) |\n (this[offset + 2] << 8) |\n (this[offset + 3])\n}\n\nBuffer.prototype.readFloatLE = function readFloatLE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 4, this.length)\n return ieee754.read(this, offset, true, 23, 4)\n}\n\nBuffer.prototype.readFloatBE = function readFloatBE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 4, this.length)\n return ieee754.read(this, offset, false, 23, 4)\n}\n\nBuffer.prototype.readDoubleLE = function readDoubleLE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 8, this.length)\n return ieee754.read(this, offset, true, 52, 8)\n}\n\nBuffer.prototype.readDoubleBE = function readDoubleBE (offset, noAssert) {\n if (!noAssert) checkOffset(offset, 8, this.length)\n return ieee754.read(this, offset, false, 52, 8)\n}\n\nfunction checkInt (buf, value, offset, ext, max, min) {\n if (!Buffer.isBuffer(buf)) throw new TypeError('\"buffer\" argument must be a Buffer instance')\n if (value > max || value < min) throw new RangeError('\"value\" argument is out of bounds')\n if (offset + ext > buf.length) throw new RangeError('Index out of range')\n}\n\nBuffer.prototype.writeUIntLE = function writeUIntLE (value, offset, byteLength, noAssert) {\n value = +value\n offset = offset | 0\n byteLength = byteLength | 0\n if (!noAssert) {\n var maxBytes = Math.pow(2, 8 * byteLength) - 1\n checkInt(this, value, offset, byteLength, maxBytes, 0)\n }\n\n var mul = 1\n var i = 0\n this[offset] = value & 0xFF\n while (++i < byteLength && (mul *= 0x100)) {\n this[offset + i] = (value / mul) & 0xFF\n }\n\n return offset + byteLength\n}\n\nBuffer.prototype.writeUIntBE = function writeUIntBE (value, offset, byteLength, noAssert) {\n value = +value\n offset = offset | 0\n byteLength = byteLength | 0\n if (!noAssert) {\n var maxBytes = Math.pow(2, 8 * byteLength) - 1\n checkInt(this, value, offset, byteLength, maxBytes, 0)\n }\n\n var i = byteLength - 1\n var mul = 1\n this[offset + i] = value & 0xFF\n while (--i >= 0 && (mul *= 0x100)) {\n this[offset + i] = (value / mul) & 0xFF\n }\n\n return offset + byteLength\n}\n\nBuffer.prototype.writeUInt8 = function writeUInt8 (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 1, 0xff, 0)\n if (!Buffer.TYPED_ARRAY_SUPPORT) value = Math.floor(value)\n this[offset] = (value & 0xff)\n return offset + 1\n}\n\nfunction objectWriteUInt16 (buf, value, offset, littleEndian) {\n if (value < 0) value = 0xffff + value + 1\n for (var i = 0, j = Math.min(buf.length - offset, 2); i < j; ++i) {\n buf[offset + i] = (value & (0xff << (8 * (littleEndian ? i : 1 - i)))) >>>\n (littleEndian ? i : 1 - i) * 8\n }\n}\n\nBuffer.prototype.writeUInt16LE = function writeUInt16LE (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 2, 0xffff, 0)\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n this[offset] = (value & 0xff)\n this[offset + 1] = (value >>> 8)\n } else {\n objectWriteUInt16(this, value, offset, true)\n }\n return offset + 2\n}\n\nBuffer.prototype.writeUInt16BE = function writeUInt16BE (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 2, 0xffff, 0)\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n this[offset] = (value >>> 8)\n this[offset + 1] = (value & 0xff)\n } else {\n objectWriteUInt16(this, value, offset, false)\n }\n return offset + 2\n}\n\nfunction objectWriteUInt32 (buf, value, offset, littleEndian) {\n if (value < 0) value = 0xffffffff + value + 1\n for (var i = 0, j = Math.min(buf.length - offset, 4); i < j; ++i) {\n buf[offset + i] = (value >>> (littleEndian ? i : 3 - i) * 8) & 0xff\n }\n}\n\nBuffer.prototype.writeUInt32LE = function writeUInt32LE (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 4, 0xffffffff, 0)\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n this[offset + 3] = (value >>> 24)\n this[offset + 2] = (value >>> 16)\n this[offset + 1] = (value >>> 8)\n this[offset] = (value & 0xff)\n } else {\n objectWriteUInt32(this, value, offset, true)\n }\n return offset + 4\n}\n\nBuffer.prototype.writeUInt32BE = function writeUInt32BE (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 4, 0xffffffff, 0)\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n this[offset] = (value >>> 24)\n this[offset + 1] = (value >>> 16)\n this[offset + 2] = (value >>> 8)\n this[offset + 3] = (value & 0xff)\n } else {\n objectWriteUInt32(this, value, offset, false)\n }\n return offset + 4\n}\n\nBuffer.prototype.writeIntLE = function writeIntLE (value, offset, byteLength, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) {\n var limit = Math.pow(2, 8 * byteLength - 1)\n\n checkInt(this, value, offset, byteLength, limit - 1, -limit)\n }\n\n var i = 0\n var mul = 1\n var sub = 0\n this[offset] = value & 0xFF\n while (++i < byteLength && (mul *= 0x100)) {\n if (value < 0 && sub === 0 && this[offset + i - 1] !== 0) {\n sub = 1\n }\n this[offset + i] = ((value / mul) >> 0) - sub & 0xFF\n }\n\n return offset + byteLength\n}\n\nBuffer.prototype.writeIntBE = function writeIntBE (value, offset, byteLength, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) {\n var limit = Math.pow(2, 8 * byteLength - 1)\n\n checkInt(this, value, offset, byteLength, limit - 1, -limit)\n }\n\n var i = byteLength - 1\n var mul = 1\n var sub = 0\n this[offset + i] = value & 0xFF\n while (--i >= 0 && (mul *= 0x100)) {\n if (value < 0 && sub === 0 && this[offset + i + 1] !== 0) {\n sub = 1\n }\n this[offset + i] = ((value / mul) >> 0) - sub & 0xFF\n }\n\n return offset + byteLength\n}\n\nBuffer.prototype.writeInt8 = function writeInt8 (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 1, 0x7f, -0x80)\n if (!Buffer.TYPED_ARRAY_SUPPORT) value = Math.floor(value)\n if (value < 0) value = 0xff + value + 1\n this[offset] = (value & 0xff)\n return offset + 1\n}\n\nBuffer.prototype.writeInt16LE = function writeInt16LE (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 2, 0x7fff, -0x8000)\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n this[offset] = (value & 0xff)\n this[offset + 1] = (value >>> 8)\n } else {\n objectWriteUInt16(this, value, offset, true)\n }\n return offset + 2\n}\n\nBuffer.prototype.writeInt16BE = function writeInt16BE (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 2, 0x7fff, -0x8000)\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n this[offset] = (value >>> 8)\n this[offset + 1] = (value & 0xff)\n } else {\n objectWriteUInt16(this, value, offset, false)\n }\n return offset + 2\n}\n\nBuffer.prototype.writeInt32LE = function writeInt32LE (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 4, 0x7fffffff, -0x80000000)\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n this[offset] = (value & 0xff)\n this[offset + 1] = (value >>> 8)\n this[offset + 2] = (value >>> 16)\n this[offset + 3] = (value >>> 24)\n } else {\n objectWriteUInt32(this, value, offset, true)\n }\n return offset + 4\n}\n\nBuffer.prototype.writeInt32BE = function writeInt32BE (value, offset, noAssert) {\n value = +value\n offset = offset | 0\n if (!noAssert) checkInt(this, value, offset, 4, 0x7fffffff, -0x80000000)\n if (value < 0) value = 0xffffffff + value + 1\n if (Buffer.TYPED_ARRAY_SUPPORT) {\n this[offset] = (value >>> 24)\n this[offset + 1] = (value >>> 16)\n this[offset + 2] = (value >>> 8)\n this[offset + 3] = (value & 0xff)\n } else {\n objectWriteUInt32(this, value, offset, false)\n }\n return offset + 4\n}\n\nfunction checkIEEE754 (buf, value, offset, ext, max, min) {\n if (offset + ext > buf.length) throw new RangeError('Index out of range')\n if (offset < 0) throw new RangeError('Index out of range')\n}\n\nfunction writeFloat (buf, value, offset, littleEndian, noAssert) {\n if (!noAssert) {\n checkIEEE754(buf, value, offset, 4, 3.4028234663852886e+38, -3.4028234663852886e+38)\n }\n ieee754.write(buf, value, offset, littleEndian, 23, 4)\n return offset + 4\n}\n\nBuffer.prototype.writeFloatLE = function writeFloatLE (value, offset, noAssert) {\n return writeFloat(this, value, offset, true, noAssert)\n}\n\nBuffer.prototype.writeFloatBE = function writeFloatBE (value, offset, noAssert) {\n return writeFloat(this, value, offset, false, noAssert)\n}\n\nfunction writeDouble (buf, value, offset, littleEndian, noAssert) {\n if (!noAssert) {\n checkIEEE754(buf, value, offset, 8, 1.7976931348623157E+308, -1.7976931348623157E+308)\n }\n ieee754.write(buf, value, offset, littleEndian, 52, 8)\n return offset + 8\n}\n\nBuffer.prototype.writeDoubleLE = function writeDoubleLE (value, offset, noAssert) {\n return writeDouble(this, value, offset, true, noAssert)\n}\n\nBuffer.prototype.writeDoubleBE = function writeDoubleBE (value, offset, noAssert) {\n return writeDouble(this, value, offset, false, noAssert)\n}\n\n// copy(targetBuffer, targetStart=0, sourceStart=0, sourceEnd=buffer.length)\nBuffer.prototype.copy = function copy (target, targetStart, start, end) {\n if (!start) start = 0\n if (!end && end !== 0) end = this.length\n if (targetStart >= target.length) targetStart = target.length\n if (!targetStart) targetStart = 0\n if (end > 0 && end < start) end = start\n\n // Copy 0 bytes; we're done\n if (end === start) return 0\n if (target.length === 0 || this.length === 0) return 0\n\n // Fatal error conditions\n if (targetStart < 0) {\n throw new RangeError('targetStart out of bounds')\n }\n if (start < 0 || start >= this.length) throw new RangeError('sourceStart out of bounds')\n if (end < 0) throw new RangeError('sourceEnd out of bounds')\n\n // Are we oob?\n if (end > this.length) end = this.length\n if (target.length - targetStart < end - start) {\n end = target.length - targetStart + start\n }\n\n var len = end - start\n var i\n\n if (this === target && start < targetStart && targetStart < end) {\n // descending copy from end\n for (i = len - 1; i >= 0; --i) {\n target[i + targetStart] = this[i + start]\n }\n } else if (len < 1000 || !Buffer.TYPED_ARRAY_SUPPORT) {\n // ascending copy from start\n for (i = 0; i < len; ++i) {\n target[i + targetStart] = this[i + start]\n }\n } else {\n Uint8Array.prototype.set.call(\n target,\n this.subarray(start, start + len),\n targetStart\n )\n }\n\n return len\n}\n\n// Usage:\n// buffer.fill(number[, offset[, end]])\n// buffer.fill(buffer[, offset[, end]])\n// buffer.fill(string[, offset[, end]][, encoding])\nBuffer.prototype.fill = function fill (val, start, end, encoding) {\n // Handle string cases:\n if (typeof val === 'string') {\n if (typeof start === 'string') {\n encoding = start\n start = 0\n end = this.length\n } else if (typeof end === 'string') {\n encoding = end\n end = this.length\n }\n if (val.length === 1) {\n var code = val.charCodeAt(0)\n if (code < 256) {\n val = code\n }\n }\n if (encoding !== undefined && typeof encoding !== 'string') {\n throw new TypeError('encoding must be a string')\n }\n if (typeof encoding === 'string' && !Buffer.isEncoding(encoding)) {\n throw new TypeError('Unknown encoding: ' + encoding)\n }\n } else if (typeof val === 'number') {\n val = val & 255\n }\n\n // Invalid ranges are not set to a default, so can range check early.\n if (start < 0 || this.length < start || this.length < end) {\n throw new RangeError('Out of range index')\n }\n\n if (end <= start) {\n return this\n }\n\n start = start >>> 0\n end = end === undefined ? this.length : end >>> 0\n\n if (!val) val = 0\n\n var i\n if (typeof val === 'number') {\n for (i = start; i < end; ++i) {\n this[i] = val\n }\n } else {\n var bytes = Buffer.isBuffer(val)\n ? val\n : utf8ToBytes(new Buffer(val, encoding).toString())\n var len = bytes.length\n for (i = 0; i < end - start; ++i) {\n this[i + start] = bytes[i % len]\n }\n }\n\n return this\n}\n\n// HELPER FUNCTIONS\n// ================\n\nvar INVALID_BASE64_RE = /[^+\\/0-9A-Za-z-_]/g\n\nfunction base64clean (str) {\n // Node strips out invalid characters like \\n and \\t from the string, base64-js does not\n str = stringtrim(str).replace(INVALID_BASE64_RE, '')\n // Node converts strings with length < 2 to ''\n if (str.length < 2) return ''\n // Node allows for non-padded base64 strings (missing trailing ===), base64-js does not\n while (str.length % 4 !== 0) {\n str = str + '='\n }\n return str\n}\n\nfunction stringtrim (str) {\n if (str.trim) return str.trim()\n return str.replace(/^\\s+|\\s+$/g, '')\n}\n\nfunction toHex (n) {\n if (n < 16) return '0' + n.toString(16)\n return n.toString(16)\n}\n\nfunction utf8ToBytes (string, units) {\n units = units || Infinity\n var codePoint\n var length = string.length\n var leadSurrogate = null\n var bytes = []\n\n for (var i = 0; i < length; ++i) {\n codePoint = string.charCodeAt(i)\n\n // is surrogate component\n if (codePoint > 0xD7FF && codePoint < 0xE000) {\n // last char was a lead\n if (!leadSurrogate) {\n // no lead yet\n if (codePoint > 0xDBFF) {\n // unexpected trail\n if ((units -= 3) > -1) bytes.push(0xEF, 0xBF, 0xBD)\n continue\n } else if (i + 1 === length) {\n // unpaired lead\n if ((units -= 3) > -1) bytes.push(0xEF, 0xBF, 0xBD)\n continue\n }\n\n // valid lead\n leadSurrogate = codePoint\n\n continue\n }\n\n // 2 leads in a row\n if (codePoint < 0xDC00) {\n if ((units -= 3) > -1) bytes.push(0xEF, 0xBF, 0xBD)\n leadSurrogate = codePoint\n continue\n }\n\n // valid surrogate pair\n codePoint = (leadSurrogate - 0xD800 << 10 | codePoint - 0xDC00) + 0x10000\n } else if (leadSurrogate) {\n // valid bmp char, but last char was a lead\n if ((units -= 3) > -1) bytes.push(0xEF, 0xBF, 0xBD)\n }\n\n leadSurrogate = null\n\n // encode utf8\n if (codePoint < 0x80) {\n if ((units -= 1) < 0) break\n bytes.push(codePoint)\n } else if (codePoint < 0x800) {\n if ((units -= 2) < 0) break\n bytes.push(\n codePoint >> 0x6 | 0xC0,\n codePoint & 0x3F | 0x80\n )\n } else if (codePoint < 0x10000) {\n if ((units -= 3) < 0) break\n bytes.push(\n codePoint >> 0xC | 0xE0,\n codePoint >> 0x6 & 0x3F | 0x80,\n codePoint & 0x3F | 0x80\n )\n } else if (codePoint < 0x110000) {\n if ((units -= 4) < 0) break\n bytes.push(\n codePoint >> 0x12 | 0xF0,\n codePoint >> 0xC & 0x3F | 0x80,\n codePoint >> 0x6 & 0x3F | 0x80,\n codePoint & 0x3F | 0x80\n )\n } else {\n throw new Error('Invalid code point')\n }\n }\n\n return bytes\n}\n\nfunction asciiToBytes (str) {\n var byteArray = []\n for (var i = 0; i < str.length; ++i) {\n // Node's code seems to be doing this and not & 0x7F..\n byteArray.push(str.charCodeAt(i) & 0xFF)\n }\n return byteArray\n}\n\nfunction utf16leToBytes (str, units) {\n var c, hi, lo\n var byteArray = []\n for (var i = 0; i < str.length; ++i) {\n if ((units -= 2) < 0) break\n\n c = str.charCodeAt(i)\n hi = c >> 8\n lo = c % 256\n byteArray.push(lo)\n byteArray.push(hi)\n }\n\n return byteArray\n}\n\nfunction base64ToBytes (str) {\n return base64.toByteArray(base64clean(str))\n}\n\nfunction blitBuffer (src, dst, offset, length) {\n for (var i = 0; i < length; ++i) {\n if ((i + offset >= dst.length) || (i >= src.length)) break\n dst[i + offset] = src[i]\n }\n return i\n}\n\nfunction isnan (val) {\n return val !== val // eslint-disable-line no-self-compare\n}\n","'use strict';\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\n\nvar _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; };\n\nexports.default = generatePropsFromAttributes;\n\nvar _htmlAttributesToReact = require('./htmlAttributesToReact');\n\nvar _htmlAttributesToReact2 = _interopRequireDefault(_htmlAttributesToReact);\n\nvar _inlineStyleToObject = require('./inlineStyleToObject');\n\nvar _inlineStyleToObject2 = _interopRequireDefault(_inlineStyleToObject);\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n/**\n * Generates props for a React element from an object of HTML attributes\n *\n * @param {Object} attributes The HTML attributes\n * @param {String} key The key to give the react element\n */\nfunction generatePropsFromAttributes(attributes, key) {\n\n // generate props\n var props = _extends({}, (0, _htmlAttributesToReact2.default)(attributes), { key: key });\n\n // if there is an inline/string style prop then convert it to a React style object\n // otherwise, it is invalid and omitted\n if (typeof props.style === 'string' || props.style instanceof String) {\n props.style = (0, _inlineStyleToObject2.default)(props.style);\n } else {\n delete props.style;\n }\n\n return props;\n}","\"use strict\";\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = isValidTagOrAttributeName;\nvar VALID_TAG_REGEX = /^[a-zA-Z][a-zA-Z:_\\.\\-\\d]*$/;\n\nvar nameCache = {};\n\nfunction isValidTagOrAttributeName(tagName) {\n if (!nameCache.hasOwnProperty(tagName)) {\n nameCache[tagName] = VALID_TAG_REGEX.test(tagName);\n }\n return nameCache[tagName];\n}","export default function symbolObservablePonyfill(root) {\n\tvar result;\n\tvar Symbol = root.Symbol;\n\n\tif (typeof Symbol === 'function') {\n\t\tif (Symbol.observable) {\n\t\t\tresult = Symbol.observable;\n\t\t} else {\n\t\t\tresult = Symbol('observable');\n\t\t\tSymbol.observable = result;\n\t\t}\n\t} else {\n\t\tresult = '@@observable';\n\t}\n\n\treturn result;\n};\n","\"use strict\";\n\nvar compose = require('redux').compose;\n\nexports.__esModule = true;\nexports.composeWithDevTools = (\n typeof window !== 'undefined' && window.__REDUX_DEVTOOLS_EXTENSION_COMPOSE__ ?\n window.__REDUX_DEVTOOLS_EXTENSION_COMPOSE__ :\n function() {\n if (arguments.length === 0) return undefined;\n if (typeof arguments[0] === 'object') return compose;\n return compose.apply(null, arguments);\n }\n);\n\nexports.devToolsEnhancer = (\n typeof window !== 'undefined' && window.__REDUX_DEVTOOLS_EXTENSION__ ?\n window.__REDUX_DEVTOOLS_EXTENSION__ :\n function() { return function(noop) { return noop; } }\n);\n","function createThunkMiddleware(extraArgument) {\n return function (_ref) {\n var dispatch = _ref.dispatch,\n getState = _ref.getState;\n return function (next) {\n return function (action) {\n if (typeof action === 'function') {\n return action(dispatch, getState, extraArgument);\n }\n\n return next(action);\n };\n };\n };\n}\n\nvar thunk = createThunkMiddleware();\nthunk.withExtraArgument = createThunkMiddleware;\n\nexport default thunk;","// @flow\n'use strict';\n\nvar key = '__global_unique_id__';\n\nmodule.exports = function() {\n return global[key] = (global[key] || 0) + 1;\n};\n","'use strict';\n\nfunction _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; }\n\nvar React = require('react');\nvar React__default = _interopDefault(React);\n\nfunction _defineProperty(obj, key, value) {\n if (key in obj) {\n Object.defineProperty(obj, key, {\n value: value,\n enumerable: true,\n configurable: true,\n writable: true\n });\n } else {\n obj[key] = value;\n }\n\n return obj;\n}\n\nfunction _inheritsLoose(subClass, superClass) {\n subClass.prototype = Object.create(superClass.prototype);\n subClass.prototype.constructor = subClass;\n subClass.__proto__ = superClass;\n}\n\nvar canUseDOM = !!(typeof window !== 'undefined' && window.document && window.document.createElement);\nfunction withSideEffect(reducePropsToState, handleStateChangeOnClient, mapStateOnServer) {\n if (typeof reducePropsToState !== 'function') {\n throw new Error('Expected reducePropsToState to be a function.');\n }\n\n if (typeof handleStateChangeOnClient !== 'function') {\n throw new Error('Expected handleStateChangeOnClient to be a function.');\n }\n\n if (typeof mapStateOnServer !== 'undefined' && typeof mapStateOnServer !== 'function') {\n throw new Error('Expected mapStateOnServer to either be undefined or a function.');\n }\n\n function getDisplayName(WrappedComponent) {\n return WrappedComponent.displayName || WrappedComponent.name || 'Component';\n }\n\n return function wrap(WrappedComponent) {\n if (typeof WrappedComponent !== 'function') {\n throw new Error('Expected WrappedComponent to be a React component.');\n }\n\n var mountedInstances = [];\n var state;\n\n function emitChange() {\n state = reducePropsToState(mountedInstances.map(function (instance) {\n return instance.props;\n }));\n\n if (SideEffect.canUseDOM) {\n handleStateChangeOnClient(state);\n } else if (mapStateOnServer) {\n state = mapStateOnServer(state);\n }\n }\n\n var SideEffect = /*#__PURE__*/function (_PureComponent) {\n _inheritsLoose(SideEffect, _PureComponent);\n\n function SideEffect() {\n return _PureComponent.apply(this, arguments) || this;\n }\n\n // Try to use displayName of wrapped component\n // Expose canUseDOM so tests can monkeypatch it\n SideEffect.peek = function peek() {\n return state;\n };\n\n SideEffect.rewind = function rewind() {\n if (SideEffect.canUseDOM) {\n throw new Error('You may only call rewind() on the server. Call peek() to read the current state.');\n }\n\n var recordedState = state;\n state = undefined;\n mountedInstances = [];\n return recordedState;\n };\n\n var _proto = SideEffect.prototype;\n\n _proto.UNSAFE_componentWillMount = function UNSAFE_componentWillMount() {\n mountedInstances.push(this);\n emitChange();\n };\n\n _proto.componentDidUpdate = function componentDidUpdate() {\n emitChange();\n };\n\n _proto.componentWillUnmount = function componentWillUnmount() {\n var index = mountedInstances.indexOf(this);\n mountedInstances.splice(index, 1);\n emitChange();\n };\n\n _proto.render = function render() {\n return /*#__PURE__*/React__default.createElement(WrappedComponent, this.props);\n };\n\n return SideEffect;\n }(React.PureComponent);\n\n _defineProperty(SideEffect, \"displayName\", \"SideEffect(\" + getDisplayName(WrappedComponent) + \")\");\n\n _defineProperty(SideEffect, \"canUseDOM\", canUseDOM);\n\n return SideEffect;\n };\n}\n\nmodule.exports = withSideEffect;\n","/* global Map:readonly, Set:readonly, ArrayBuffer:readonly */\n\nvar hasElementType = typeof Element !== 'undefined';\nvar hasMap = typeof Map === 'function';\nvar hasSet = typeof Set === 'function';\nvar hasArrayBuffer = typeof ArrayBuffer === 'function' && !!ArrayBuffer.isView;\n\n// Note: We **don't** need `envHasBigInt64Array` in fde es6/index.js\n\nfunction equal(a, b) {\n // START: fast-deep-equal es6/index.js 3.1.1\n if (a === b) return true;\n\n if (a && b && typeof a == 'object' && typeof b == 'object') {\n if (a.constructor !== b.constructor) return false;\n\n var length, i, keys;\n if (Array.isArray(a)) {\n length = a.length;\n if (length != b.length) return false;\n for (i = length; i-- !== 0;)\n if (!equal(a[i], b[i])) return false;\n return true;\n }\n\n // START: Modifications:\n // 1. Extra `has &&` helpers in initial condition allow es6 code\n // to co-exist with es5.\n // 2. Replace `for of` with es5 compliant iteration using `for`.\n // Basically, take:\n //\n // ```js\n // for (i of a.entries())\n // if (!b.has(i[0])) return false;\n // ```\n //\n // ... and convert to:\n //\n // ```js\n // it = a.entries();\n // while (!(i = it.next()).done)\n // if (!b.has(i.value[0])) return false;\n // ```\n //\n // **Note**: `i` access switches to `i.value`.\n var it;\n if (hasMap && (a instanceof Map) && (b instanceof Map)) {\n if (a.size !== b.size) return false;\n it = a.entries();\n while (!(i = it.next()).done)\n if (!b.has(i.value[0])) return false;\n it = a.entries();\n while (!(i = it.next()).done)\n if (!equal(i.value[1], b.get(i.value[0]))) return false;\n return true;\n }\n\n if (hasSet && (a instanceof Set) && (b instanceof Set)) {\n if (a.size !== b.size) return false;\n it = a.entries();\n while (!(i = it.next()).done)\n if (!b.has(i.value[0])) return false;\n return true;\n }\n // END: Modifications\n\n if (hasArrayBuffer && ArrayBuffer.isView(a) && ArrayBuffer.isView(b)) {\n length = a.length;\n if (length != b.length) return false;\n for (i = length; i-- !== 0;)\n if (a[i] !== b[i]) return false;\n return true;\n }\n\n if (a.constructor === RegExp) return a.source === b.source && a.flags === b.flags;\n if (a.valueOf !== Object.prototype.valueOf) return a.valueOf() === b.valueOf();\n if (a.toString !== Object.prototype.toString) return a.toString() === b.toString();\n\n keys = Object.keys(a);\n length = keys.length;\n if (length !== Object.keys(b).length) return false;\n\n for (i = length; i-- !== 0;)\n if (!Object.prototype.hasOwnProperty.call(b, keys[i])) return false;\n // END: fast-deep-equal\n\n // START: react-fast-compare\n // custom handling for DOM elements\n if (hasElementType && a instanceof Element) return false;\n\n // custom handling for React/Preact\n for (i = length; i-- !== 0;) {\n if ((keys[i] === '_owner' || keys[i] === '__v' || keys[i] === '__o') && a.$$typeof) {\n // React-specific: avoid traversing React elements' _owner\n // Preact-specific: avoid traversing Preact elements' __v and __o\n // __v = $_original / $_vnode\n // __o = $_owner\n // These properties contain circular references and are not needed when\n // comparing the actual elements (and not their owners)\n // .$$typeof and ._store on just reasonable markers of elements\n\n continue;\n }\n\n // all other properties should be traversed as usual\n if (!equal(a[keys[i]], b[keys[i]])) return false;\n }\n // END: react-fast-compare\n\n // START: fast-deep-equal\n return true;\n }\n\n return a !== a && b !== b;\n}\n// end fast-deep-equal\n\nmodule.exports = function isEqual(a, b) {\n try {\n return equal(a, b);\n } catch (error) {\n if (((error.message || '').match(/stack|recursion/i))) {\n // warn on circular references, don't crash\n // browsers give this different errors name and messages:\n // chrome/safari: \"RangeError\", \"Maximum call stack size exceeded\"\n // firefox: \"InternalError\", too much recursion\"\n // edge: \"Error\", \"Out of stack space\"\n console.warn('react-fast-compare cannot handle circular refs');\n return false;\n }\n // some other error. we should definitely know about these\n throw error;\n }\n};\n","\"use strict\";\n\nexports.__esModule = true;\nexports.default = exports.EXITING = exports.ENTERED = exports.ENTERING = exports.EXITED = exports.UNMOUNTED = void 0;\n\nvar PropTypes = _interopRequireWildcard(require(\"prop-types\"));\n\nvar _react = _interopRequireDefault(require(\"react\"));\n\nvar _reactDom = _interopRequireDefault(require(\"react-dom\"));\n\nvar _reactLifecyclesCompat = require(\"react-lifecycles-compat\");\n\nvar _PropTypes = require(\"./utils/PropTypes\");\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { var desc = Object.defineProperty && Object.getOwnPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : {}; if (desc.get || desc.set) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } } newObj.default = obj; return newObj; } }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\nfunction _inheritsLoose(subClass, superClass) { subClass.prototype = Object.create(superClass.prototype); subClass.prototype.constructor = subClass; subClass.__proto__ = superClass; }\n\nvar UNMOUNTED = 'unmounted';\nexports.UNMOUNTED = UNMOUNTED;\nvar EXITED = 'exited';\nexports.EXITED = EXITED;\nvar ENTERING = 'entering';\nexports.ENTERING = ENTERING;\nvar ENTERED = 'entered';\nexports.ENTERED = ENTERED;\nvar EXITING = 'exiting';\n/**\n * The Transition component lets you describe a transition from one component\n * state to another _over time_ with a simple declarative API. Most commonly\n * it's used to animate the mounting and unmounting of a component, but can also\n * be used to describe in-place transition states as well.\n *\n * ---\n *\n * **Note**: `Transition` is a platform-agnostic base component. If you're using\n * transitions in CSS, you'll probably want to use\n * [`CSSTransition`](https://reactcommunity.org/react-transition-group/css-transition)\n * instead. It inherits all the features of `Transition`, but contains\n * additional features necessary to play nice with CSS transitions (hence the\n * name of the component).\n *\n * ---\n *\n * By default the `Transition` component does not alter the behavior of the\n * component it renders, it only tracks \"enter\" and \"exit\" states for the\n * components. It's up to you to give meaning and effect to those states. For\n * example we can add styles to a component when it enters or exits:\n *\n * ```jsx\n * import { Transition } from 'react-transition-group';\n *\n * const duration = 300;\n *\n * const defaultStyle = {\n * transition: `opacity ${duration}ms ease-in-out`,\n * opacity: 0,\n * }\n *\n * const transitionStyles = {\n * entering: { opacity: 0 },\n * entered: { opacity: 1 },\n * };\n *\n * const Fade = ({ in: inProp }) => (\n * \n * {state => (\n *
    \n * I'm a fade Transition!\n *
    \n * )}\n *     \n * );\n * ```\n *\n * There are 4 main states a Transition can be in:\n * - `'entering'`\n * - `'entered'`\n * - `'exiting'`\n * - `'exited'`\n *\n * Transition state is toggled via the `in` prop. When `true` the component\n * begins the \"Enter\" stage. During this stage, the component will shift from\n * its current transition state, to `'entering'` for the duration of the\n * transition and then to the `'entered'` stage once it's complete. Let's take\n * the following example (we'll use the\n * [useState](https://reactjs.org/docs/hooks-reference.html#usestate) hook):\n *\n * ```jsx\n * function App() {\n * const [inProp, setInProp] = useState(false);\n * return (\n *
    \n * \n * {state => (\n * // ...\n * )}\n * \n * \n *
    \n * );\n * }\n * ```\n *\n * When the button is clicked the component will shift to the `'entering'` state\n * and stay there for 500ms (the value of `timeout`) before it finally switches\n * to `'entered'`.\n *\n * When `in` is `false` the same thing happens except the state moves from\n * `'exiting'` to `'exited'`.\n */\n\nexports.EXITING = EXITING;\n\nvar Transition =\n/*#__PURE__*/\nfunction (_React$Component) {\n _inheritsLoose(Transition, _React$Component);\n\n function Transition(props, context) {\n var _this;\n\n _this = _React$Component.call(this, props, context) || this;\n var parentGroup = context.transitionGroup; // In the context of a TransitionGroup all enters are really appears\n\n var appear = parentGroup && !parentGroup.isMounting ? props.enter : props.appear;\n var initialStatus;\n _this.appearStatus = null;\n\n if (props.in) {\n if (appear) {\n initialStatus = EXITED;\n _this.appearStatus = ENTERING;\n } else {\n initialStatus = ENTERED;\n }\n } else {\n if (props.unmountOnExit || props.mountOnEnter) {\n initialStatus = UNMOUNTED;\n } else {\n initialStatus = EXITED;\n }\n }\n\n _this.state = {\n status: initialStatus\n };\n _this.nextCallback = null;\n return _this;\n }\n\n var _proto = Transition.prototype;\n\n _proto.getChildContext = function getChildContext() {\n return {\n transitionGroup: null // allows for nested Transitions\n\n };\n };\n\n Transition.getDerivedStateFromProps = function getDerivedStateFromProps(_ref, prevState) {\n var nextIn = _ref.in;\n\n if (nextIn && prevState.status === UNMOUNTED) {\n return {\n status: EXITED\n };\n }\n\n return null;\n }; // getSnapshotBeforeUpdate(prevProps) {\n // let nextStatus = null\n // if (prevProps !== this.props) {\n // const { status } = this.state\n // if (this.props.in) {\n // if (status !== ENTERING && status !== ENTERED) {\n // nextStatus = ENTERING\n // }\n // } else {\n // if (status === ENTERING || status === ENTERED) {\n // nextStatus = EXITING\n // }\n // }\n // }\n // return { nextStatus }\n // }\n\n\n _proto.componentDidMount = function componentDidMount() {\n this.updateStatus(true, this.appearStatus);\n };\n\n _proto.componentDidUpdate = function componentDidUpdate(prevProps) {\n var nextStatus = null;\n\n if (prevProps !== this.props) {\n var status = this.state.status;\n\n if (this.props.in) {\n if (status !== ENTERING && status !== ENTERED) {\n nextStatus = ENTERING;\n }\n } else {\n if (status === ENTERING || status === ENTERED) {\n nextStatus = EXITING;\n }\n }\n }\n\n this.updateStatus(false, nextStatus);\n };\n\n _proto.componentWillUnmount = function componentWillUnmount() {\n this.cancelNextCallback();\n };\n\n _proto.getTimeouts = function getTimeouts() {\n var timeout = this.props.timeout;\n var exit, enter, appear;\n exit = enter = appear = timeout;\n\n if (timeout != null && typeof timeout !== 'number') {\n exit = timeout.exit;\n enter = timeout.enter; // TODO: remove fallback for next major\n\n appear = timeout.appear !== undefined ? timeout.appear : enter;\n }\n\n return {\n exit: exit,\n enter: enter,\n appear: appear\n };\n };\n\n _proto.updateStatus = function updateStatus(mounting, nextStatus) {\n if (mounting === void 0) {\n mounting = false;\n }\n\n if (nextStatus !== null) {\n // nextStatus will always be ENTERING or EXITING.\n this.cancelNextCallback();\n\n var node = _reactDom.default.findDOMNode(this);\n\n if (nextStatus === ENTERING) {\n this.performEnter(node, mounting);\n } else {\n this.performExit(node);\n }\n } else if (this.props.unmountOnExit && this.state.status === EXITED) {\n this.setState({\n status: UNMOUNTED\n });\n }\n };\n\n _proto.performEnter = function performEnter(node, mounting) {\n var _this2 = this;\n\n var enter = this.props.enter;\n var appearing = this.context.transitionGroup ? this.context.transitionGroup.isMounting : mounting;\n var timeouts = this.getTimeouts();\n var enterTimeout = appearing ? timeouts.appear : timeouts.enter; // no enter animation skip right to ENTERED\n // if we are mounting and running this it means appear _must_ be set\n\n if (!mounting && !enter) {\n this.safeSetState({\n status: ENTERED\n }, function () {\n _this2.props.onEntered(node);\n });\n return;\n }\n\n this.props.onEnter(node, appearing);\n this.safeSetState({\n status: ENTERING\n }, function () {\n _this2.props.onEntering(node, appearing);\n\n _this2.onTransitionEnd(node, enterTimeout, function () {\n _this2.safeSetState({\n status: ENTERED\n }, function () {\n _this2.props.onEntered(node, appearing);\n });\n });\n });\n };\n\n _proto.performExit = function performExit(node) {\n var _this3 = this;\n\n var exit = this.props.exit;\n var timeouts = this.getTimeouts(); // no exit animation skip right to EXITED\n\n if (!exit) {\n this.safeSetState({\n status: EXITED\n }, function () {\n _this3.props.onExited(node);\n });\n return;\n }\n\n this.props.onExit(node);\n this.safeSetState({\n status: EXITING\n }, function () {\n _this3.props.onExiting(node);\n\n _this3.onTransitionEnd(node, timeouts.exit, function () {\n _this3.safeSetState({\n status: EXITED\n }, function () {\n _this3.props.onExited(node);\n });\n });\n });\n };\n\n _proto.cancelNextCallback = function cancelNextCallback() {\n if (this.nextCallback !== null) {\n this.nextCallback.cancel();\n this.nextCallback = null;\n }\n };\n\n _proto.safeSetState = function safeSetState(nextState, callback) {\n // This shouldn't be necessary, but there are weird race conditions with\n // setState callbacks and unmounting in testing, so always make sure that\n // we can cancel any pending setState callbacks after we unmount.\n callback = this.setNextCallback(callback);\n this.setState(nextState, callback);\n };\n\n _proto.setNextCallback = function setNextCallback(callback) {\n var _this4 = this;\n\n var active = true;\n\n this.nextCallback = function (event) {\n if (active) {\n active = false;\n _this4.nextCallback = null;\n callback(event);\n }\n };\n\n this.nextCallback.cancel = function () {\n active = false;\n };\n\n return this.nextCallback;\n };\n\n _proto.onTransitionEnd = function onTransitionEnd(node, timeout, handler) {\n this.setNextCallback(handler);\n var doesNotHaveTimeoutOrListener = timeout == null && !this.props.addEndListener;\n\n if (!node || doesNotHaveTimeoutOrListener) {\n setTimeout(this.nextCallback, 0);\n return;\n }\n\n if (this.props.addEndListener) {\n this.props.addEndListener(node, this.nextCallback);\n }\n\n if (timeout != null) {\n setTimeout(this.nextCallback, timeout);\n }\n };\n\n _proto.render = function render() {\n var status = this.state.status;\n\n if (status === UNMOUNTED) {\n return null;\n }\n\n var _this$props = this.props,\n children = _this$props.children,\n childProps = _objectWithoutPropertiesLoose(_this$props, [\"children\"]); // filter props for Transtition\n\n\n delete childProps.in;\n delete childProps.mountOnEnter;\n delete childProps.unmountOnExit;\n delete childProps.appear;\n delete childProps.enter;\n delete childProps.exit;\n delete childProps.timeout;\n delete childProps.addEndListener;\n delete childProps.onEnter;\n delete childProps.onEntering;\n delete childProps.onEntered;\n delete childProps.onExit;\n delete childProps.onExiting;\n delete childProps.onExited;\n\n if (typeof children === 'function') {\n return children(status, childProps);\n }\n\n var child = _react.default.Children.only(children);\n\n return _react.default.cloneElement(child, childProps);\n };\n\n return Transition;\n}(_react.default.Component);\n\nTransition.contextTypes = {\n transitionGroup: PropTypes.object\n};\nTransition.childContextTypes = {\n transitionGroup: function transitionGroup() {}\n};\nTransition.propTypes = process.env.NODE_ENV !== \"production\" ? {\n /**\n * A `function` child can be used instead of a React element. This function is\n * called with the current transition status (`'entering'`, `'entered'`,\n * `'exiting'`, `'exited'`, `'unmounted'`), which can be used to apply context\n * specific props to a component.\n *\n * ```jsx\n * \n * {state => (\n * \n * )}\n * \n * ```\n */\n children: PropTypes.oneOfType([PropTypes.func.isRequired, PropTypes.element.isRequired]).isRequired,\n\n /**\n * Show the component; triggers the enter or exit states\n */\n in: PropTypes.bool,\n\n /**\n * By default the child component is mounted immediately along with\n * the parent `Transition` component. If you want to \"lazy mount\" the component on the\n * first `in={true}` you can set `mountOnEnter`. After the first enter transition the component will stay\n * mounted, even on \"exited\", unless you also specify `unmountOnExit`.\n */\n mountOnEnter: PropTypes.bool,\n\n /**\n * By default the child component stays mounted after it reaches the `'exited'` state.\n * Set `unmountOnExit` if you'd prefer to unmount the component after it finishes exiting.\n */\n unmountOnExit: PropTypes.bool,\n\n /**\n * Normally a component is not transitioned if it is shown when the `` component mounts.\n * If you want to transition on the first mount set `appear` to `true`, and the\n * component will transition in as soon as the `` mounts.\n *\n * > Note: there are no specific \"appear\" states. `appear` only adds an additional `enter` transition.\n */\n appear: PropTypes.bool,\n\n /**\n * Enable or disable enter transitions.\n */\n enter: PropTypes.bool,\n\n /**\n * Enable or disable exit transitions.\n */\n exit: PropTypes.bool,\n\n /**\n * The duration of the transition, in milliseconds.\n * Required unless `addEndListener` is provided.\n *\n * You may specify a single timeout for all transitions:\n *\n * ```jsx\n * timeout={500}\n * ```\n *\n * or individually:\n *\n * ```jsx\n * timeout={{\n * appear: 500,\n * enter: 300,\n * exit: 500,\n * }}\n * ```\n *\n * - `appear` defaults to the value of `enter`\n * - `enter` defaults to `0`\n * - `exit` defaults to `0`\n *\n * @type {number | { enter?: number, exit?: number, appear?: number }}\n */\n timeout: function timeout(props) {\n var pt = _PropTypes.timeoutsShape;\n if (!props.addEndListener) pt = pt.isRequired;\n\n for (var _len = arguments.length, args = new Array(_len > 1 ? _len - 1 : 0), _key = 1; _key < _len; _key++) {\n args[_key - 1] = arguments[_key];\n }\n\n return pt.apply(void 0, [props].concat(args));\n },\n\n /**\n * Add a custom transition end trigger. Called with the transitioning\n * DOM node and a `done` callback. Allows for more fine grained transition end\n * logic. **Note:** Timeouts are still used as a fallback if provided.\n *\n * ```jsx\n * addEndListener={(node, done) => {\n * // use the css transitionend event to mark the finish of a transition\n * node.addEventListener('transitionend', done, false);\n * }}\n * ```\n */\n addEndListener: PropTypes.func,\n\n /**\n * Callback fired before the \"entering\" status is applied. An extra parameter\n * `isAppearing` is supplied to indicate if the enter stage is occurring on the initial mount\n *\n * @type Function(node: HtmlElement, isAppearing: bool) -> void\n */\n onEnter: PropTypes.func,\n\n /**\n * Callback fired after the \"entering\" status is applied. An extra parameter\n * `isAppearing` is supplied to indicate if the enter stage is occurring on the initial mount\n *\n * @type Function(node: HtmlElement, isAppearing: bool)\n */\n onEntering: PropTypes.func,\n\n /**\n * Callback fired after the \"entered\" status is applied. An extra parameter\n * `isAppearing` is supplied to indicate if the enter stage is occurring on the initial mount\n *\n * @type Function(node: HtmlElement, isAppearing: bool) -> void\n */\n onEntered: PropTypes.func,\n\n /**\n * Callback fired before the \"exiting\" status is applied.\n *\n * @type Function(node: HtmlElement) -> void\n */\n onExit: PropTypes.func,\n\n /**\n * Callback fired after the \"exiting\" status is applied.\n *\n * @type Function(node: HtmlElement) -> void\n */\n onExiting: PropTypes.func,\n\n /**\n * Callback fired after the \"exited\" status is applied.\n *\n * @type Function(node: HtmlElement) -> void\n */\n onExited: PropTypes.func // Name the function so it is clearer in the documentation\n\n} : {};\n\nfunction noop() {}\n\nTransition.defaultProps = {\n in: false,\n mountOnEnter: false,\n unmountOnExit: false,\n appear: false,\n enter: true,\n exit: true,\n onEnter: noop,\n onEntering: noop,\n onEntered: noop,\n onExit: noop,\n onExiting: noop,\n onExited: noop\n};\nTransition.UNMOUNTED = 0;\nTransition.EXITED = 1;\nTransition.ENTERING = 2;\nTransition.ENTERED = 3;\nTransition.EXITING = 4;\n\nvar _default = (0, _reactLifecyclesCompat.polyfill)(Transition);\n\nexports.default = _default;","\"use strict\";\n\nexports.__esModule = true;\nexports.default = void 0;\n\nvar _propTypes = _interopRequireDefault(require(\"prop-types\"));\n\nvar _react = _interopRequireDefault(require(\"react\"));\n\nvar _reactLifecyclesCompat = require(\"react-lifecycles-compat\");\n\nvar _ChildMapping = require(\"./utils/ChildMapping\");\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\nfunction _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _inheritsLoose(subClass, superClass) { subClass.prototype = Object.create(superClass.prototype); subClass.prototype.constructor = subClass; subClass.__proto__ = superClass; }\n\nfunction _assertThisInitialized(self) { if (self === void 0) { throw new ReferenceError(\"this hasn't been initialised - super() hasn't been called\"); } return self; }\n\nvar values = Object.values || function (obj) {\n return Object.keys(obj).map(function (k) {\n return obj[k];\n });\n};\n\nvar defaultProps = {\n component: 'div',\n childFactory: function childFactory(child) {\n return child;\n }\n /**\n * The `` component manages a set of transition components\n * (`` and ``) in a list. Like with the transition\n * components, `` is a state machine for managing the mounting\n * and unmounting of components over time.\n *\n * Consider the example below. As items are removed or added to the TodoList the\n * `in` prop is toggled automatically by the ``.\n *\n * Note that `` does not define any animation behavior!\n * Exactly _how_ a list item animates is up to the individual transition\n * component. This means you can mix and match animations across different list\n * items.\n */\n\n};\n\nvar TransitionGroup =\n/*#__PURE__*/\nfunction (_React$Component) {\n _inheritsLoose(TransitionGroup, _React$Component);\n\n function TransitionGroup(props, context) {\n var _this;\n\n _this = _React$Component.call(this, props, context) || this;\n\n var handleExited = _this.handleExited.bind(_assertThisInitialized(_assertThisInitialized(_this))); // Initial children should all be entering, dependent on appear\n\n\n _this.state = {\n handleExited: handleExited,\n firstRender: true\n };\n return _this;\n }\n\n var _proto = TransitionGroup.prototype;\n\n _proto.getChildContext = function getChildContext() {\n return {\n transitionGroup: {\n isMounting: !this.appeared\n }\n };\n };\n\n _proto.componentDidMount = function componentDidMount() {\n this.appeared = true;\n this.mounted = true;\n };\n\n _proto.componentWillUnmount = function componentWillUnmount() {\n this.mounted = false;\n };\n\n TransitionGroup.getDerivedStateFromProps = function getDerivedStateFromProps(nextProps, _ref) {\n var prevChildMapping = _ref.children,\n handleExited = _ref.handleExited,\n firstRender = _ref.firstRender;\n return {\n children: firstRender ? (0, _ChildMapping.getInitialChildMapping)(nextProps, handleExited) : (0, _ChildMapping.getNextChildMapping)(nextProps, prevChildMapping, handleExited),\n firstRender: false\n };\n };\n\n _proto.handleExited = function handleExited(child, node) {\n var currentChildMapping = (0, _ChildMapping.getChildMapping)(this.props.children);\n if (child.key in currentChildMapping) return;\n\n if (child.props.onExited) {\n child.props.onExited(node);\n }\n\n if (this.mounted) {\n this.setState(function (state) {\n var children = _extends({}, state.children);\n\n delete children[child.key];\n return {\n children: children\n };\n });\n }\n };\n\n _proto.render = function render() {\n var _this$props = this.props,\n Component = _this$props.component,\n childFactory = _this$props.childFactory,\n props = _objectWithoutPropertiesLoose(_this$props, [\"component\", \"childFactory\"]);\n\n var children = values(this.state.children).map(childFactory);\n delete props.appear;\n delete props.enter;\n delete props.exit;\n\n if (Component === null) {\n return children;\n }\n\n return _react.default.createElement(Component, props, children);\n };\n\n return TransitionGroup;\n}(_react.default.Component);\n\nTransitionGroup.childContextTypes = {\n transitionGroup: _propTypes.default.object.isRequired\n};\nTransitionGroup.propTypes = process.env.NODE_ENV !== \"production\" ? {\n /**\n * `` renders a `
    ` by default. You can change this\n * behavior by providing a `component` prop.\n * If you use React v16+ and would like to avoid a wrapping `
    ` element\n * you can pass in `component={null}`. This is useful if the wrapping div\n * borks your css styles.\n */\n component: _propTypes.default.any,\n\n /**\n * A set of `` components, that are toggled `in` and out as they\n * leave. the `` will inject specific transition props, so\n * remember to spread them through if you are wrapping the `` as\n * with our `` example.\n *\n * While this component is meant for multiple `Transition` or `CSSTransition`\n * children, sometimes you may want to have a single transition child with\n * content that you want to be transitioned out and in when you change it\n * (e.g. routes, images etc.) In that case you can change the `key` prop of\n * the transition child as you change its content, this will cause\n * `TransitionGroup` to transition the child out and back in.\n */\n children: _propTypes.default.node,\n\n /**\n * A convenience prop that enables or disables appear animations\n * for all children. Note that specifying this will override any defaults set\n * on individual children Transitions.\n */\n appear: _propTypes.default.bool,\n\n /**\n * A convenience prop that enables or disables enter animations\n * for all children. Note that specifying this will override any defaults set\n * on individual children Transitions.\n */\n enter: _propTypes.default.bool,\n\n /**\n * A convenience prop that enables or disables exit animations\n * for all children. Note that specifying this will override any defaults set\n * on individual children Transitions.\n */\n exit: _propTypes.default.bool,\n\n /**\n * You may need to apply reactive updates to a child as it is exiting.\n * This is generally done by using `cloneElement` however in the case of an exiting\n * child the element has already been removed and not accessible to the consumer.\n *\n * If you do need to update a child as it leaves you can provide a `childFactory`\n * to wrap every child, even the ones that are leaving.\n *\n * @type Function(child: ReactElement) -> ReactElement\n */\n childFactory: _propTypes.default.func\n} : {};\nTransitionGroup.defaultProps = defaultProps;\n\nvar _default = (0, _reactLifecyclesCompat.polyfill)(TransitionGroup);\n\nexports.default = _default;\nmodule.exports = exports[\"default\"];","'use strict';\n\nvar React = require('react');\nvar ReactDOM = require('react-dom');\nvar PropTypes = require('prop-types');\nvar className = require('classnames');\nvar debounce = require('lodash.debounce');\nvar isEqual = require('lodash.isequal');\nvar createReactClass = require('create-react-class');\n\nfunction normalizeLineEndings(str) {\n\tif (!str) return str;\n\treturn str.replace(/\\r\\n|\\r/g, '\\n');\n}\n\nvar CodeMirror = createReactClass({\n\tpropTypes: {\n\t\tautoFocus: PropTypes.bool,\n\t\tclassName: PropTypes.any,\n\t\tcodeMirrorInstance: PropTypes.func,\n\t\tdefaultValue: PropTypes.string,\n\t\tname: PropTypes.string,\n\t\tonChange: PropTypes.func,\n\t\tonCursorActivity: PropTypes.func,\n\t\tonFocusChange: PropTypes.func,\n\t\tonScroll: PropTypes.func,\n\t\toptions: PropTypes.object,\n\t\tpath: PropTypes.string,\n\t\tvalue: PropTypes.string,\n\t\tpreserveScrollPosition: PropTypes.bool\n\t},\n\tgetDefaultProps: function getDefaultProps() {\n\t\treturn {\n\t\t\tpreserveScrollPosition: false\n\t\t};\n\t},\n\tgetCodeMirrorInstance: function getCodeMirrorInstance() {\n\t\treturn this.props.codeMirrorInstance || require('codemirror');\n\t},\n\tgetInitialState: function getInitialState() {\n\t\treturn {\n\t\t\tisFocused: false\n\t\t};\n\t},\n\tcomponentWillMount: function componentWillMount() {\n\t\tthis.componentWillReceiveProps = debounce(this.componentWillReceiveProps, 0);\n\t\tif (this.props.path) {\n\t\t\tconsole.error('Warning: react-codemirror: the `path` prop has been changed to `name`');\n\t\t}\n\t},\n\tcomponentDidMount: function componentDidMount() {\n\t\tvar codeMirrorInstance = this.getCodeMirrorInstance();\n\t\tthis.codeMirror = codeMirrorInstance.fromTextArea(this.textareaNode, this.props.options);\n\t\tthis.codeMirror.on('change', this.codemirrorValueChanged);\n\t\tthis.codeMirror.on('cursorActivity', this.cursorActivity);\n\t\tthis.codeMirror.on('focus', this.focusChanged.bind(this, true));\n\t\tthis.codeMirror.on('blur', this.focusChanged.bind(this, false));\n\t\tthis.codeMirror.on('scroll', this.scrollChanged);\n\t\tthis.codeMirror.setValue(this.props.defaultValue || this.props.value || '');\n\t},\n\tcomponentWillUnmount: function componentWillUnmount() {\n\t\t// is there a lighter-weight way to remove the cm instance?\n\t\tif (this.codeMirror) {\n\t\t\tthis.codeMirror.toTextArea();\n\t\t}\n\t},\n\tcomponentWillReceiveProps: function componentWillReceiveProps(nextProps) {\n\t\tif (this.codeMirror && nextProps.value !== undefined && nextProps.value !== this.props.value && normalizeLineEndings(this.codeMirror.getValue()) !== normalizeLineEndings(nextProps.value)) {\n\t\t\tif (this.props.preserveScrollPosition) {\n\t\t\t\tvar prevScrollPosition = this.codeMirror.getScrollInfo();\n\t\t\t\tthis.codeMirror.setValue(nextProps.value);\n\t\t\t\tthis.codeMirror.scrollTo(prevScrollPosition.left, prevScrollPosition.top);\n\t\t\t} else {\n\t\t\t\tthis.codeMirror.setValue(nextProps.value);\n\t\t\t}\n\t\t}\n\t\tif (typeof nextProps.options === 'object') {\n\t\t\tfor (var optionName in nextProps.options) {\n\t\t\t\tif (nextProps.options.hasOwnProperty(optionName)) {\n\t\t\t\t\tthis.setOptionIfChanged(optionName, nextProps.options[optionName]);\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t},\n\tsetOptionIfChanged: function setOptionIfChanged(optionName, newValue) {\n\t\tvar oldValue = this.codeMirror.getOption(optionName);\n\t\tif (!isEqual(oldValue, newValue)) {\n\t\t\tthis.codeMirror.setOption(optionName, newValue);\n\t\t}\n\t},\n\tgetCodeMirror: function getCodeMirror() {\n\t\treturn this.codeMirror;\n\t},\n\tfocus: function focus() {\n\t\tif (this.codeMirror) {\n\t\t\tthis.codeMirror.focus();\n\t\t}\n\t},\n\tfocusChanged: function focusChanged(focused) {\n\t\tthis.setState({\n\t\t\tisFocused: focused\n\t\t});\n\t\tthis.props.onFocusChange && this.props.onFocusChange(focused);\n\t},\n\tcursorActivity: function cursorActivity(cm) {\n\t\tthis.props.onCursorActivity && this.props.onCursorActivity(cm);\n\t},\n\tscrollChanged: function scrollChanged(cm) {\n\t\tthis.props.onScroll && this.props.onScroll(cm.getScrollInfo());\n\t},\n\tcodemirrorValueChanged: function codemirrorValueChanged(doc, change) {\n\t\tif (this.props.onChange && change.origin !== 'setValue') {\n\t\t\tthis.props.onChange(doc.getValue(), change);\n\t\t}\n\t},\n\trender: function render() {\n\t\tvar _this = this;\n\n\t\tvar editorClassName = className('ReactCodeMirror', this.state.isFocused ? 'ReactCodeMirror--focused' : null, this.props.className);\n\t\treturn React.createElement(\n\t\t\t'div',\n\t\t\t{ className: editorClassName },\n\t\t\tReact.createElement('textarea', {\n\t\t\t\tref: function (ref) {\n\t\t\t\t\treturn _this.textareaNode = ref;\n\t\t\t\t},\n\t\t\t\tname: this.props.name || this.props.path,\n\t\t\t\tdefaultValue: this.props.value,\n\t\t\t\tautoComplete: 'off',\n\t\t\t\tautoFocus: this.props.autoFocus\n\t\t\t})\n\t\t);\n\t}\n});\n\nmodule.exports = CodeMirror;","'use strict';\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\n\nvar _scrollbar = require('./scrollbar');\n\nvar _scrollbar2 = _interopRequireDefault(_scrollbar);\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nexports.default = _scrollbar2.default;\nmodule.exports = exports['default'];","/** @license React v16.10.2\n * react.production.min.js\n *\n * Copyright (c) Facebook, Inc. and its affiliates.\n *\n * This source code is licensed under the MIT license found in the\n * LICENSE file in the root directory of this source tree.\n */\n\n'use strict';var h=require(\"object-assign\"),n=\"function\"===typeof Symbol&&Symbol.for,p=n?Symbol.for(\"react.element\"):60103,q=n?Symbol.for(\"react.portal\"):60106,r=n?Symbol.for(\"react.fragment\"):60107,t=n?Symbol.for(\"react.strict_mode\"):60108,u=n?Symbol.for(\"react.profiler\"):60114,v=n?Symbol.for(\"react.provider\"):60109,w=n?Symbol.for(\"react.context\"):60110,x=n?Symbol.for(\"react.forward_ref\"):60112,y=n?Symbol.for(\"react.suspense\"):60113,aa=n?Symbol.for(\"react.suspense_list\"):60120,ba=n?Symbol.for(\"react.memo\"):\n60115,ca=n?Symbol.for(\"react.lazy\"):60116;n&&Symbol.for(\"react.fundamental\");n&&Symbol.for(\"react.responder\");n&&Symbol.for(\"react.scope\");var z=\"function\"===typeof Symbol&&Symbol.iterator;\nfunction A(a){for(var b=a.message,c=\"https://reactjs.org/docs/error-decoder.html?invariant=\"+b,d=1;dP.length&&P.push(a)}\nfunction S(a,b,c,d){var e=typeof a;if(\"undefined\"===e||\"boolean\"===e)a=null;var g=!1;if(null===a)g=!0;else switch(e){case \"string\":case \"number\":g=!0;break;case \"object\":switch(a.$$typeof){case p:case q:g=!0}}if(g)return c(d,a,\"\"===b?\".\"+T(a,0):b),1;g=0;b=\"\"===b?\".\":b+\":\";if(Array.isArray(a))for(var l=0;lb}return!1}function B(a,b,c,d,e,f){this.acceptsBooleans=2===b||3===b||4===b;this.attributeName=d;this.attributeNamespace=e;this.mustUseProperty=c;this.propertyName=a;this.type=b;this.sanitizeURL=f}var C={};\n\"children dangerouslySetInnerHTML defaultValue defaultChecked innerHTML suppressContentEditableWarning suppressHydrationWarning style\".split(\" \").forEach(function(a){C[a]=new B(a,0,!1,a,null,!1)});[[\"acceptCharset\",\"accept-charset\"],[\"className\",\"class\"],[\"htmlFor\",\"for\"],[\"httpEquiv\",\"http-equiv\"]].forEach(function(a){var b=a[0];C[b]=new B(b,1,!1,a[1],null,!1)});[\"contentEditable\",\"draggable\",\"spellCheck\",\"value\"].forEach(function(a){C[a]=new B(a,2,!1,a.toLowerCase(),null,!1)});\n[\"autoReverse\",\"externalResourcesRequired\",\"focusable\",\"preserveAlpha\"].forEach(function(a){C[a]=new B(a,2,!1,a,null,!1)});\"allowFullScreen async autoFocus autoPlay controls default defer disabled disablePictureInPicture formNoValidate hidden loop noModule noValidate open playsInline readOnly required reversed scoped seamless itemScope\".split(\" \").forEach(function(a){C[a]=new B(a,3,!1,a.toLowerCase(),null,!1)});\n[\"checked\",\"multiple\",\"muted\",\"selected\"].forEach(function(a){C[a]=new B(a,3,!0,a,null,!1)});[\"capture\",\"download\"].forEach(function(a){C[a]=new B(a,4,!1,a,null,!1)});[\"cols\",\"rows\",\"size\",\"span\"].forEach(function(a){C[a]=new B(a,6,!1,a,null,!1)});[\"rowSpan\",\"start\"].forEach(function(a){C[a]=new B(a,5,!1,a.toLowerCase(),null,!1)});var rb=/[\\-:]([a-z])/g;function sb(a){return a[1].toUpperCase()}\n\"accent-height alignment-baseline arabic-form baseline-shift cap-height clip-path clip-rule color-interpolation color-interpolation-filters color-profile color-rendering dominant-baseline enable-background fill-opacity fill-rule flood-color flood-opacity font-family font-size font-size-adjust font-stretch font-style font-variant font-weight glyph-name glyph-orientation-horizontal glyph-orientation-vertical horiz-adv-x horiz-origin-x image-rendering letter-spacing lighting-color marker-end marker-mid marker-start overline-position overline-thickness paint-order panose-1 pointer-events rendering-intent shape-rendering stop-color stop-opacity strikethrough-position strikethrough-thickness stroke-dasharray stroke-dashoffset stroke-linecap stroke-linejoin stroke-miterlimit stroke-opacity stroke-width text-anchor text-decoration text-rendering underline-position underline-thickness unicode-bidi unicode-range units-per-em v-alphabetic v-hanging v-ideographic v-mathematical vector-effect vert-adv-y vert-origin-x vert-origin-y word-spacing writing-mode xmlns:xlink x-height\".split(\" \").forEach(function(a){var b=a.replace(rb,\nsb);C[b]=new B(b,1,!1,a,null,!1)});\"xlink:actuate xlink:arcrole xlink:role xlink:show xlink:title xlink:type\".split(\" \").forEach(function(a){var b=a.replace(rb,sb);C[b]=new B(b,1,!1,a,\"http://www.w3.org/1999/xlink\",!1)});[\"xml:base\",\"xml:lang\",\"xml:space\"].forEach(function(a){var b=a.replace(rb,sb);C[b]=new B(b,1,!1,a,\"http://www.w3.org/XML/1998/namespace\",!1)});[\"tabIndex\",\"crossOrigin\"].forEach(function(a){C[a]=new B(a,1,!1,a.toLowerCase(),null,!1)});\nC.xlinkHref=new B(\"xlinkHref\",1,!1,\"xlink:href\",\"http://www.w3.org/1999/xlink\",!0);[\"src\",\"href\",\"action\",\"formAction\"].forEach(function(a){C[a]=new B(a,1,!1,a.toLowerCase(),null,!0)});function tb(a){switch(typeof a){case \"boolean\":case \"number\":case \"object\":case \"string\":case \"undefined\":return a;default:return\"\"}}\nfunction ub(a,b,c,d){var e=C.hasOwnProperty(b)?C[b]:null;var f=null!==e?0===e.type:d?!1:!(2=b.length))throw t(Error(93));b=b[0]}c=b}null==c&&(c=\"\")}a._wrapperState={initialValue:tb(c)}}\nfunction Mb(a,b){var c=tb(b.value),d=tb(b.defaultValue);null!=c&&(c=\"\"+c,c!==a.value&&(a.value=c),null==b.defaultValue&&a.defaultValue!==c&&(a.defaultValue=c));null!=d&&(a.defaultValue=\"\"+d)}function Nb(a){var b=a.textContent;b===a._wrapperState.initialValue&&\"\"!==b&&null!==b&&(a.value=b)}var Ob={html:\"http://www.w3.org/1999/xhtml\",mathml:\"http://www.w3.org/1998/Math/MathML\",svg:\"http://www.w3.org/2000/svg\"};\nfunction Pb(a){switch(a){case \"svg\":return\"http://www.w3.org/2000/svg\";case \"math\":return\"http://www.w3.org/1998/Math/MathML\";default:return\"http://www.w3.org/1999/xhtml\"}}function Qb(a,b){return null==a||\"http://www.w3.org/1999/xhtml\"===a?Pb(b):\"http://www.w3.org/2000/svg\"===a&&\"foreignObject\"===b?\"http://www.w3.org/1999/xhtml\":a}\nvar Rb,Sb=function(a){return\"undefined\"!==typeof MSApp&&MSApp.execUnsafeLocalFunction?function(b,c,d,e){MSApp.execUnsafeLocalFunction(function(){return a(b,c,d,e)})}:a}(function(a,b){if(a.namespaceURI!==Ob.svg||\"innerHTML\"in a)a.innerHTML=b;else{Rb=Rb||document.createElement(\"div\");Rb.innerHTML=\"\"+b.valueOf().toString()+\"\";for(b=Rb.firstChild;a.firstChild;)a.removeChild(a.firstChild);for(;b.firstChild;)a.appendChild(b.firstChild)}});\nfunction Tb(a,b){if(b){var c=a.firstChild;if(c&&c===a.lastChild&&3===c.nodeType){c.nodeValue=b;return}}a.textContent=b}function Ub(a,b){var c={};c[a.toLowerCase()]=b.toLowerCase();c[\"Webkit\"+a]=\"webkit\"+b;c[\"Moz\"+a]=\"moz\"+b;return c}var Vb={animationend:Ub(\"Animation\",\"AnimationEnd\"),animationiteration:Ub(\"Animation\",\"AnimationIteration\"),animationstart:Ub(\"Animation\",\"AnimationStart\"),transitionend:Ub(\"Transition\",\"TransitionEnd\")},Wb={},Xb={};\nXa&&(Xb=document.createElement(\"div\").style,\"AnimationEvent\"in window||(delete Vb.animationend.animation,delete Vb.animationiteration.animation,delete Vb.animationstart.animation),\"TransitionEvent\"in window||delete Vb.transitionend.transition);function Yb(a){if(Wb[a])return Wb[a];if(!Vb[a])return a;var b=Vb[a],c;for(c in b)if(b.hasOwnProperty(c)&&c in Xb)return Wb[a]=b[c];return a}\nvar Zb=Yb(\"animationend\"),$b=Yb(\"animationiteration\"),ac=Yb(\"animationstart\"),bc=Yb(\"transitionend\"),dc=\"abort canplay canplaythrough durationchange emptied encrypted ended error loadeddata loadedmetadata loadstart pause play playing progress ratechange seeked seeking stalled suspend timeupdate volumechange waiting\".split(\" \"),ec=!1,fc=[],gc=null,hc=null,ic=null,jc=new Map,kc=new Map,lc=\"mousedown mouseup touchcancel touchend touchstart auxclick dblclick pointercancel pointerdown pointerup dragend dragstart drop compositionend compositionstart keydown keypress keyup input textInput close cancel copy cut paste click change contextmenu reset submit\".split(\" \"),\nmc=\"focus blur dragenter dragleave mouseover mouseout pointerover pointerout gotpointercapture lostpointercapture\".split(\" \");function nc(a){var b=oc(a);lc.forEach(function(c){pc(c,a,b)});mc.forEach(function(c){pc(c,a,b)})}function qc(a,b,c,d){return{blockedOn:a,topLevelType:b,eventSystemFlags:c|32,nativeEvent:d}}\nfunction rc(a,b){switch(a){case \"focus\":case \"blur\":gc=null;break;case \"dragenter\":case \"dragleave\":hc=null;break;case \"mouseover\":case \"mouseout\":ic=null;break;case \"pointerover\":case \"pointerout\":jc.delete(b.pointerId);break;case \"gotpointercapture\":case \"lostpointercapture\":kc.delete(b.pointerId)}}function sc(a,b,c,d,e){if(null===a||a.nativeEvent!==e)return qc(b,c,d,e);a.eventSystemFlags|=d;return a}\nfunction tc(a,b,c,d){switch(b){case \"focus\":return gc=sc(gc,a,b,c,d),!0;case \"dragenter\":return hc=sc(hc,a,b,c,d),!0;case \"mouseover\":return ic=sc(ic,a,b,c,d),!0;case \"pointerover\":var e=d.pointerId;jc.set(e,sc(jc.get(e)||null,a,b,c,d));return!0;case \"gotpointercapture\":return e=d.pointerId,kc.set(e,sc(kc.get(e)||null,a,b,c,d)),!0}return!1}function uc(a){if(null!==a.blockedOn)return!1;var b=vc(a.topLevelType,a.eventSystemFlags,a.nativeEvent);return null!==b?(a.blockedOn=b,!1):!0}\nfunction wc(a,b,c){uc(a)&&c.delete(b)}function xc(){for(ec=!1;0this.eventPool.length&&this.eventPool.push(a)}function Oc(a){a.eventPool=[];a.getPooled=Pc;a.release=Qc}var Rc=F.extend({animationName:null,elapsedTime:null,pseudoElement:null}),Sc=F.extend({clipboardData:function(a){return\"clipboardData\"in a?a.clipboardData:window.clipboardData}}),Tc=F.extend({view:null,detail:null}),Uc=Tc.extend({relatedTarget:null});\nfunction Vc(a){var b=a.keyCode;\"charCode\"in a?(a=a.charCode,0===a&&13===b&&(a=13)):a=b;10===a&&(a=13);return 32<=a||13===a?a:0}\nvar Wc={Esc:\"Escape\",Spacebar:\" \",Left:\"ArrowLeft\",Up:\"ArrowUp\",Right:\"ArrowRight\",Down:\"ArrowDown\",Del:\"Delete\",Win:\"OS\",Menu:\"ContextMenu\",Apps:\"ContextMenu\",Scroll:\"ScrollLock\",MozPrintableKey:\"Unidentified\"},Xc={8:\"Backspace\",9:\"Tab\",12:\"Clear\",13:\"Enter\",16:\"Shift\",17:\"Control\",18:\"Alt\",19:\"Pause\",20:\"CapsLock\",27:\"Escape\",32:\" \",33:\"PageUp\",34:\"PageDown\",35:\"End\",36:\"Home\",37:\"ArrowLeft\",38:\"ArrowUp\",39:\"ArrowRight\",40:\"ArrowDown\",45:\"Insert\",46:\"Delete\",112:\"F1\",113:\"F2\",114:\"F3\",115:\"F4\",\n116:\"F5\",117:\"F6\",118:\"F7\",119:\"F8\",120:\"F9\",121:\"F10\",122:\"F11\",123:\"F12\",144:\"NumLock\",145:\"ScrollLock\",224:\"Meta\"},Yc={Alt:\"altKey\",Control:\"ctrlKey\",Meta:\"metaKey\",Shift:\"shiftKey\"};function Zc(a){var b=this.nativeEvent;return b.getModifierState?b.getModifierState(a):(a=Yc[a])?!!b[a]:!1}function $c(){return Zc}\nvar ad=Tc.extend({key:function(a){if(a.key){var b=Wc[a.key]||a.key;if(\"Unidentified\"!==b)return b}return\"keypress\"===a.type?(a=Vc(a),13===a?\"Enter\":String.fromCharCode(a)):\"keydown\"===a.type||\"keyup\"===a.type?Xc[a.keyCode]||\"Unidentified\":\"\"},location:null,ctrlKey:null,shiftKey:null,altKey:null,metaKey:null,repeat:null,locale:null,getModifierState:$c,charCode:function(a){return\"keypress\"===a.type?Vc(a):0},keyCode:function(a){return\"keydown\"===a.type||\"keyup\"===a.type?a.keyCode:0},which:function(a){return\"keypress\"===\na.type?Vc(a):\"keydown\"===a.type||\"keyup\"===a.type?a.keyCode:0}}),bd=0,cd=0,dd=!1,fd=!1,gd=Tc.extend({screenX:null,screenY:null,clientX:null,clientY:null,pageX:null,pageY:null,ctrlKey:null,shiftKey:null,altKey:null,metaKey:null,getModifierState:$c,button:null,buttons:null,relatedTarget:function(a){return a.relatedTarget||(a.fromElement===a.srcElement?a.toElement:a.fromElement)},movementX:function(a){if(\"movementX\"in a)return a.movementX;var b=bd;bd=a.screenX;return dd?\"mousemove\"===a.type?a.screenX-\nb:0:(dd=!0,0)},movementY:function(a){if(\"movementY\"in a)return a.movementY;var b=cd;cd=a.screenY;return fd?\"mousemove\"===a.type?a.screenY-b:0:(fd=!0,0)}}),hd=gd.extend({pointerId:null,width:null,height:null,pressure:null,tangentialPressure:null,tiltX:null,tiltY:null,twist:null,pointerType:null,isPrimary:null}),id=gd.extend({dataTransfer:null}),jd=Tc.extend({touches:null,targetTouches:null,changedTouches:null,altKey:null,metaKey:null,ctrlKey:null,shiftKey:null,getModifierState:$c}),kd=F.extend({propertyName:null,\nelapsedTime:null,pseudoElement:null}),ld=gd.extend({deltaX:function(a){return\"deltaX\"in a?a.deltaX:\"wheelDeltaX\"in a?-a.wheelDeltaX:0},deltaY:function(a){return\"deltaY\"in a?a.deltaY:\"wheelDeltaY\"in a?-a.wheelDeltaY:\"wheelDelta\"in a?-a.wheelDelta:0},deltaZ:null,deltaMode:null}),md=[[\"blur\",\"blur\",0],[\"cancel\",\"cancel\",0],[\"click\",\"click\",0],[\"close\",\"close\",0],[\"contextmenu\",\"contextMenu\",0],[\"copy\",\"copy\",0],[\"cut\",\"cut\",0],[\"auxclick\",\"auxClick\",0],[\"dblclick\",\"doubleClick\",0],[\"dragend\",\"dragEnd\",\n0],[\"dragstart\",\"dragStart\",0],[\"drop\",\"drop\",0],[\"focus\",\"focus\",0],[\"input\",\"input\",0],[\"invalid\",\"invalid\",0],[\"keydown\",\"keyDown\",0],[\"keypress\",\"keyPress\",0],[\"keyup\",\"keyUp\",0],[\"mousedown\",\"mouseDown\",0],[\"mouseup\",\"mouseUp\",0],[\"paste\",\"paste\",0],[\"pause\",\"pause\",0],[\"play\",\"play\",0],[\"pointercancel\",\"pointerCancel\",0],[\"pointerdown\",\"pointerDown\",0],[\"pointerup\",\"pointerUp\",0],[\"ratechange\",\"rateChange\",0],[\"reset\",\"reset\",0],[\"seeked\",\"seeked\",0],[\"submit\",\"submit\",0],[\"touchcancel\",\"touchCancel\",\n0],[\"touchend\",\"touchEnd\",0],[\"touchstart\",\"touchStart\",0],[\"volumechange\",\"volumeChange\",0],[\"drag\",\"drag\",1],[\"dragenter\",\"dragEnter\",1],[\"dragexit\",\"dragExit\",1],[\"dragleave\",\"dragLeave\",1],[\"dragover\",\"dragOver\",1],[\"mousemove\",\"mouseMove\",1],[\"mouseout\",\"mouseOut\",1],[\"mouseover\",\"mouseOver\",1],[\"pointermove\",\"pointerMove\",1],[\"pointerout\",\"pointerOut\",1],[\"pointerover\",\"pointerOver\",1],[\"scroll\",\"scroll\",1],[\"toggle\",\"toggle\",1],[\"touchmove\",\"touchMove\",1],[\"wheel\",\"wheel\",1],[\"abort\",\"abort\",\n2],[Zb,\"animationEnd\",2],[$b,\"animationIteration\",2],[ac,\"animationStart\",2],[\"canplay\",\"canPlay\",2],[\"canplaythrough\",\"canPlayThrough\",2],[\"durationchange\",\"durationChange\",2],[\"emptied\",\"emptied\",2],[\"encrypted\",\"encrypted\",2],[\"ended\",\"ended\",2],[\"error\",\"error\",2],[\"gotpointercapture\",\"gotPointerCapture\",2],[\"load\",\"load\",2],[\"loadeddata\",\"loadedData\",2],[\"loadedmetadata\",\"loadedMetadata\",2],[\"loadstart\",\"loadStart\",2],[\"lostpointercapture\",\"lostPointerCapture\",2],[\"playing\",\"playing\",2],[\"progress\",\n\"progress\",2],[\"seeking\",\"seeking\",2],[\"stalled\",\"stalled\",2],[\"suspend\",\"suspend\",2],[\"timeupdate\",\"timeUpdate\",2],[bc,\"transitionEnd\",2],[\"waiting\",\"waiting\",2]],nd={},od={},pd=0;for(;pd=b)return{node:c,offset:b-a};a=d}a:{for(;c;){if(c.nextSibling){c=c.nextSibling;break a}c=c.parentNode}c=void 0}c=Vd(c)}}\nfunction Xd(a,b){return a&&b?a===b?!0:a&&3===a.nodeType?!1:b&&3===b.nodeType?Xd(a,b.parentNode):\"contains\"in a?a.contains(b):a.compareDocumentPosition?!!(a.compareDocumentPosition(b)&16):!1:!1}function Yd(){for(var a=window,b=Ud();b instanceof a.HTMLIFrameElement;){try{var c=\"string\"===typeof b.contentWindow.location.href}catch(d){c=!1}if(c)a=b.contentWindow;else break;b=Ud(a.document)}return b}\nfunction Zd(a){var b=a&&a.nodeName&&a.nodeName.toLowerCase();return b&&(\"input\"===b&&(\"text\"===a.type||\"search\"===a.type||\"tel\"===a.type||\"url\"===a.type||\"password\"===a.type)||\"textarea\"===b||\"true\"===a.contentEditable)}var $d=\"$\",ae=\"/$\",be=\"$?\",ce=\"$!\",de=null,ee=null;function fe(a,b){switch(a){case \"button\":case \"input\":case \"select\":case \"textarea\":return!!b.autoFocus}return!1}\nfunction ge(a,b){return\"textarea\"===a||\"option\"===a||\"noscript\"===a||\"string\"===typeof b.children||\"number\"===typeof b.children||\"object\"===typeof b.dangerouslySetInnerHTML&&null!==b.dangerouslySetInnerHTML&&null!=b.dangerouslySetInnerHTML.__html}var he=\"function\"===typeof setTimeout?setTimeout:void 0,ie=\"function\"===typeof clearTimeout?clearTimeout:void 0;function je(a){for(;null!=a;a=a.nextSibling){var b=a.nodeType;if(1===b||3===b)break}return a}\nfunction ke(a){a=a.previousSibling;for(var b=0;a;){if(8===a.nodeType){var c=a.data;if(c===$d||c===ce||c===be){if(0===b)return a;b--}else c===ae&&b++}a=a.previousSibling}return null}var le=Math.random().toString(36).slice(2),me=\"__reactInternalInstance$\"+le,ne=\"__reactEventHandlers$\"+le,oe=\"__reactContainere$\"+le;\nfunction Cd(a){var b=a[me];if(b)return b;for(var c=a.parentNode;c;){if(b=c[oe]||c[me]){c=b.alternate;if(null!==b.child||null!==c&&null!==c.child)for(a=ke(a);null!==a;){if(c=a[me])return c;a=ke(a)}return b}a=c;c=a.parentNode}return null}function pe(a){a=a[me]||a[oe];return!a||5!==a.tag&&6!==a.tag&&13!==a.tag&&3!==a.tag?null:a}function qe(a){if(5===a.tag||6===a.tag)return a.stateNode;throw t(Error(33));}function re(a){return a[ne]||null}var se=null,te=null,ue=null;\nfunction ve(){if(ue)return ue;var a,b=te,c=b.length,d,e=\"value\"in se?se.value:se.textContent,f=e.length;for(a=0;a=Ae),De=String.fromCharCode(32),Ee={beforeInput:{phasedRegistrationNames:{bubbled:\"onBeforeInput\",captured:\"onBeforeInputCapture\"},dependencies:[\"compositionend\",\"keypress\",\"textInput\",\"paste\"]},compositionEnd:{phasedRegistrationNames:{bubbled:\"onCompositionEnd\",captured:\"onCompositionEndCapture\"},dependencies:\"blur compositionend keydown keypress keyup mousedown\".split(\" \")},compositionStart:{phasedRegistrationNames:{bubbled:\"onCompositionStart\",\ncaptured:\"onCompositionStartCapture\"},dependencies:\"blur compositionstart keydown keypress keyup mousedown\".split(\" \")},compositionUpdate:{phasedRegistrationNames:{bubbled:\"onCompositionUpdate\",captured:\"onCompositionUpdateCapture\"},dependencies:\"blur compositionupdate keydown keypress keyup mousedown\".split(\" \")}},Fe=!1;\nfunction Ge(a,b){switch(a){case \"keyup\":return-1!==ye.indexOf(b.keyCode);case \"keydown\":return 229!==b.keyCode;case \"keypress\":case \"mousedown\":case \"blur\":return!0;default:return!1}}function He(a){a=a.detail;return\"object\"===typeof a&&\"data\"in a?a.data:null}var Ie=!1;function Je(a,b){switch(a){case \"compositionend\":return He(b);case \"keypress\":if(32!==b.which)return null;Fe=!0;return De;case \"textInput\":return a=b.data,a===De&&Fe?null:a;default:return null}}\nfunction Ke(a,b){if(Ie)return\"compositionend\"===a||!ze&&Ge(a,b)?(a=ve(),ue=te=se=null,Ie=!1,a):null;switch(a){case \"paste\":return null;case \"keypress\":if(!(b.ctrlKey||b.altKey||b.metaKey)||b.ctrlKey&&b.altKey){if(b.char&&1=document.documentMode,kf={select:{phasedRegistrationNames:{bubbled:\"onSelect\",captured:\"onSelectCapture\"},dependencies:\"blur contextmenu dragend focus keydown keyup mousedown mouseup selectionchange\".split(\" \")}},lf=null,mf=null,nf=null,of=!1;\nfunction pf(a,b){var c=b.window===b?b.document:9===b.nodeType?b:b.ownerDocument;if(of||null==lf||lf!==Ud(c))return null;c=lf;\"selectionStart\"in c&&Zd(c)?c={start:c.selectionStart,end:c.selectionEnd}:(c=(c.ownerDocument&&c.ownerDocument.defaultView||window).getSelection(),c={anchorNode:c.anchorNode,anchorOffset:c.anchorOffset,focusNode:c.focusNode,focusOffset:c.focusOffset});return nf&&hf(nf,c)?null:(nf=c,a=F.getPooled(kf.select,mf,a,b),a.type=\"select\",a.target=lf,Lc(a),a)}\nvar qf={eventTypes:kf,extractEvents:function(a,b,c,d){var e=d.window===d?d.document:9===d.nodeType?d:d.ownerDocument,f;if(!(f=!e)){a:{e=oc(e);f=ja.onSelect;for(var g=0;gsf||(a.current=rf[sf],rf[sf]=null,sf--)}\nfunction I(a,b){sf++;rf[sf]=a.current;a.current=b}var tf={},J={current:tf},K={current:!1},uf=tf;function vf(a,b){var c=a.type.contextTypes;if(!c)return tf;var d=a.stateNode;if(d&&d.__reactInternalMemoizedUnmaskedChildContext===b)return d.__reactInternalMemoizedMaskedChildContext;var e={},f;for(f in c)e[f]=b[f];d&&(a=a.stateNode,a.__reactInternalMemoizedUnmaskedChildContext=b,a.__reactInternalMemoizedMaskedChildContext=e);return e}function N(a){a=a.childContextTypes;return null!==a&&void 0!==a}\nfunction wf(a){H(K,a);H(J,a)}function xf(a){H(K,a);H(J,a)}function zf(a,b,c){if(J.current!==tf)throw t(Error(168));I(J,b,a);I(K,c,a)}function Af(a,b,c){var d=a.stateNode;a=b.childContextTypes;if(\"function\"!==typeof d.getChildContext)return c;d=d.getChildContext();for(var e in d)if(!(e in a))throw t(Error(108),Va(b)||\"Unknown\",e);return n({},c,{},d)}function Bf(a){var b=a.stateNode;b=b&&b.__reactInternalMemoizedMergedChildContext||tf;uf=J.current;I(J,b,a);I(K,K.current,a);return!0}\nfunction Cf(a,b,c){var d=a.stateNode;if(!d)throw t(Error(169));c?(b=Af(a,b,uf),d.__reactInternalMemoizedMergedChildContext=b,H(K,a),H(J,a),I(J,b,a)):H(K,a);I(K,c,a)}\nvar Df=r.unstable_runWithPriority,Ef=r.unstable_scheduleCallback,Ff=r.unstable_cancelCallback,Gf=r.unstable_shouldYield,Hf=r.unstable_requestPaint,If=r.unstable_now,Jf=r.unstable_getCurrentPriorityLevel,Kf=r.unstable_ImmediatePriority,Lf=r.unstable_UserBlockingPriority,Mf=r.unstable_NormalPriority,Nf=r.unstable_LowPriority,Of=r.unstable_IdlePriority,Pf={},Qf=void 0!==Hf?Hf:function(){},Rf=null,Sf=null,Tf=!1,Uf=If(),Vf=1E4>Uf?If:function(){return If()-Uf};\nfunction Wf(){switch(Jf()){case Kf:return 99;case Lf:return 98;case Mf:return 97;case Nf:return 96;case Of:return 95;default:throw t(Error(332));}}function Xf(a){switch(a){case 99:return Kf;case 98:return Lf;case 97:return Mf;case 96:return Nf;case 95:return Of;default:throw t(Error(332));}}function Yf(a,b){a=Xf(a);return Df(a,b)}function Zf(a,b,c){a=Xf(a);return Ef(a,b,c)}function $f(a){null===Rf?(Rf=[a],Sf=Ef(Kf,ag)):Rf.push(a);return Pf}function bg(){if(null!==Sf){var a=Sf;Sf=null;Ff(a)}ag()}\nfunction ag(){if(!Tf&&null!==Rf){Tf=!0;var a=0;try{var b=Rf;Yf(99,function(){for(;a=b&&(mg=!0),a.firstContext=null)}\nfunction ng(a,b){if(gg!==a&&!1!==b&&0!==b){if(\"number\"!==typeof b||1073741823===b)gg=a,b=1073741823;b={context:a,observedBits:b,next:null};if(null===fg){if(null===eg)throw t(Error(308));fg=b;eg.dependencies={expirationTime:0,firstContext:b,responders:null}}else fg=fg.next=b}return a._currentValue}var og=!1;\nfunction pg(a){return{baseState:a,firstUpdate:null,lastUpdate:null,firstCapturedUpdate:null,lastCapturedUpdate:null,firstEffect:null,lastEffect:null,firstCapturedEffect:null,lastCapturedEffect:null}}function qg(a){return{baseState:a.baseState,firstUpdate:a.firstUpdate,lastUpdate:a.lastUpdate,firstCapturedUpdate:null,lastCapturedUpdate:null,firstEffect:null,lastEffect:null,firstCapturedEffect:null,lastCapturedEffect:null}}\nfunction rg(a,b){return{expirationTime:a,suspenseConfig:b,tag:0,payload:null,callback:null,next:null,nextEffect:null}}function sg(a,b){null===a.lastUpdate?a.firstUpdate=a.lastUpdate=b:(a.lastUpdate.next=b,a.lastUpdate=b)}\nfunction tg(a,b){var c=a.alternate;if(null===c){var d=a.updateQueue;var e=null;null===d&&(d=a.updateQueue=pg(a.memoizedState))}else d=a.updateQueue,e=c.updateQueue,null===d?null===e?(d=a.updateQueue=pg(a.memoizedState),e=c.updateQueue=pg(c.memoizedState)):d=a.updateQueue=qg(e):null===e&&(e=c.updateQueue=qg(d));null===e||d===e?sg(d,b):null===d.lastUpdate||null===e.lastUpdate?(sg(d,b),sg(e,b)):(sg(d,b),e.lastUpdate=b)}\nfunction ug(a,b){var c=a.updateQueue;c=null===c?a.updateQueue=pg(a.memoizedState):vg(a,c);null===c.lastCapturedUpdate?c.firstCapturedUpdate=c.lastCapturedUpdate=b:(c.lastCapturedUpdate.next=b,c.lastCapturedUpdate=b)}function vg(a,b){var c=a.alternate;null!==c&&b===c.updateQueue&&(b=a.updateQueue=qg(b));return b}\nfunction wg(a,b,c,d,e,f){switch(c.tag){case 1:return a=c.payload,\"function\"===typeof a?a.call(f,d,e):a;case 3:a.effectTag=a.effectTag&-4097|64;case 0:a=c.payload;e=\"function\"===typeof a?a.call(f,d,e):a;if(null===e||void 0===e)break;return n({},d,e);case 2:og=!0}return d}\nfunction xg(a,b,c,d,e){og=!1;b=vg(a,b);for(var f=b.baseState,g=null,h=0,k=b.firstUpdate,l=f;null!==k;){var m=k.expirationTime;my?(z=q,q=null):z=q.sibling;var p=w(e,q,h[y],k);if(null===p){null===q&&(q=z);break}a&&\nq&&null===p.alternate&&b(e,q);g=f(p,g,y);null===m?l=p:m.sibling=p;m=p;q=z}if(y===h.length)return c(e,q),l;if(null===q){for(;yy?(z=q,q=null):z=q.sibling;var M=w(e,q,p.value,k);if(null===M){null===q&&(q=z);break}a&&q&&null===M.alternate&&b(e,q);g=f(M,g,y);null===m?l=M:m.sibling=M;m=M;q=z}if(p.done)return c(e,q),l;if(null===q){for(;!p.done;y++,p=h.next())p=A(e,p.value,k),null!==p&&(g=f(p,g,y),null===m?l=p:m.sibling=p,m=p);return l}for(q=d(e,q);!p.done;y++,p=h.next())p=L(q,e,y,p.value,k),null!==p&&(a&&null!==\np.alternate&&q.delete(null===p.key?y:p.key),g=f(p,g,y),null===m?l=p:m.sibling=p,m=p);a&&q.forEach(function(a){return b(e,a)});return l}return function(a,d,f,h){var k=\"object\"===typeof f&&null!==f&&f.type===Ha&&null===f.key;k&&(f=f.props.children);var l=\"object\"===typeof f&&null!==f;if(l)switch(f.$$typeof){case Fa:a:{l=f.key;for(k=d;null!==k;){if(k.key===l){if(7===k.tag?f.type===Ha:k.elementType===f.type){c(a,k.sibling);d=e(k,f.type===Ha?f.props.children:f.props,h);d.ref=Og(a,k,f);d.return=a;a=d;break a}c(a,\nk);break}else b(a,k);k=k.sibling}f.type===Ha?(d=Vg(f.props.children,a.mode,h,f.key),d.return=a,a=d):(h=Tg(f.type,f.key,f.props,null,a.mode,h),h.ref=Og(a,d,f),h.return=a,a=h)}return g(a);case Ga:a:{for(k=f.key;null!==d;){if(d.key===k){if(4===d.tag&&d.stateNode.containerInfo===f.containerInfo&&d.stateNode.implementation===f.implementation){c(a,d.sibling);d=e(d,f.children||[],h);d.return=a;a=d;break a}c(a,d);break}else b(a,d);d=d.sibling}d=Ug(f,a.mode,h);d.return=a;a=d}return g(a)}if(\"string\"===typeof f||\n\"number\"===typeof f)return f=\"\"+f,null!==d&&6===d.tag?(c(a,d.sibling),d=e(d,f,h),d.return=a,a=d):(c(a,d),d=Sg(f,a.mode,h),d.return=a,a=d),g(a);if(Ng(f))return wb(a,d,f,h);if(Ta(f))return M(a,d,f,h);l&&Pg(a,f);if(\"undefined\"===typeof f&&!k)switch(a.tag){case 1:case 0:throw a=a.type,t(Error(152),a.displayName||a.name||\"Component\");}return c(a,d)}}var Wg=Qg(!0),Xg=Qg(!1),Yg={},Zg={current:Yg},$g={current:Yg},ah={current:Yg};function bh(a){if(a===Yg)throw t(Error(174));return a}\nfunction ch(a,b){I(ah,b,a);I($g,a,a);I(Zg,Yg,a);var c=b.nodeType;switch(c){case 9:case 11:b=(b=b.documentElement)?b.namespaceURI:Qb(null,\"\");break;default:c=8===c?b.parentNode:b,b=c.namespaceURI||null,c=c.tagName,b=Qb(b,c)}H(Zg,a);I(Zg,b,a)}function dh(a){H(Zg,a);H($g,a);H(ah,a)}function eh(a){bh(ah.current);var b=bh(Zg.current);var c=Qb(b,a.type);b!==c&&(I($g,a,a),I(Zg,c,a))}function fh(a){$g.current===a&&(H(Zg,a),H($g,a))}var O={current:0};\nfunction gh(a){for(var b=a;null!==b;){if(13===b.tag){var c=b.memoizedState;if(null!==c&&(c=c.dehydrated,null===c||c.data===be||c.data===ce))return b}else if(19===b.tag&&void 0!==b.memoizedProps.revealOrder){if((b.effectTag&64)!==D)return b}else if(null!==b.child){b.child.return=b;b=b.child;continue}if(b===a)break;for(;null===b.sibling;){if(null===b.return||b.return===a)return null;b=b.return}b.sibling.return=b.return;b=b.sibling}return null}function hh(a,b){return{responder:a,props:b}}\nvar ih=Da.ReactCurrentDispatcher,jh=0,kh=null,P=null,lh=null,mh=null,Q=null,nh=null,oh=0,ph=null,qh=0,rh=!1,sh=null,th=0;function uh(){throw t(Error(321));}function vh(a,b){if(null===b)return!1;for(var c=0;coh&&(oh=m,zg(oh))):(yg(m,k.suspenseConfig),f=k.eagerReducer===a?k.eagerState:a(f,k.action));g=k;k=k.next}while(null!==k&&k!==d);l||(h=g,e=f);ff(f,b.memoizedState)||(mg=!0);b.memoizedState=f;b.baseUpdate=h;b.baseState=e;c.lastRenderedState=f}return[b.memoizedState,c.dispatch]}\nfunction Ih(a,b,c,d){a={tag:a,create:b,destroy:c,deps:d,next:null};null===ph?(ph={lastEffect:null},ph.lastEffect=a.next=a):(b=ph.lastEffect,null===b?ph.lastEffect=a.next=a:(c=b.next,b.next=a,a.next=c,ph.lastEffect=a));return a}function Jh(a,b,c,d){var e=Eh();qh|=a;e.memoizedState=Ih(b,c,void 0,void 0===d?null:d)}\nfunction Kh(a,b,c,d){var e=Fh();d=void 0===d?null:d;var f=void 0;if(null!==P){var g=P.memoizedState;f=g.destroy;if(null!==d&&vh(d,g.deps)){Ih(0,c,f,d);return}}qh|=a;e.memoizedState=Ih(b,c,f,d)}function Lh(a,b){if(\"function\"===typeof b)return a=a(),b(a),function(){b(null)};if(null!==b&&void 0!==b)return a=a(),b.current=a,function(){b.current=null}}function Mh(){}\nfunction Nh(a,b,c){if(!(25>th))throw t(Error(301));var d=a.alternate;if(a===kh||null!==d&&d===kh)if(rh=!0,a={expirationTime:jh,suspenseConfig:null,action:c,eagerReducer:null,eagerState:null,next:null},null===sh&&(sh=new Map),c=sh.get(b),void 0===c)sh.set(b,a);else{for(b=c;null!==b.next;)b=b.next;b.next=a}else{var e=Fg(),f=Cg.suspense;e=Gg(e,a,f);f={expirationTime:e,suspenseConfig:f,action:c,eagerReducer:null,eagerState:null,next:null};var g=b.last;if(null===g)f.next=f;else{var h=g.next;null!==h&&\n(f.next=h);g.next=f}b.last=f;if(0===a.expirationTime&&(null===d||0===d.expirationTime)&&(d=b.lastRenderedReducer,null!==d))try{var k=b.lastRenderedState,l=d(k,c);f.eagerReducer=d;f.eagerState=l;if(ff(l,k))return}catch(m){}finally{}Hg(a,e)}}\nvar zh={readContext:ng,useCallback:uh,useContext:uh,useEffect:uh,useImperativeHandle:uh,useLayoutEffect:uh,useMemo:uh,useReducer:uh,useRef:uh,useState:uh,useDebugValue:uh,useResponder:uh},xh={readContext:ng,useCallback:function(a,b){Eh().memoizedState=[a,void 0===b?null:b];return a},useContext:ng,useEffect:function(a,b){return Jh(516,192,a,b)},useImperativeHandle:function(a,b,c){c=null!==c&&void 0!==c?c.concat([a]):null;return Jh(4,36,Lh.bind(null,b,a),c)},useLayoutEffect:function(a,b){return Jh(4,\n36,a,b)},useMemo:function(a,b){var c=Eh();b=void 0===b?null:b;a=a();c.memoizedState=[a,b];return a},useReducer:function(a,b,c){var d=Eh();b=void 0!==c?c(b):b;d.memoizedState=d.baseState=b;a=d.queue={last:null,dispatch:null,lastRenderedReducer:a,lastRenderedState:b};a=a.dispatch=Nh.bind(null,kh,a);return[d.memoizedState,a]},useRef:function(a){var b=Eh();a={current:a};return b.memoizedState=a},useState:function(a){var b=Eh();\"function\"===typeof a&&(a=a());b.memoizedState=b.baseState=a;a=b.queue={last:null,\ndispatch:null,lastRenderedReducer:Gh,lastRenderedState:a};a=a.dispatch=Nh.bind(null,kh,a);return[b.memoizedState,a]},useDebugValue:Mh,useResponder:hh},yh={readContext:ng,useCallback:function(a,b){var c=Fh();b=void 0===b?null:b;var d=c.memoizedState;if(null!==d&&null!==b&&vh(b,d[1]))return d[0];c.memoizedState=[a,b];return a},useContext:ng,useEffect:function(a,b){return Kh(516,192,a,b)},useImperativeHandle:function(a,b,c){c=null!==c&&void 0!==c?c.concat([a]):null;return Kh(4,36,Lh.bind(null,b,a),c)},\nuseLayoutEffect:function(a,b){return Kh(4,36,a,b)},useMemo:function(a,b){var c=Fh();b=void 0===b?null:b;var d=c.memoizedState;if(null!==d&&null!==b&&vh(b,d[1]))return d[0];a=a();c.memoizedState=[a,b];return a},useReducer:Hh,useRef:function(){return Fh().memoizedState},useState:function(a){return Hh(Gh,a)},useDebugValue:Mh,useResponder:hh},Oh=null,Ph=null,Qh=!1;\nfunction Rh(a,b){var c=Sh(5,null,null,0);c.elementType=\"DELETED\";c.type=\"DELETED\";c.stateNode=b;c.return=a;c.effectTag=8;null!==a.lastEffect?(a.lastEffect.nextEffect=c,a.lastEffect=c):a.firstEffect=a.lastEffect=c}function Th(a,b){switch(a.tag){case 5:var c=a.type;b=1!==b.nodeType||c.toLowerCase()!==b.nodeName.toLowerCase()?null:b;return null!==b?(a.stateNode=b,!0):!1;case 6:return b=\"\"===a.pendingProps||3!==b.nodeType?null:b,null!==b?(a.stateNode=b,!0):!1;case 13:return!1;default:return!1}}\nfunction Uh(a){if(Qh){var b=Ph;if(b){var c=b;if(!Th(a,b)){b=je(c.nextSibling);if(!b||!Th(a,b)){a.effectTag=a.effectTag&~Ac|E;Qh=!1;Oh=a;return}Rh(Oh,c)}Oh=a;Ph=je(b.firstChild)}else a.effectTag=a.effectTag&~Ac|E,Qh=!1,Oh=a}}function Vh(a){for(a=a.return;null!==a&&5!==a.tag&&3!==a.tag&&13!==a.tag;)a=a.return;Oh=a}\nfunction Wh(a){if(a!==Oh)return!1;if(!Qh)return Vh(a),Qh=!0,!1;var b=a.type;if(5!==a.tag||\"head\"!==b&&\"body\"!==b&&!ge(b,a.memoizedProps))for(b=Ph;b;)Rh(a,b),b=je(b.nextSibling);Vh(a);if(13===a.tag)if(a=a.memoizedState,a=null!==a?a.dehydrated:null,null===a)a=Ph;else a:{a=a.nextSibling;for(b=0;a;){if(8===a.nodeType){var c=a.data;if(c===ae){if(0===b){a=je(a.nextSibling);break a}b--}else c!==$d&&c!==ce&&c!==be||b++}a=a.nextSibling}a=null}else a=Oh?je(a.stateNode.nextSibling):null;Ph=a;return!0}\nfunction Xh(){Ph=Oh=null;Qh=!1}var Yh=Da.ReactCurrentOwner,mg=!1;function R(a,b,c,d){b.child=null===a?Xg(b,null,c,d):Wg(b,a.child,c,d)}function Zh(a,b,c,d,e){c=c.render;var f=b.ref;lg(b,e);d=wh(a,b,c,d,f,e);if(null!==a&&!mg)return b.updateQueue=a.updateQueue,b.effectTag&=-517,a.expirationTime<=e&&(a.expirationTime=0),$h(a,b,e);b.effectTag|=1;R(a,b,d,e);return b.child}\nfunction ai(a,b,c,d,e,f){if(null===a){var g=c.type;if(\"function\"===typeof g&&!bi(g)&&void 0===g.defaultProps&&null===c.compare&&void 0===c.defaultProps)return b.tag=15,b.type=g,ci(a,b,g,d,e,f);a=Tg(c.type,null,d,null,b.mode,f);a.ref=b.ref;a.return=b;return b.child=a}g=a.child;if(eb)&&rj.set(a,b)))}}\nfunction wj(a,b){a.expirationTimea?b:a}\nfunction Z(a){if(0!==a.lastExpiredTime)a.callbackExpirationTime=1073741823,a.callbackPriority=99,a.callbackNode=$f(xj.bind(null,a));else{var b=Aj(a),c=a.callbackNode;if(0===b)null!==c&&(a.callbackNode=null,a.callbackExpirationTime=0,a.callbackPriority=90);else{var d=Fg();1073741823===b?d=99:1===b||2===b?d=95:(d=10*(1073741821-b)-10*(1073741821-d),d=0>=d?99:250>=d?98:5250>=d?97:95);if(null!==c){var e=a.callbackPriority;if(a.callbackExpirationTime===b&&e>=d)return;c!==Pf&&Ff(c)}a.callbackExpirationTime=\nb;a.callbackPriority=d;b=1073741823===b?$f(xj.bind(null,a)):Zf(d,Cj.bind(null,a),{timeout:10*(1073741821-b)-Vf()});a.callbackNode=b}}}\nfunction Cj(a,b){uj=0;if(b)return b=Fg(),Dj(a,b),Z(a),null;var c=Aj(a);if(0!==c){b=a.callbackNode;if((T&(Zi|$i))!==S)throw t(Error(327));Ej();a===U&&c===W||Fj(a,c);if(null!==V){var d=T;T|=Zi;var e=Gj(a);do try{Hj();break}catch(h){Ij(a,h)}while(1);hg();T=d;Wi.current=e;if(X===bj)throw b=hj,Fj(a,c),yj(a,c),Z(a),b;if(null===V)switch(e=a.finishedWork=a.current.alternate,a.finishedExpirationTime=c,Jj(a,c),d=X,U=null,d){case aj:case bj:throw t(Error(345));case cj:if(2!==c){Dj(a,2);break}Kj(a);break;case dj:yj(a,\nc);d=a.lastSuspendedTime;c===d&&(a.nextKnownPendingLevel=Lj(e));if(1073741823===ij&&(e=Mi+nj-Vf(),10=c){a.lastPingedTime=c;Fj(a,c);break}}f=Aj(a);if(0!==f&&f!==c)break;if(0!==d&&d!==c){a.lastPingedTime=d;break}a.timeoutHandle=he(Kj.bind(null,a),e);break}Kj(a);break;case ej:yj(a,c);d=a.lastSuspendedTime;c===d&&(a.nextKnownPendingLevel=Lj(e));if(mj&&(e=a.lastPingedTime,0===e||e>=c)){a.lastPingedTime=c;Fj(a,c);break}e=Aj(a);if(0!==e&&e!==c)break;if(0!==\nd&&d!==c){a.lastPingedTime=d;break}1073741823!==jj?d=10*(1073741821-jj)-Vf():1073741823===ij?d=0:(d=10*(1073741821-ij)-5E3,e=Vf(),c=10*(1073741821-c)-e,d=e-d,0>d&&(d=0),d=(120>d?120:480>d?480:1080>d?1080:1920>d?1920:3E3>d?3E3:4320>d?4320:1960*Vi(d/1960))-d,c=d?d=0:(e=g.busyDelayMs|0,f=Vf()-(10*(1073741821-f)-(g.timeoutMs|0||5E3)),d=f<=e?0:e+d-f);\nif(10=b&&(Zf(97,function(){c._onComplete();return null}),X=gj)}function Oj(){if(null!==rj){var a=rj;rj=null;a.forEach(function(a,c){Dj(c,a);Z(c)});bg()}}function Pj(a,b){var c=T;T|=1;try{return a(b)}finally{T=c,T===S&&bg()}}function Qj(a,b,c,d){var e=T;T|=4;try{return Yf(98,a.bind(null,b,c,d))}finally{T=e,T===S&&bg()}}\nfunction Rj(a,b){var c=T;T&=-2;T|=Yi;try{return a(b)}finally{T=c,T===S&&bg()}}\nfunction Fj(a,b){a.finishedWork=null;a.finishedExpirationTime=0;var c=a.timeoutHandle;-1!==c&&(a.timeoutHandle=-1,ie(c));if(null!==V)for(c=V.return;null!==c;){var d=c;switch(d.tag){case 1:var e=d.type.childContextTypes;null!==e&&void 0!==e&&wf(d);break;case 3:dh(d);xf(d);break;case 5:fh(d);break;case 4:dh(d);break;case 13:H(O,d);break;case 19:H(O,d);break;case 10:jg(d)}c=c.return}U=a;V=Rg(a.current,null,b);W=b;X=aj;hj=null;jj=ij=1073741823;kj=null;lj=0;mj=!1}\nfunction Ij(a,b){do{try{hg();Ah();if(null===V||null===V.return)return X=bj,hj=b,null;a:{var c=a,d=V.return,e=V,f=b;b=W;e.effectTag|=2048;e.firstEffect=e.lastEffect=null;if(null!==f&&\"object\"===typeof f&&\"function\"===typeof f.then){var g=f,h=0!==(O.current&1),k=d;do{var l;if(l=13===k.tag){var m=k.memoizedState;if(null!==m)l=null!==m.dehydrated?!0:!1;else{var A=k.memoizedProps;l=void 0===A.fallback?!1:!0!==A.unstable_avoidThisFallback?!0:h?!1:!0}}if(l){var w=k.updateQueue;if(null===w){var L=new Set;\nL.add(g);k.updateQueue=L}else w.add(g);if(0===(k.mode&2)){k.effectTag|=64;e.effectTag&=-2981;if(1===e.tag)if(null===e.alternate)e.tag=17;else{var wb=rg(1073741823,null);wb.tag=2;tg(e,wb)}e.expirationTime=1073741823;break a}f=void 0;e=b;var M=c.pingCache;null===M?(M=c.pingCache=new Pi,f=new Set,M.set(g,f)):(f=M.get(g),void 0===f&&(f=new Set,M.set(g,f)));if(!f.has(e)){f.add(e);var q=Sj.bind(null,c,g,e);g.then(q,q)}k.effectTag|=4096;k.expirationTime=b;break a}k=k.return}while(null!==k);f=Error((Va(e.type)||\n\"A React component\")+\" suspended while rendering, but no fallback UI was specified.\\n\\nAdd a component higher in the tree to provide a loading indicator or placeholder to display.\"+Wa(e))}X!==fj&&(X=cj);f=ti(f,e);k=d;do{switch(k.tag){case 3:g=f;k.effectTag|=4096;k.expirationTime=b;var y=Qi(k,g,b);ug(k,y);break a;case 1:g=f;var z=k.type,p=k.stateNode;if((k.effectTag&64)===D&&(\"function\"===typeof z.getDerivedStateFromError||null!==p&&\"function\"===typeof p.componentDidCatch&&\n(null===Ui||!Ui.has(p)))){k.effectTag|=4096;k.expirationTime=b;var u=Ti(k,g,b);ug(k,u);break a}}k=k.return}while(null!==k)}V=Tj(V)}catch(v){b=v;continue}break}while(1)}function Gj(){var a=Wi.current;Wi.current=zh;return null===a?zh:a}function yg(a,b){alj&&(lj=a)}function Mj(){for(;null!==V;)V=Uj(V)}function Hj(){for(;null!==V&&!Gf();)V=Uj(V)}\nfunction Uj(a){var b=Vj(a.alternate,a,W);a.memoizedProps=a.pendingProps;null===b&&(b=Tj(a));Xi.current=null;return b}\nfunction Tj(a){V=a;do{var b=V.alternate;a=V.return;if((V.effectTag&2048)===D){a:{var c=b;b=V;var d=W,e=b.pendingProps;switch(b.tag){case 2:break;case 16:break;case 15:case 0:break;case 1:N(b.type)&&wf(b);break;case 3:dh(b);xf(b);d=b.stateNode;d.pendingContext&&(d.context=d.pendingContext,d.pendingContext=null);(null===c||null===c.child)&&Wh(b)&&mi(b);oi(b);break;case 5:fh(b);d=bh(ah.current);var f=b.type;if(null!==c&&null!=b.stateNode)pi(c,b,f,e,d),c.ref!==b.ref&&(b.effectTag|=128);else if(e){var g=\nbh(Zg.current);if(Wh(b)){e=b;f=void 0;c=e.stateNode;var h=e.type,k=e.memoizedProps;c[me]=e;c[ne]=k;switch(h){case \"iframe\":case \"object\":case \"embed\":G(\"load\",c);break;case \"video\":case \"audio\":for(var l=0;l\\x3c/script>\",l=k.removeChild(k.firstChild)):\"string\"===typeof c.is?l=l.createElement(k,{is:c.is}):(l=l.createElement(k),\"select\"===k&&(k=l,c.multiple?k.multiple=!0:c.size&&(k.size=c.size))):l=l.createElementNS(g,k);k=l;k[me]=h;k[ne]=c;c=k;ni(c,b,!1,!1);b.stateNode=c;g=d;var m=Rd(f,e);switch(f){case \"iframe\":case \"object\":case \"embed\":G(\"load\",\nc);d=e;break;case \"video\":case \"audio\":for(d=0;de.tailExpiration&&1e&&(e=c),h>e&&(e=h),f=f.sibling;d.childExpirationTime=e}if(null!==b)return b;null!==a&&(a.effectTag&2048)===D&&(null===a.firstEffect&&(a.firstEffect=V.firstEffect),null!==V.lastEffect&&(null!==a.lastEffect&&(a.lastEffect.nextEffect=V.firstEffect),a.lastEffect=V.lastEffect),1a?b:a}function Kj(a){var b=Wf();Yf(99,Wj.bind(null,a,b));return null}\nfunction Wj(a,b){Ej();if((T&(Zi|$i))!==S)throw t(Error(327));var c=a.finishedWork,d=a.finishedExpirationTime;if(null===c)return null;a.finishedWork=null;a.finishedExpirationTime=0;if(c===a.current)throw t(Error(177));a.callbackNode=null;a.callbackExpirationTime=0;a.callbackPriority=90;a.nextKnownPendingLevel=0;var e=Lj(c);a.firstPendingTime=e;d<=a.lastSuspendedTime?a.firstSuspendedTime=a.lastSuspendedTime=a.nextKnownPendingLevel=0:d<=a.firstSuspendedTime&&(a.firstSuspendedTime=d-1);d<=a.lastPingedTime&&\n(a.lastPingedTime=0);d<=a.lastExpiredTime&&(a.lastExpiredTime=0);a===U&&(V=U=null,W=0);1h&&(l=h,h=g,g=l),l=Wd(p,g),m=Wd(p,h),l&&m&&(1!==v.rangeCount||v.anchorNode!==l.node||v.anchorOffset!==l.offset||v.focusNode!==m.node||v.focusOffset!==m.offset)&&(u=u.createRange(),u.setStart(l.node,l.offset),v.removeAllRanges(),g>h?(v.addRange(u),v.extend(m.node,m.offset)):(u.setEnd(m.node,m.offset),v.addRange(u))))));u=[];for(v=p;v=v.parentNode;)1===v.nodeType&&u.push({element:v,left:v.scrollLeft,top:v.scrollTop});\"function\"===\ntypeof p.focus&&p.focus();for(p=0;p=c)return ji(a,b,c);I(O,O.current&\n1,b);b=$h(a,b,c);return null!==b?b.sibling:null}I(O,O.current&1,b);break;case 19:d=b.childExpirationTime>=c;if((a.effectTag&64)!==D){if(d)return li(a,b,c);b.effectTag|=64}e=b.memoizedState;null!==e&&(e.rendering=null,e.tail=null);I(O,O.current,b);if(!d)return null}return $h(a,b,c)}mg=!1}}else mg=!1;b.expirationTime=0;switch(b.tag){case 2:d=b.type;null!==a&&(a.alternate=null,b.alternate=null,b.effectTag|=E);a=b.pendingProps;e=vf(b,J.current);lg(b,c);e=wh(null,b,d,a,e,c);b.effectTag|=1;if(\"object\"===\ntypeof e&&null!==e&&\"function\"===typeof e.render&&void 0===e.$$typeof){b.tag=1;Ah();if(N(d)){var f=!0;Bf(b)}else f=!1;b.memoizedState=null!==e.state&&void 0!==e.state?e.state:null;var g=d.getDerivedStateFromProps;\"function\"===typeof g&&Eg(b,d,g,a);e.updater=Ig;b.stateNode=e;e._reactInternalFiber=b;Mg(b,d,a,c);b=gi(null,b,d,!0,f,c)}else b.tag=0,R(null,b,e,c),b=b.child;return b;case 16:e=b.elementType;null!==a&&(a.alternate=null,b.alternate=null,b.effectTag|=E);a=b.pendingProps;Ua(e);if(1!==e._status)throw e._result;\ne=e._result;b.type=e;f=b.tag=ck(e);a=cg(e,a);switch(f){case 0:b=di(null,b,e,a,c);break;case 1:b=fi(null,b,e,a,c);break;case 11:b=Zh(null,b,e,a,c);break;case 14:b=ai(null,b,e,cg(e.type,a),d,c);break;default:throw t(Error(306),e,\"\");}return b;case 0:return d=b.type,e=b.pendingProps,e=b.elementType===d?e:cg(d,e),di(a,b,d,e,c);case 1:return d=b.type,e=b.pendingProps,e=b.elementType===d?e:cg(d,e),fi(a,b,d,e,c);case 3:hi(b);d=b.updateQueue;if(null===d)throw t(Error(282));e=b.memoizedState;e=null!==e?e.element:\nnull;xg(b,d,b.pendingProps,null,c);d=b.memoizedState.element;if(d===e)Xh(),b=$h(a,b,c);else{if(e=b.stateNode.hydrate)Ph=je(b.stateNode.containerInfo.firstChild),Oh=b,e=Qh=!0;if(e)for(c=Xg(b,null,d,c),b.child=c;c;)c.effectTag=c.effectTag&~E|Ac,c=c.sibling;else R(a,b,d,c),Xh();b=b.child}return b;case 5:return eh(b),null===a&&Uh(b),d=b.type,e=b.pendingProps,f=null!==a?a.memoizedProps:null,g=e.children,ge(d,e)?g=null:null!==f&&ge(d,f)&&(b.effectTag|=16),ei(a,b),b.mode&4&&1!==c&&e.hidden?(b.expirationTime=\nb.childExpirationTime=1,b=null):(R(a,b,g,c),b=b.child),b;case 6:return null===a&&Uh(b),null;case 13:return ji(a,b,c);case 4:return ch(b,b.stateNode.containerInfo),d=b.pendingProps,null===a?b.child=Wg(b,null,d,c):R(a,b,d,c),b.child;case 11:return d=b.type,e=b.pendingProps,e=b.elementType===d?e:cg(d,e),Zh(a,b,d,e,c);case 7:return R(a,b,b.pendingProps,c),b.child;case 8:return R(a,b,b.pendingProps.children,c),b.child;case 12:return R(a,b,b.pendingProps.children,c),b.child;case 10:a:{d=b.type._context;\ne=b.pendingProps;g=b.memoizedProps;f=e.value;ig(b,f);if(null!==g){var h=g.value;f=ff(h,f)?0:(\"function\"===typeof d._calculateChangedBits?d._calculateChangedBits(h,f):1073741823)|0;if(0===f){if(g.children===e.children&&!K.current){b=$h(a,b,c);break a}}else for(h=b.child,null!==h&&(h.return=b);null!==h;){var k=h.dependencies;if(null!==k){g=h.child;for(var l=k.firstContext;null!==l;){if(l.context===d&&0!==(l.observedBits&f)){1===h.tag&&(l=rg(c,null),l.tag=2,tg(h,l));h.expirationTime=b&&a<=b}function yj(a,b){var c=a.firstSuspendedTime,d=a.lastSuspendedTime;cb||0===c)a.lastSuspendedTime=b;b<=a.lastPingedTime&&(a.lastPingedTime=0);b<=a.lastExpiredTime&&(a.lastExpiredTime=0)}\nfunction zj(a,b){b>a.firstPendingTime&&(a.firstPendingTime=b);var c=a.firstSuspendedTime;0!==c&&(b>=c?a.firstSuspendedTime=a.lastSuspendedTime=a.nextKnownPendingLevel=0:b>=a.lastSuspendedTime&&(a.lastSuspendedTime=b+1),b>a.nextKnownPendingLevel&&(a.nextKnownPendingLevel=b))}function Dj(a,b){var c=a.lastExpiredTime;if(0===c||c>b)a.lastExpiredTime=b}\nfunction gk(a,b,c,d,e,f){var g=b.current;a:if(c){c=c._reactInternalFiber;b:{if(Bc(c)!==c||1!==c.tag)throw t(Error(170));var h=c;do{switch(h.tag){case 3:h=h.stateNode.context;break b;case 1:if(N(h.type)){h=h.stateNode.__reactInternalMemoizedMergedChildContext;break b}}h=h.return}while(null!==h);throw t(Error(171));}if(1===c.tag){var k=c.type;if(N(k)){c=Af(c,k,h);break a}}c=h}else c=tf;null===b.context?b.context=c:b.pendingContext=c;b=f;e=rg(d,e);e.payload={element:a};b=void 0===b?null:b;null!==b&&\n(e.callback=b);tg(g,e);Hg(g,d);return d}function hk(a,b,c,d){var e=b.current,f=Fg(),g=Cg.suspense;e=Gg(f,e,g);return gk(a,b,c,e,g,d)}function ik(a){a=a.current;if(!a.child)return null;switch(a.child.tag){case 5:return a.child.stateNode;default:return a.child.stateNode}}function jk(a,b,c){var d=3=b;)c=d,d=d._next;a._next=d;null!==c&&(c._next=a)}return a};function qk(a){return!(!a||1!==a.nodeType&&9!==a.nodeType&&11!==a.nodeType&&(8!==a.nodeType||\" react-mount-point-unstable \"!==a.nodeValue))}db=Pj;eb=Qj;fb=Nj;gb=function(a,b){var c=T;T|=2;try{return a(b)}finally{T=c,T===S&&bg()}};\nfunction rk(a,b){b||(b=a?9===a.nodeType?a.documentElement:a.firstChild:null,b=!(!b||1!==b.nodeType||!b.hasAttribute(\"data-reactroot\")));if(!b)for(var c;c=a.lastChild;)a.removeChild(c);return new nk(a,0,b?{hydrate:!0}:void 0)}\nfunction sk(a,b,c,d,e){var f=c._reactRootContainer;if(f){var g=f._internalRoot;if(\"function\"===typeof e){var h=e;e=function(){var a=ik(g);h.call(a)}}hk(b,g,a,e)}else{f=c._reactRootContainer=rk(c,d);g=f._internalRoot;if(\"function\"===typeof e){var k=e;e=function(){var a=ik(g);k.call(a)}}Rj(function(){hk(b,g,a,e)})}return ik(g)}function tk(a,b){var c=2=H};l=function(){};exports.unstable_forceFrameRate=function(a){0>a||125L(n,c))void 0!==r&&0>L(r,n)?(a[d]=r,a[v]=c,d=v):(a[d]=n,a[m]=c,d=m);else if(void 0!==r&&0>L(r,c))a[d]=r,a[v]=c,d=v;else break a}}return b}return null}function L(a,b){var c=a.sortIndex-b.sortIndex;return 0!==c?c:a.id-b.id}var O=[],P=[],Q=1,R=null,S=3,T=!1,U=!1,V=!1;\nfunction W(a){for(var b=M(P);null!==b;){if(null===b.callback)N(P);else if(b.startTime<=a)N(P),b.sortIndex=b.expirationTime,K(O,b);else break;b=M(P)}}function X(a){V=!1;W(a);if(!U)if(null!==M(O))U=!0,f(Y);else{var b=M(P);null!==b&&g(X,b.startTime-a)}}\nfunction Y(a,b){U=!1;V&&(V=!1,h());T=!0;var c=S;try{W(b);for(R=M(O);null!==R&&(!(R.expirationTime>b)||a&&!k());){var d=R.callback;if(null!==d){R.callback=null;S=R.priorityLevel;var e=d(R.expirationTime<=b);b=exports.unstable_now();\"function\"===typeof e?R.callback=e:R===M(O)&&N(O);W(b)}else N(O);R=M(O)}if(null!==R)var m=!0;else{var n=M(P);null!==n&&g(X,n.startTime-b);m=!1}return m}finally{R=null,S=c,T=!1}}\nfunction Z(a){switch(a){case 1:return-1;case 2:return 250;case 5:return 1073741823;case 4:return 1E4;default:return 5E3}}var aa=l;exports.unstable_ImmediatePriority=1;exports.unstable_UserBlockingPriority=2;exports.unstable_NormalPriority=3;exports.unstable_IdlePriority=5;exports.unstable_LowPriority=4;exports.unstable_runWithPriority=function(a,b){switch(a){case 1:case 2:case 3:case 4:case 5:break;default:a=3}var c=S;S=a;try{return b()}finally{S=c}};\nexports.unstable_next=function(a){switch(S){case 1:case 2:case 3:var b=3;break;default:b=S}var c=S;S=b;try{return a()}finally{S=c}};\nexports.unstable_scheduleCallback=function(a,b,c){var d=exports.unstable_now();if(\"object\"===typeof c&&null!==c){var e=c.delay;e=\"number\"===typeof e&&0d?(a.sortIndex=e,K(P,a),null===M(O)&&a===M(P)&&(V?h():V=!0,g(X,e-d))):(a.sortIndex=c,K(O,a),U||T||(U=!0,f(Y)));return a};exports.unstable_cancelCallback=function(a){a.callback=null};\nexports.unstable_wrapCallback=function(a){var b=S;return function(){var c=S;S=b;try{return a.apply(this,arguments)}finally{S=c}}};exports.unstable_getCurrentPriorityLevel=function(){return S};exports.unstable_shouldYield=function(){var a=exports.unstable_now();W(a);var b=M(O);return b!==R&&null!==R&&null!==b&&null!==b.callback&&b.startTime<=a&&b.expirationTime result for the\n // current iteration.\n result.value = unwrapped;\n resolve(result);\n }, function(error) {\n // If a rejected Promise was yielded, throw the rejection back\n // into the async generator function so it can be handled there.\n return invoke(\"throw\", error, resolve, reject);\n });\n }\n }\n\n var previousPromise;\n\n function enqueue(method, arg) {\n function callInvokeWithMethodAndArg() {\n return new PromiseImpl(function(resolve, reject) {\n invoke(method, arg, resolve, reject);\n });\n }\n\n return previousPromise =\n // If enqueue has been called before, then we want to wait until\n // all previous Promises have been resolved before calling invoke,\n // so that results are always delivered in the correct order. If\n // enqueue has not been called before, then it is important to\n // call invoke immediately, without waiting on a callback to fire,\n // so that the async generator function has the opportunity to do\n // any necessary setup in a predictable way. This predictability\n // is why the Promise constructor synchronously invokes its\n // executor callback, and why async functions synchronously\n // execute code before the first await. Since we implement simple\n // async functions in terms of async generators, it is especially\n // important to get this right, even though it requires care.\n previousPromise ? previousPromise.then(\n callInvokeWithMethodAndArg,\n // Avoid propagating failures to Promises returned by later\n // invocations of the iterator.\n callInvokeWithMethodAndArg\n ) : callInvokeWithMethodAndArg();\n }\n\n // Define the unified helper method that is used to implement .next,\n // .throw, and .return (see defineIteratorMethods).\n this._invoke = enqueue;\n }\n\n defineIteratorMethods(AsyncIterator.prototype);\n AsyncIterator.prototype[asyncIteratorSymbol] = function () {\n return this;\n };\n exports.AsyncIterator = AsyncIterator;\n\n // Note that simple async functions are implemented on top of\n // AsyncIterator objects; they just return a Promise for the value of\n // the final result produced by the iterator.\n exports.async = function(innerFn, outerFn, self, tryLocsList, PromiseImpl) {\n if (PromiseImpl === void 0) PromiseImpl = Promise;\n\n var iter = new AsyncIterator(\n wrap(innerFn, outerFn, self, tryLocsList),\n PromiseImpl\n );\n\n return exports.isGeneratorFunction(outerFn)\n ? iter // If outerFn is a generator, return the full iterator.\n : iter.next().then(function(result) {\n return result.done ? result.value : iter.next();\n });\n };\n\n function makeInvokeMethod(innerFn, self, context) {\n var state = GenStateSuspendedStart;\n\n return function invoke(method, arg) {\n if (state === GenStateExecuting) {\n throw new Error(\"Generator is already running\");\n }\n\n if (state === GenStateCompleted) {\n if (method === \"throw\") {\n throw arg;\n }\n\n // Be forgiving, per 25.3.3.3.3 of the spec:\n // https://people.mozilla.org/~jorendorff/es6-draft.html#sec-generatorresume\n return doneResult();\n }\n\n context.method = method;\n context.arg = arg;\n\n while (true) {\n var delegate = context.delegate;\n if (delegate) {\n var delegateResult = maybeInvokeDelegate(delegate, context);\n if (delegateResult) {\n if (delegateResult === ContinueSentinel) continue;\n return delegateResult;\n }\n }\n\n if (context.method === \"next\") {\n // Setting context._sent for legacy support of Babel's\n // function.sent implementation.\n context.sent = context._sent = context.arg;\n\n } else if (context.method === \"throw\") {\n if (state === GenStateSuspendedStart) {\n state = GenStateCompleted;\n throw context.arg;\n }\n\n context.dispatchException(context.arg);\n\n } else if (context.method === \"return\") {\n context.abrupt(\"return\", context.arg);\n }\n\n state = GenStateExecuting;\n\n var record = tryCatch(innerFn, self, context);\n if (record.type === \"normal\") {\n // If an exception is thrown from innerFn, we leave state ===\n // GenStateExecuting and loop back for another invocation.\n state = context.done\n ? GenStateCompleted\n : GenStateSuspendedYield;\n\n if (record.arg === ContinueSentinel) {\n continue;\n }\n\n return {\n value: record.arg,\n done: context.done\n };\n\n } else if (record.type === \"throw\") {\n state = GenStateCompleted;\n // Dispatch the exception by looping back around to the\n // context.dispatchException(context.arg) call above.\n context.method = \"throw\";\n context.arg = record.arg;\n }\n }\n };\n }\n\n // Call delegate.iterator[context.method](context.arg) and handle the\n // result, either by returning a { value, done } result from the\n // delegate iterator, or by modifying context.method and context.arg,\n // setting context.delegate to null, and returning the ContinueSentinel.\n function maybeInvokeDelegate(delegate, context) {\n var method = delegate.iterator[context.method];\n if (method === undefined) {\n // A .throw or .return when the delegate iterator has no .throw\n // method always terminates the yield* loop.\n context.delegate = null;\n\n if (context.method === \"throw\") {\n // Note: [\"return\"] must be used for ES3 parsing compatibility.\n if (delegate.iterator[\"return\"]) {\n // If the delegate iterator has a return method, give it a\n // chance to clean up.\n context.method = \"return\";\n context.arg = undefined;\n maybeInvokeDelegate(delegate, context);\n\n if (context.method === \"throw\") {\n // If maybeInvokeDelegate(context) changed context.method from\n // \"return\" to \"throw\", let that override the TypeError below.\n return ContinueSentinel;\n }\n }\n\n context.method = \"throw\";\n context.arg = new TypeError(\n \"The iterator does not provide a 'throw' method\");\n }\n\n return ContinueSentinel;\n }\n\n var record = tryCatch(method, delegate.iterator, context.arg);\n\n if (record.type === \"throw\") {\n context.method = \"throw\";\n context.arg = record.arg;\n context.delegate = null;\n return ContinueSentinel;\n }\n\n var info = record.arg;\n\n if (! info) {\n context.method = \"throw\";\n context.arg = new TypeError(\"iterator result is not an object\");\n context.delegate = null;\n return ContinueSentinel;\n }\n\n if (info.done) {\n // Assign the result of the finished delegate to the temporary\n // variable specified by delegate.resultName (see delegateYield).\n context[delegate.resultName] = info.value;\n\n // Resume execution at the desired location (see delegateYield).\n context.next = delegate.nextLoc;\n\n // If context.method was \"throw\" but the delegate handled the\n // exception, let the outer generator proceed normally. If\n // context.method was \"next\", forget context.arg since it has been\n // \"consumed\" by the delegate iterator. If context.method was\n // \"return\", allow the original .return call to continue in the\n // outer generator.\n if (context.method !== \"return\") {\n context.method = \"next\";\n context.arg = undefined;\n }\n\n } else {\n // Re-yield the result returned by the delegate method.\n return info;\n }\n\n // The delegate iterator is finished, so forget it and continue with\n // the outer generator.\n context.delegate = null;\n return ContinueSentinel;\n }\n\n // Define Generator.prototype.{next,throw,return} in terms of the\n // unified ._invoke helper method.\n defineIteratorMethods(Gp);\n\n define(Gp, toStringTagSymbol, \"Generator\");\n\n // A Generator should always return itself as the iterator object when the\n // @@iterator function is called on it. Some browsers' implementations of the\n // iterator prototype chain incorrectly implement this, causing the Generator\n // object to not be returned from this call. This ensures that doesn't happen.\n // See https://github.com/facebook/regenerator/issues/274 for more details.\n Gp[iteratorSymbol] = function() {\n return this;\n };\n\n Gp.toString = function() {\n return \"[object Generator]\";\n };\n\n function pushTryEntry(locs) {\n var entry = { tryLoc: locs[0] };\n\n if (1 in locs) {\n entry.catchLoc = locs[1];\n }\n\n if (2 in locs) {\n entry.finallyLoc = locs[2];\n entry.afterLoc = locs[3];\n }\n\n this.tryEntries.push(entry);\n }\n\n function resetTryEntry(entry) {\n var record = entry.completion || {};\n record.type = \"normal\";\n delete record.arg;\n entry.completion = record;\n }\n\n function Context(tryLocsList) {\n // The root entry object (effectively a try statement without a catch\n // or a finally block) gives us a place to store values thrown from\n // locations where there is no enclosing try statement.\n this.tryEntries = [{ tryLoc: \"root\" }];\n tryLocsList.forEach(pushTryEntry, this);\n this.reset(true);\n }\n\n exports.keys = function(object) {\n var keys = [];\n for (var key in object) {\n keys.push(key);\n }\n keys.reverse();\n\n // Rather than returning an object with a next method, we keep\n // things simple and return the next function itself.\n return function next() {\n while (keys.length) {\n var key = keys.pop();\n if (key in object) {\n next.value = key;\n next.done = false;\n return next;\n }\n }\n\n // To avoid creating an additional object, we just hang the .value\n // and .done properties off the next function object itself. This\n // also ensures that the minifier will not anonymize the function.\n next.done = true;\n return next;\n };\n };\n\n function values(iterable) {\n if (iterable) {\n var iteratorMethod = iterable[iteratorSymbol];\n if (iteratorMethod) {\n return iteratorMethod.call(iterable);\n }\n\n if (typeof iterable.next === \"function\") {\n return iterable;\n }\n\n if (!isNaN(iterable.length)) {\n var i = -1, next = function next() {\n while (++i < iterable.length) {\n if (hasOwn.call(iterable, i)) {\n next.value = iterable[i];\n next.done = false;\n return next;\n }\n }\n\n next.value = undefined;\n next.done = true;\n\n return next;\n };\n\n return next.next = next;\n }\n }\n\n // Return an iterator with no values.\n return { next: doneResult };\n }\n exports.values = values;\n\n function doneResult() {\n return { value: undefined, done: true };\n }\n\n Context.prototype = {\n constructor: Context,\n\n reset: function(skipTempReset) {\n this.prev = 0;\n this.next = 0;\n // Resetting context._sent for legacy support of Babel's\n // function.sent implementation.\n this.sent = this._sent = undefined;\n this.done = false;\n this.delegate = null;\n\n this.method = \"next\";\n this.arg = undefined;\n\n this.tryEntries.forEach(resetTryEntry);\n\n if (!skipTempReset) {\n for (var name in this) {\n // Not sure about the optimal order of these conditions:\n if (name.charAt(0) === \"t\" &&\n hasOwn.call(this, name) &&\n !isNaN(+name.slice(1))) {\n this[name] = undefined;\n }\n }\n }\n },\n\n stop: function() {\n this.done = true;\n\n var rootEntry = this.tryEntries[0];\n var rootRecord = rootEntry.completion;\n if (rootRecord.type === \"throw\") {\n throw rootRecord.arg;\n }\n\n return this.rval;\n },\n\n dispatchException: function(exception) {\n if (this.done) {\n throw exception;\n }\n\n var context = this;\n function handle(loc, caught) {\n record.type = \"throw\";\n record.arg = exception;\n context.next = loc;\n\n if (caught) {\n // If the dispatched exception was caught by a catch block,\n // then let that catch block handle the exception normally.\n context.method = \"next\";\n context.arg = undefined;\n }\n\n return !! caught;\n }\n\n for (var i = this.tryEntries.length - 1; i >= 0; --i) {\n var entry = this.tryEntries[i];\n var record = entry.completion;\n\n if (entry.tryLoc === \"root\") {\n // Exception thrown outside of any try block that could handle\n // it, so set the completion value of the entire function to\n // throw the exception.\n return handle(\"end\");\n }\n\n if (entry.tryLoc <= this.prev) {\n var hasCatch = hasOwn.call(entry, \"catchLoc\");\n var hasFinally = hasOwn.call(entry, \"finallyLoc\");\n\n if (hasCatch && hasFinally) {\n if (this.prev < entry.catchLoc) {\n return handle(entry.catchLoc, true);\n } else if (this.prev < entry.finallyLoc) {\n return handle(entry.finallyLoc);\n }\n\n } else if (hasCatch) {\n if (this.prev < entry.catchLoc) {\n return handle(entry.catchLoc, true);\n }\n\n } else if (hasFinally) {\n if (this.prev < entry.finallyLoc) {\n return handle(entry.finallyLoc);\n }\n\n } else {\n throw new Error(\"try statement without catch or finally\");\n }\n }\n }\n },\n\n abrupt: function(type, arg) {\n for (var i = this.tryEntries.length - 1; i >= 0; --i) {\n var entry = this.tryEntries[i];\n if (entry.tryLoc <= this.prev &&\n hasOwn.call(entry, \"finallyLoc\") &&\n this.prev < entry.finallyLoc) {\n var finallyEntry = entry;\n break;\n }\n }\n\n if (finallyEntry &&\n (type === \"break\" ||\n type === \"continue\") &&\n finallyEntry.tryLoc <= arg &&\n arg <= finallyEntry.finallyLoc) {\n // Ignore the finally entry if control is not jumping to a\n // location outside the try/catch block.\n finallyEntry = null;\n }\n\n var record = finallyEntry ? finallyEntry.completion : {};\n record.type = type;\n record.arg = arg;\n\n if (finallyEntry) {\n this.method = \"next\";\n this.next = finallyEntry.finallyLoc;\n return ContinueSentinel;\n }\n\n return this.complete(record);\n },\n\n complete: function(record, afterLoc) {\n if (record.type === \"throw\") {\n throw record.arg;\n }\n\n if (record.type === \"break\" ||\n record.type === \"continue\") {\n this.next = record.arg;\n } else if (record.type === \"return\") {\n this.rval = this.arg = record.arg;\n this.method = \"return\";\n this.next = \"end\";\n } else if (record.type === \"normal\" && afterLoc) {\n this.next = afterLoc;\n }\n\n return ContinueSentinel;\n },\n\n finish: function(finallyLoc) {\n for (var i = this.tryEntries.length - 1; i >= 0; --i) {\n var entry = this.tryEntries[i];\n if (entry.finallyLoc === finallyLoc) {\n this.complete(entry.completion, entry.afterLoc);\n resetTryEntry(entry);\n return ContinueSentinel;\n }\n }\n },\n\n \"catch\": function(tryLoc) {\n for (var i = this.tryEntries.length - 1; i >= 0; --i) {\n var entry = this.tryEntries[i];\n if (entry.tryLoc === tryLoc) {\n var record = entry.completion;\n if (record.type === \"throw\") {\n var thrown = record.arg;\n resetTryEntry(entry);\n }\n return thrown;\n }\n }\n\n // The context.catch method must only be called with a location\n // argument that corresponds to a known catch block.\n throw new Error(\"illegal catch attempt\");\n },\n\n delegateYield: function(iterable, resultName, nextLoc) {\n this.delegate = {\n iterator: values(iterable),\n resultName: resultName,\n nextLoc: nextLoc\n };\n\n if (this.method === \"next\") {\n // Deliberately forget the last sent value so that we don't\n // accidentally pass it on to the delegate.\n this.arg = undefined;\n }\n\n return ContinueSentinel;\n }\n };\n\n // Regardless of whether this script is executing as a CommonJS module\n // or not, return the runtime object so that we can declare the variable\n // regeneratorRuntime in the outer scope, which allows this module to be\n // injected easily by `bin/regenerator --include-runtime script.js`.\n return exports;\n\n}(\n // If this script is executing as a CommonJS module, use module.exports\n // as the regeneratorRuntime namespace. Otherwise create a new empty\n // object. Either way, the resulting object will be used to initialize\n // the regeneratorRuntime variable at the top of this file.\n typeof module === \"object\" ? module.exports : {}\n));\n\ntry {\n regeneratorRuntime = runtime;\n} catch (accidentalStrictMode) {\n // This module should not be running in strict mode, so the above\n // assignment should always work unless something is misconfigured. Just\n // in case runtime.js accidentally runs in strict mode, we can escape\n // strict mode using a global Function call. This could conceivably fail\n // if a Content Security Policy forbids using Function, but in that case\n // the proper solution is to fix the accidental strict mode problem. If\n // you've misconfigured your bundler to force strict mode and applied a\n // CSP to forbid Function, and you're not willing to fix either of those\n // problems, please detail your unique predicament in a GitHub issue.\n Function(\"r\", \"regeneratorRuntime = r\")(runtime);\n}\n","module.exports = Array.isArray || function (arr) {\n return Object.prototype.toString.call(arr) == '[object Array]';\n};\n","var scope = (typeof global !== \"undefined\" && global) ||\n (typeof self !== \"undefined\" && self) ||\n window;\nvar apply = Function.prototype.apply;\n\n// DOM APIs, for completeness\n\nexports.setTimeout = function() {\n return new Timeout(apply.call(setTimeout, scope, arguments), clearTimeout);\n};\nexports.setInterval = function() {\n return new Timeout(apply.call(setInterval, scope, arguments), clearInterval);\n};\nexports.clearTimeout =\nexports.clearInterval = function(timeout) {\n if (timeout) {\n timeout.close();\n }\n};\n\nfunction Timeout(id, clearFn) {\n this._id = id;\n this._clearFn = clearFn;\n}\nTimeout.prototype.unref = Timeout.prototype.ref = function() {};\nTimeout.prototype.close = function() {\n this._clearFn.call(scope, this._id);\n};\n\n// Does not start the time, just sets up the members needed.\nexports.enroll = function(item, msecs) {\n clearTimeout(item._idleTimeoutId);\n item._idleTimeout = msecs;\n};\n\nexports.unenroll = function(item) {\n clearTimeout(item._idleTimeoutId);\n item._idleTimeout = -1;\n};\n\nexports._unrefActive = exports.active = function(item) {\n clearTimeout(item._idleTimeoutId);\n\n var msecs = item._idleTimeout;\n if (msecs >= 0) {\n item._idleTimeoutId = setTimeout(function onTimeout() {\n if (item._onTimeout)\n item._onTimeout();\n }, msecs);\n }\n};\n\n// setimmediate attaches itself to the global object\nrequire(\"setimmediate\");\n// On some exotic environments, it's not clear which object `setimmediate` was\n// able to install onto. Search each possibility in the same order as the\n// `setimmediate` library.\nexports.setImmediate = (typeof self !== \"undefined\" && self.setImmediate) ||\n (typeof global !== \"undefined\" && global.setImmediate) ||\n (this && this.setImmediate);\nexports.clearImmediate = (typeof self !== \"undefined\" && self.clearImmediate) ||\n (typeof global !== \"undefined\" && global.clearImmediate) ||\n (this && this.clearImmediate);\n","(function (global, undefined) {\n \"use strict\";\n\n if (global.setImmediate) {\n return;\n }\n\n var nextHandle = 1; // Spec says greater than zero\n var tasksByHandle = {};\n var currentlyRunningATask = false;\n var doc = global.document;\n var registerImmediate;\n\n function setImmediate(callback) {\n // Callback can either be a function or a string\n if (typeof callback !== \"function\") {\n callback = new Function(\"\" + callback);\n }\n // Copy function arguments\n var args = new Array(arguments.length - 1);\n for (var i = 0; i < args.length; i++) {\n args[i] = arguments[i + 1];\n }\n // Store and register the task\n var task = { callback: callback, args: args };\n tasksByHandle[nextHandle] = task;\n registerImmediate(nextHandle);\n return nextHandle++;\n }\n\n function clearImmediate(handle) {\n delete tasksByHandle[handle];\n }\n\n function run(task) {\n var callback = task.callback;\n var args = task.args;\n switch (args.length) {\n case 0:\n callback();\n break;\n case 1:\n callback(args[0]);\n break;\n case 2:\n callback(args[0], args[1]);\n break;\n case 3:\n callback(args[0], args[1], args[2]);\n break;\n default:\n callback.apply(undefined, args);\n break;\n }\n }\n\n function runIfPresent(handle) {\n // From the spec: \"Wait until any invocations of this algorithm started before this one have completed.\"\n // So if we're currently running a task, we'll need to delay this invocation.\n if (currentlyRunningATask) {\n // Delay by doing a setTimeout. setImmediate was tried instead, but in Firefox 7 it generated a\n // \"too much recursion\" error.\n setTimeout(runIfPresent, 0, handle);\n } else {\n var task = tasksByHandle[handle];\n if (task) {\n currentlyRunningATask = true;\n try {\n run(task);\n } finally {\n clearImmediate(handle);\n currentlyRunningATask = false;\n }\n }\n }\n }\n\n function installNextTickImplementation() {\n registerImmediate = function(handle) {\n process.nextTick(function () { runIfPresent(handle); });\n };\n }\n\n function canUsePostMessage() {\n // The test against `importScripts` prevents this implementation from being installed inside a web worker,\n // where `global.postMessage` means something completely different and can't be used for this purpose.\n if (global.postMessage && !global.importScripts) {\n var postMessageIsAsynchronous = true;\n var oldOnMessage = global.onmessage;\n global.onmessage = function() {\n postMessageIsAsynchronous = false;\n };\n global.postMessage(\"\", \"*\");\n global.onmessage = oldOnMessage;\n return postMessageIsAsynchronous;\n }\n }\n\n function installPostMessageImplementation() {\n // Installs an event handler on `global` for the `message` event: see\n // * https://developer.mozilla.org/en/DOM/window.postMessage\n // * http://www.whatwg.org/specs/web-apps/current-work/multipage/comms.html#crossDocumentMessages\n\n var messagePrefix = \"setImmediate$\" + Math.random() + \"$\";\n var onGlobalMessage = function(event) {\n if (event.source === global &&\n typeof event.data === \"string\" &&\n event.data.indexOf(messagePrefix) === 0) {\n runIfPresent(+event.data.slice(messagePrefix.length));\n }\n };\n\n if (global.addEventListener) {\n global.addEventListener(\"message\", onGlobalMessage, false);\n } else {\n global.attachEvent(\"onmessage\", onGlobalMessage);\n }\n\n registerImmediate = function(handle) {\n global.postMessage(messagePrefix + handle, \"*\");\n };\n }\n\n function installMessageChannelImplementation() {\n var channel = new MessageChannel();\n channel.port1.onmessage = function(event) {\n var handle = event.data;\n runIfPresent(handle);\n };\n\n registerImmediate = function(handle) {\n channel.port2.postMessage(handle);\n };\n }\n\n function installReadyStateChangeImplementation() {\n var html = doc.documentElement;\n registerImmediate = function(handle) {\n // Create a + ?> +
    +
    +
    + +
    + + +
    + + + + +
    @@ -55,28 +42,32 @@ @@ -92,7 +83,7 @@ @@ -100,36 +91,36 @@ @@ -157,6 +148,8 @@ + + @@ -175,22 +168,22 @@
    - + ".$user."_");?>
    - +
    - ">
    - + (".__('maximum characters length, including prefix', 16).")"; + ?>
    - ">
    - +
    - +
    - +
    - +
    - ">
    - + - +
    @@ -198,10 +191,9 @@
    +
    - - - diff --git a/web/templates/admin/add_dns.html b/web/templates/admin/add_dns.html index cbbef75be..1419cb698 100644 --- a/web/templates/admin/add_dns.html +++ b/web/templates/admin/add_dns.html @@ -1,39 +1,35 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    +
    +
    +
    + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; + } + } + ?>
    +
    +
    +
    + + +
    +
    - + + @@ -51,7 +47,7 @@ @@ -61,7 +57,7 @@ @@ -74,12 +70,12 @@
    - ">
    - ">
    @@ -89,7 +85,7 @@ @@ -99,24 +95,70 @@ + + + '; + + if($v_ns4) + echo ' + + '; + + if($v_ns5) + echo ' + + '; + + if($v_ns6) + echo ' + + '; + + if($v_ns7) + echo ' + + '; + + if($v_ns8) + echo ' + + '; + ?> + > + + +
    - () + ()
    - ">
    - ">
    - "> +
    - "> +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + +
    @@ -124,10 +166,10 @@
    - + - +
    @@ -135,3 +177,4 @@
    +
    \ No newline at end of file diff --git a/web/templates/admin/add_dns_rec.html b/web/templates/admin/add_dns_rec.html index 3083c9297..33b4a9be0 100644 --- a/web/templates/admin/add_dns_rec.html +++ b/web/templates/admin/add_dns_rec.html @@ -1,29 +1,35 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    +
    +
    +
    + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; + } + } + ?>
    +
    +
    +
    + + +
    +
    + + @@ -50,7 +57,7 @@ @@ -74,6 +81,8 @@ + + @@ -84,7 +93,7 @@ @@ -94,17 +103,17 @@
    @@ -40,7 +46,8 @@
    - " disabled > + ">
    - ">
    - ">
    - ">
    - + - +
    @@ -112,8 +121,8 @@
    +
    - - + diff --git a/web/templates/admin/add_firewall.html b/web/templates/admin/add_firewall.html index 3df119381..20b40cd96 100644 --- a/web/templates/admin/add_firewall.html +++ b/web/templates/admin/add_firewall.html @@ -1,39 +1,35 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    - - -
    - + ?> + + + + +
    + + +
    + + + + @@ -46,28 +42,28 @@
    @@ -80,7 +76,7 @@ @@ -90,7 +86,7 @@ @@ -100,7 +96,7 @@ @@ -108,10 +104,10 @@
    - +
    - +
    - ">
    - ">
    - ">
    - + - +
    @@ -119,3 +115,5 @@ + +
    \ No newline at end of file diff --git a/web/templates/admin/add_firewall_banlist.html b/web/templates/admin/add_firewall_banlist.html index 9f8a6fd56..0ed08ae2b 100644 --- a/web/templates/admin/add_firewall_banlist.html +++ b/web/templates/admin/add_firewall_banlist.html @@ -1,39 +1,35 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    - - - - + ?> + + + + +
    + + +
    + + + + @@ -46,40 +42,40 @@
    - +
    - () + ()
    - ">
    - + - +
    @@ -87,3 +83,4 @@ +
    diff --git a/web/templates/admin/add_ip.html b/web/templates/admin/add_ip.html index 94ec74230..896533899 100644 --- a/web/templates/admin/add_ip.html +++ b/web/templates/admin/add_ip.html @@ -1,39 +1,35 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    - - - - + ?> + + + + +
    + + +
    + + + + @@ -46,12 +42,12 @@
    @@ -61,7 +57,7 @@ @@ -74,11 +70,11 @@ @@ -100,9 +96,9 @@ @@ -118,17 +114,17 @@ @@ -137,14 +133,15 @@
    - +
    - ">
    - ">
    - ">
    - () + ()
    - ">
    - + - +
    - + +
    \ No newline at end of file diff --git a/web/templates/admin/add_mail.html b/web/templates/admin/add_mail.html index afc9ca4c2..f1d8f99c5 100644 --- a/web/templates/admin/add_mail.html +++ b/web/templates/admin/add_mail.html @@ -1,29 +1,35 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    +
    +
    +
    + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; + } + } + ?>
    +
    +
    +
    + + +
    +
    + + @@ -62,10 +68,10 @@
    @@ -40,7 +46,7 @@
    - ">
    - + - +
    @@ -73,3 +79,4 @@
    +
    diff --git a/web/templates/admin/add_mail_acc.html b/web/templates/admin/add_mail_acc.html index 12c96262a..43821cd9c 100644 --- a/web/templates/admin/add_mail_acc.html +++ b/web/templates/admin/add_mail_acc.html @@ -1,49 +1,35 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    - - -
    - + ?> + + + + +
    + + +
    + + + + @@ -61,7 +47,8 @@ @@ -71,7 +58,7 @@ @@ -94,32 +81,33 @@
    - " disabled > + ">
    - ">
    @@ -130,18 +118,97 @@
    - () + ()
    - "> +
    - () + ()
    - +
    - () + ()
    - +
    + + + + + + + + "> + + +
    - + - +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + +
    :
    example@
    :
    ******
    :
    :
    143
    :
    :
    :
    :
    587
    :
    :
    :
    +
    + +
    diff --git a/web/templates/admin/add_package.html b/web/templates/admin/add_package.html index 27cb1e19e..b953f65cd 100644 --- a/web/templates/admin/add_package.html +++ b/web/templates/admin/add_package.html @@ -1,30 +1,35 @@ - - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    +
    +
    +
    + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; + } + } + ?>
    +
    +
    +
    + + +
    +
    + + @@ -54,22 +59,50 @@ + + + + + + + + + + @@ -77,22 +110,23 @@ + @@ -100,16 +134,16 @@ @@ -123,16 +157,16 @@ @@ -143,17 +177,19 @@ @@ -163,17 +199,19 @@ @@ -183,17 +221,19 @@ @@ -203,7 +243,8 @@ @@ -213,7 +254,8 @@ @@ -223,27 +265,29 @@ @@ -253,32 +297,77 @@ + + + '; + + if($v_ns4) + echo ' + + '; + + if($v_ns5) + echo ' + + '; + + if($v_ns6) + echo ' + + '; + + if($v_ns7) + echo ' + + '; + + if($v_ns8) + echo ' + + '; + ?> + > + +
    @@ -41,12 +46,12 @@
    - ">
    - + " . strtoupper($_SESSION['WEB_SYSTEM']) . "" ;?>
    - + " . strtoupper($_SESSION['WEB_BACKEND']). "" ;?> +
    + +
    + " .strtoupper($_SESSION['PROXY_SYSTEM']) . "" ;?> +
    - + " .strtoupper($_SESSION['DNS_SYSTEM']) . "" ;?>
    - "> +
    - () + ()
    - "> +
    - "> +
    - () + ()
    - "> +
    - "> +
    - () + ()
    - "> +
    - "> +
    - "> +
    - ">
    - () + ()
    - "> +
    - () + ()
    - "> +
    - "> +
    - "> +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + +
    - + - +
    @@ -286,3 +375,4 @@
    +
    \ No newline at end of file diff --git a/web/templates/admin/add_user.html b/web/templates/admin/add_user.html index 05e142671..d8a310dcc 100644 --- a/web/templates/admin/add_user.html +++ b/web/templates/admin/add_user.html @@ -1,47 +1,37 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    - - -
    - + ?> + + + + + + +
    + + +
    + + + + @@ -59,7 +49,7 @@ @@ -69,7 +59,7 @@ @@ -79,7 +69,7 @@ @@ -89,10 +79,10 @@ @@ -113,20 +103,20 @@ @@ -149,7 +139,7 @@ @@ -159,7 +149,7 @@ @@ -167,10 +157,10 @@
    - " tabindex="1" >
    - " tabindex="2" >
    - " tabindex="3" >
    - $value) { - echo "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\n"; + echo ">".htmlentities($key)."\n"; } - ?> + ?>
    - $value) { - echo "\n\t\t\t\t\t\t\t\t\t\n"; + echo ">".htmlentities($value)."\n"; } ?> @@ -139,7 +129,7 @@
    - " tabindex="6" >
    - " tabindex="7" >
    - " tabindex="8" >
    - + - +
    @@ -178,3 +168,4 @@ +
    diff --git a/web/templates/admin/add_web.html b/web/templates/admin/add_web.html index 9945c17b2..56f25edc2 100644 --- a/web/templates/admin/add_web.html +++ b/web/templates/admin/add_web.html @@ -1,67 +1,36 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    +
    +
    +
    + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; + } + } + ?>
    +
    +
    + +
    + + +
    +
    - + + @@ -81,7 +50,7 @@ @@ -93,29 +62,25 @@ - + - - + + - + + + - - display:none"> + @@ -250,7 +228,7 @@ @@ -260,7 +238,7 @@
    - ">
    - +
    - +
    @@ -130,9 +95,10 @@
    - +
    @@ -143,27 +109,37 @@
    - +
    - +
    - / - +
    + + + + + + @@ -182,12 +158,13 @@ @@ -197,7 +174,7 @@ @@ -207,7 +184,7 @@
    + +
    + +
    - + + / ">
    - +
    - +
    - +
    @@ -224,20 +201,21 @@ $value) { $svalue = "'".$value."'"; - echo "\t\t\t\t\n"; + echo ">" . htmlentities(__($value)) . "\n"; } - ?> + ?>
    - +
    +
    - ">
    - + " id="v_password">
    @@ -268,7 +246,7 @@ - + @@ -286,7 +264,7 @@ # () - + @@ -297,7 +275,7 @@ - name="v_ftp_user[][v_ftp_user]" > + name="v_ftp_user[][v_ftp_user]" value=""> @@ -308,7 +286,7 @@ - "> @@ -319,9 +297,9 @@ - - + "> + "> +
    @@ -332,7 +310,7 @@ - "> @@ -341,18 +319,17 @@ - + -
    - + - +
    @@ -360,12 +337,12 @@
    - + +
    - - diff --git a/web/templates/admin/edit_backup_exclusions.html b/web/templates/admin/edit_backup_exclusions.html index e2f974d78..819c92440 100644 --- a/web/templates/admin/edit_backup_exclusions.html +++ b/web/templates/admin/edit_backup_exclusions.html @@ -1,29 +1,35 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    +
    +
    +
    + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; + } + } + ?>
    +
    +
    -
    +
    + + +
    + + + + - - - - - - @@ -64,7 +60,7 @@ @@ -74,17 +70,7 @@ - - - - - - @@ -94,17 +80,17 @@
    @@ -44,17 +50,7 @@
    - -
    - -
    - +
    - +
    - -
    - -
    - +
    - +
    - + - +
    @@ -112,3 +98,4 @@ +
    diff --git a/web/templates/admin/edit_cron.html b/web/templates/admin/edit_cron.html index 786180a0b..d8e996546 100644 --- a/web/templates/admin/edit_cron.html +++ b/web/templates/admin/edit_cron.html @@ -1,44 +1,382 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    -
    +
    + + +
    + + +
    +
    +
      +
      • +
      • +
      • +
      • +
      • +
    +
    + + + + + +

    : + +

    +

    + +

    + +
    + + +
    +
    + + + +

    : + +

    + +

    : + +

    + +

    + +

    +
    +
    + + +
    +
    + + +

    : + +

    + +

    : + + + : + +

    +

    + +

    +
    +
    + +
    +
    + + + +

    : + +

    + +

    : + + : + +

    + +

    + +

    +
    +
    + + +
    +
    + + +

    : + +

    + +

    : + + + : + + + : + +

    +

    + +

    +
    +
    +
    +
    + + +
    + +
    - +
    -
    - +
    +
    		+ + + + + + + + @@ -56,7 +394,7 @@ @@ -66,7 +404,7 @@ @@ -76,7 +414,7 @@ @@ -86,31 +424,22 @@ - - -
    + +
    + "> +
    @@ -46,7 +384,7 @@
    - ">
    - ">
    - ">
    - ">
    - - -
    - > + ">
    - + - +
    -
    \ No newline at end of file + +
    \ No newline at end of file diff --git a/web/templates/admin/edit_db.html b/web/templates/admin/edit_db.html index 96111abdd..a1479ef20 100644 --- a/web/templates/admin/edit_db.html +++ b/web/templates/admin/edit_db.html @@ -1,49 +1,35 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    -
    - +
    + + +
    + + + + @@ -51,8 +37,8 @@
    @@ -67,7 +53,7 @@ @@ -78,18 +64,18 @@ @@ -99,7 +85,7 @@ @@ -109,7 +95,7 @@ @@ -119,17 +105,17 @@
    -
    - +
    +
    - " disabled>
    - ">
    - / + /
    - ">
    - " disabled>
    - " disabled>
    - " disabled>
    - + - +
    @@ -137,9 +123,9 @@ +
    - - diff --git a/web/templates/admin/edit_dns.html b/web/templates/admin/edit_dns.html index ff28fc8e5..812de9a96 100644 --- a/web/templates/admin/edit_dns.html +++ b/web/templates/admin/edit_dns.html @@ -1,37 +1,43 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    -
    +
    + + +
    + + + +
    @@ -46,7 +52,8 @@ @@ -56,12 +63,12 @@ @@ -69,25 +76,25 @@ @@ -97,7 +104,7 @@ @@ -107,17 +114,17 @@
    -
    - +
    +
    - " disabled> + ">
    - ">
    - + " . strtoupper($_SESSION['DNS_SYSTEM']) . "";?>
    - () + ()
    - ">
    - ">
    - ">
    - + - +
    @@ -125,3 +132,4 @@
    +
    diff --git a/web/templates/admin/edit_dns_rec.html b/web/templates/admin/edit_dns_rec.html index b9e5f97c8..02d737cd3 100644 --- a/web/templates/admin/edit_dns_rec.html +++ b/web/templates/admin/edit_dns_rec.html @@ -1,53 +1,59 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    -
    +
    + + +
    + + + +
    - +
    -
    - +
    +
    		@@ -57,7 +63,8 @@ @@ -67,7 +74,7 @@ @@ -77,27 +84,27 @@ @@ -105,10 +112,10 @@
    - +
    - " disabled > + ">
    - " disabled> +
    - " disabled>
    - > + ">
    - () + ()
    - ">
    - () + ()
    - ">
    - + - +
    @@ -117,3 +124,4 @@
    +
    diff --git a/web/templates/admin/edit_firewall.html b/web/templates/admin/edit_firewall.html index 87fd798bf..6a7938036 100644 --- a/web/templates/admin/edit_firewall.html +++ b/web/templates/admin/edit_firewall.html @@ -1,40 +1,35 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    -
    +
    + - +
    + + + + @@ -42,8 +37,8 @@
    @@ -53,28 +48,28 @@
    -
    - +
    +
    @@ -85,7 +80,7 @@ @@ -95,7 +90,7 @@ @@ -105,21 +100,22 @@
    - +
    - +
    - ">
    - ">
    - ">
    - + - +
    - \ No newline at end of file + +
    diff --git a/web/templates/admin/edit_ip.html b/web/templates/admin/edit_ip.html index a166a2d14..b4306993e 100644 --- a/web/templates/admin/edit_ip.html +++ b/web/templates/admin/edit_ip.html @@ -1,40 +1,35 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    -
    +
    + - +
    + + + + @@ -42,48 +37,49 @@
    - +
    -
    - +
    +
    @@ -99,9 +95,9 @@ @@ -117,7 +113,7 @@ @@ -127,7 +123,7 @@ @@ -135,14 +131,15 @@
    - +
    - " disabled> + ">
    - +
    - " disabled>
    - +
    - " disabled>
    - +
    - ">
    - ">
    - + - +
    - \ No newline at end of file + +
    diff --git a/web/templates/admin/edit_mail.html b/web/templates/admin/edit_mail.html index e9317d1c2..541c57d7f 100644 --- a/web/templates/admin/edit_mail.html +++ b/web/templates/admin/edit_mail.html @@ -1,37 +1,43 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    -
    +
    + + +
    + + + +
    @@ -46,7 +52,8 @@ @@ -71,17 +78,17 @@
    -
    - +
    +
    - " disabled> + ">
    - " >
    - + - +
    @@ -89,3 +96,4 @@
    +
    diff --git a/web/templates/admin/edit_mail_acc.html b/web/templates/admin/edit_mail_acc.html index 1ca35090a..cf38065d0 100644 --- a/web/templates/admin/edit_mail_acc.html +++ b/web/templates/admin/edit_mail_acc.html @@ -1,50 +1,35 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    -
    - +
    + + +
    + + + + @@ -52,15 +37,15 @@
    - +
    -
    - +
    +
    - +
    - @@ -125,7 +111,7 @@ + + + + + +
    @@ -68,49 +53,50 @@
    - disabled > - " disabled > + "> + ">
    - / + /
    - ">
    - () + ()
    - > + + "> +
    - () + ()
    - +
    - () + ()
    - +
    - +
    @@ -133,24 +119,103 @@
    - +
    + +
    + "> + +
    - + - +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + +
    :
    example@
    :
    ******
    :
    :
    143
    :
    :
    :
    :
    587
    :
    :
    :
    +
    + +
    diff --git a/web/templates/admin/edit_package.html b/web/templates/admin/edit_package.html index e7248659e..16de9df2a 100644 --- a/web/templates/admin/edit_package.html +++ b/web/templates/admin/edit_package.html @@ -1,40 +1,41 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    -
    +
    + + +
    + + + + @@ -60,22 +61,48 @@ + + + + + + + + + @@ -83,22 +110,23 @@ + @@ -106,16 +134,16 @@ @@ -129,14 +157,14 @@ @@ -149,17 +177,19 @@ @@ -169,17 +199,19 @@ @@ -189,17 +221,19 @@ @@ -209,7 +243,8 @@ @@ -219,7 +254,8 @@ @@ -229,27 +265,29 @@ @@ -259,32 +297,80 @@ + + + + '; + + if($v_ns4) + echo ' + + '; + + if($v_ns5) + echo ' + + '; + + if($v_ns6) + echo ' + + '; + + if($v_ns7) + echo ' + + '; + + if($v_ns8) + echo ' + + '; + ?> + + > + + +
    - +
    -
    - +
    +
    		@@ -46,13 +47,13 @@
    - " disabled > + ">
    - + " .strtoupper($_SESSION['WEB_SYSTEM']) . "";?>
    - + " .strtoupper($_SESSION['WEB_BACKEND']) . "";?> +
    + +
    + " .strtoupper($_SESSION['PROXY_SYSTEM']) . "";?>
    - + " .strtoupper($_SESSION['DNS_SYSTEM']) . "";?>
    - "> +
    - () + ()
    - "> +
    - "> +
    - () + ()
    - "> +
    - "> +
    - () + ()
    - "> +
    - "> +
    - "> +
    - ">
    - () + ()
    - "> +
    - () + ()
    - "> +
    - "> +
    - "> +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + +
    - + - +
    @@ -292,3 +378,4 @@ +
    \ No newline at end of file diff --git a/web/templates/admin/edit_server.html b/web/templates/admin/edit_server.html new file mode 100644 index 000000000..61e3d5810 --- /dev/null +++ b/web/templates/admin/edit_server.html @@ -0,0 +1,1056 @@ +
    +
    +
    + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; + } + } + ?> +
    +
    +
    + +
    + + +
    + + +
    + + + + + + + + +
    + + +
    +     		+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + +
    + "> +

    +
    + +
    + +

    +
    + +
    + +
    + +
    + "> +

    +
    + + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + / +
    + +

    +
    + / +
    + +

    +
    + / +
    + +

    +
    + +
    + +

    +
    +
    + + + +
    + + + + + + + + + + + + + + + $value) { + $i++; + ?> + + + + + + + +
    + / +
    + +

    +
    + +
    + +


    +
    + +
    + +

    +
    +
    + + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + / +
    + +

    +
    + / +
    + +

    +
    + / +
    + +

    +
    + +
    + +

    +
    + +
    + + + + + + + + + + +
    + +
    + +

    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    +
    +
    +
    + + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + / +
    + +

    +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + +



    +
    + / +
    + +

    +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + +



    +
    +
    + + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + "> +

    +
    + + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + +
    + +

    +
    + +
    + "> +

    +
    + +
    + "> +

    +
    + +
    + "> +

    +
    + +
    + "> +

    +
    +
    +
    + + + +
    + + + + + + + + + + + + + + + + + + + + + + + +
    + +
    + + + + + + + +
    + +
    + +

    +
    +
    + +
    + +
    + +
    + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    +
    +
    + + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + +

    +
    + +
    + +

    +
    > + + '.__('Licence Key').':
    +
    '; + } else { + echo + __('Restrict users so that they cannot use SSH and access only their home directory.').' '.__('This is a commercial module, you would need to purchace license key to enable it.'). + '
    + '.__('Enter License Key').':
    +
    + + 2Checkout.com Inc. (Ohio, USA) is a payment facilitator for goods and services provided by vestacp.com.'; + } + ?> + +
    + +
    + +

    +
    > + + '.__('Licence Key').':
    +
    '; + } else { + echo __('Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.').' '. + __('This is a commercial module, you would need to purchace license key to enable it.'). + '
    + '.__('Enter License Key').':
    +
    + + 2Checkout.com Inc. (Ohio, USA) is a payment facilitator for goods and services provided by vestacp.com.'; + } + ?> + +
    + +
    + +

    +
    style="display:none" > +
    * plugin installation will run in background
    + Softaculous is a great Auto Installer having 426 great scripts, 1115 PHP Classes + and we are still adding more. Softaculous is ideal for Web Hosting companies and + it could give a significant boost to your sales. These scripts cover most of the + uses a customer could ever have. We have covered a wide array of Categories so that + everyone could find the required script one would need to power their Web Site. +
      +
    • + +
      • +
    +
    +
    +
    + + + + + + + +
    + + + +
    +
    +
    +
    diff --git a/web/templates/admin/edit_server_bind9.html b/web/templates/admin/edit_server_bind9.html new file mode 100644 index 000000000..62d9051fe --- /dev/null +++ b/web/templates/admin/edit_server_bind9.html @@ -0,0 +1,92 @@ +
    +
    +
    + + + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo ""; + } + } + ?> + + + +
    + / + → ".$_SESSION['ok_msg']."
    +
    +
    +
    + +
    + + + +
    + + +
    + + + + + + + + +
    + + +
    +     		+ + + + + + + + + + + + + + +
    + +
    + +
    + +
    + +
    + +
    + + + + + + +
    + + + +
    +
    +
    +
    \ No newline at end of file diff --git a/web/templates/admin/edit_server_dovecot.html b/web/templates/admin/edit_server_dovecot.html new file mode 100644 index 000000000..f5b4bd27f --- /dev/null +++ b/web/templates/admin/edit_server_dovecot.html @@ -0,0 +1,171 @@ +
    +
    +
    + + + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo ""; + } + } + ?> + + +
    + / + → ".$_SESSION['ok_msg']."
    +
    +
    +
    + +
    + + + +
    + + +
    + + + + + + + + +
    + + +
    +     		+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + +
    + + + + + + + +
    + + + +
    +
    +
    +
    diff --git a/web/templates/admin/edit_server_httpd.html b/web/templates/admin/edit_server_httpd.html new file mode 100644 index 000000000..c58ae89de --- /dev/null +++ b/web/templates/admin/edit_server_httpd.html @@ -0,0 +1,86 @@ +
    +
    +
    + + + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo ""; + } + } + ?> + + +
    + / + + → ".$_SESSION['ok_msg']."
    +
    +
    +
    + +
    + + + +
    + + +
    + + + + + + + + +
    + + +
    +     		+ + + + + + + + + + + +
    + +
    + +
    + +
    + + + + + + + +
    + + + +
    +
    +
    +
    \ No newline at end of file diff --git a/web/templates/admin/edit_server_mysql.html b/web/templates/admin/edit_server_mysql.html new file mode 100644 index 000000000..8c5325fd4 --- /dev/null +++ b/web/templates/admin/edit_server_mysql.html @@ -0,0 +1,155 @@ +
    +
    +
    + + + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo ""; + } + } + ?> + + +
    + / + → ".$_SESSION['ok_msg']."
    +
    +
    +
    + +
    + + + +
    + + +
    + + + + + + + + +
    + + +
    +     		+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + max_connections +
    + +

    +
    + max_user_connections +
    + +

    +
    + wait_timeout +
    + +

    +
    + interactive_timeout +
    + +

    +
    + max_allowed_packet +
    + +

    +
    + +
    + + + + + + + + + + + + + + + +
    + +
    + +
    + +
    + +
    + + + + + + + +
    + + + +
    +
    +
    +
    \ No newline at end of file diff --git a/web/templates/admin/edit_server_nginx.html b/web/templates/admin/edit_server_nginx.html new file mode 100644 index 000000000..2267089aa --- /dev/null +++ b/web/templates/admin/edit_server_nginx.html @@ -0,0 +1,213 @@ +
    +
    +
    + + + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo ""; + } + } + ?> + + +
    + / + + → ".$_SESSION['ok_msg']."
    +
    +
    +
    + +
    + + + +
    + + +
    + + + + + + + + +
    + + +
    +     		+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + worker_processes +
    + +

    +
    + worker_connections +
    + +

    +
    + client_max_body_size +
    + +

    +
    + send_timeout +
    + +

    +
    + proxy_connect_timeout +
    + +

    +
    + proxy_send_timeout +
    + +

    +
    + proxy_read_timeout +
    + +

    +
    + gzip +
    + +

    +
    + gzip_comp_level +
    + +

    +
    + charset +
    + +

    +
    + +
    + + + + + + + + + + + + + + + + +
    + +
    + +
    + +
    + +
    + + + + + + + +
    + + + +
    +
    +
    +
    \ No newline at end of file diff --git a/web/templates/admin/edit_server_pgsql.html b/web/templates/admin/edit_server_pgsql.html new file mode 100644 index 000000000..6aca48d44 --- /dev/null +++ b/web/templates/admin/edit_server_pgsql.html @@ -0,0 +1,92 @@ +
    +
    +
    + + + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo ""; + } + } + ?> + + +
    + / + → ".$_SESSION['ok_msg']."
    +
    +
    +
    + +
    + + + +
    + + +
    + + + + + + + + +
    + + +
    +     		+ + + + + + + + + + + + + + +
    + +
    + +
    + +
    + +
    + +
    + + + + + + + +
    + + + +
    +
    +
    +
    diff --git a/web/templates/admin/edit_server_php.html b/web/templates/admin/edit_server_php.html new file mode 100644 index 000000000..16693f812 --- /dev/null +++ b/web/templates/admin/edit_server_php.html @@ -0,0 +1,175 @@ +
    +
    +
    + + + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo ""; + } + } + ?> + + +
    + / + + → ".$_SESSION['ok_msg']."
    +
    +
    +
    + +
    + + + +
    + + +
    + + + + + + + + +
    + + +
    +     		+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + max_execution_time +
    + +

    +
    + max_input_time +
    + +

    +
    + memory_limit +
    + +

    +
    + error_reporting +
    + +

    +
    + display_errors +
    + +

    +
    + post_max_size +
    + +

    +
    + upload_max_filesize +
    + +

    +
    + +
    + + + + + + + + + + + + + +
    + +
    + +
    + +
    + +
    + + + + + + +
    + + + +
    +
    +
    +
    \ No newline at end of file diff --git a/web/templates/admin/edit_server_service.html b/web/templates/admin/edit_server_service.html new file mode 100644 index 000000000..49a81f552 --- /dev/null +++ b/web/templates/admin/edit_server_service.html @@ -0,0 +1,84 @@ +
    +
    +
    + + + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo ""; + } + } + ?> + + +
    + / + → ".$_SESSION['ok_msg']."
    +
    +
    +
    + +
    + + + +
    + + +
    + + + + + + + + +
    + + +
    +     		+ + + + + + + + + + +
    + +
    + +
    + +
    + + + + + + + +
    + + + +
    +
    +
    +
    \ No newline at end of file diff --git a/web/templates/admin/edit_user.html b/web/templates/admin/edit_user.html index bec90e90d..d717a05fb 100644 --- a/web/templates/admin/edit_user.html +++ b/web/templates/admin/edit_user.html @@ -1,52 +1,47 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } - ?> - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    + } + ?>
    +
    +
    + +
    + + +
    + +
    + + - - @@ -68,7 +64,7 @@ @@ -78,7 +74,7 @@ @@ -91,14 +87,14 @@ @@ -117,12 +113,12 @@ if (( $value == $v_language ) || ( $svalue == $v_language)){ echo 'selected' ; } - if (( $value == 'en' ) && (empty($v_language))){ + if (( $value == detect_user_language() ) && (empty($v_language))){ echo 'selected' ; } - echo ">".$value."\n"; + echo ">".htmlentities($value)."\n"; } - ?> + ?> @@ -133,7 +129,7 @@ @@ -143,7 +139,7 @@ @@ -156,14 +152,14 @@ @@ -174,32 +170,80 @@ + + + '; + + if($v_ns4) + echo ' + + '; + + if($v_ns5) + echo ' + + '; + + if($v_ns6) + echo ' + + '; + + if($v_ns7) + echo ' + + '; + + if($v_ns8) + echo ' + + '; + ?> + + > + + + +
    - +
    -
    - +
    +
    		@@ -58,7 +53,8 @@
    - " disabled> + ">
    - ">
    - ">
    - > + ">
    - > + ">
    - "> +
    - "> +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + + '.__('delete').' +
    + +
    - + - +
    @@ -207,3 +251,4 @@
    +
    \ No newline at end of file diff --git a/web/templates/admin/edit_web.html b/web/templates/admin/edit_web.html index 3cc8dfe41..006005390 100644 --- a/web/templates/admin/edit_web.html +++ b/web/templates/admin/edit_web.html @@ -1,76 +1,47 @@ +
    +
    +
    + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; } + } ?> - - - - -
    - → ".$_SESSION['ok_msg'].""; - } - if (!empty($_SESSION['error_msg'])) { - echo " → ".$_SESSION['error_msg'].""; - } - if (!empty($_SESSION['flash_error_msg'])) { - echo " / FTP USER ".$_SESSION['flash_error_msg'].""; - unset($_SESSION['flash_error_msg']); - } - ?> -
    +
    +
    -
    - @@ -94,15 +66,10 @@ @@ -128,20 +95,47 @@ + + + + + + + + + @@ -157,7 +151,7 @@ @@ -178,22 +172,27 @@
    - +
    -
    - +
    +
    		@@ -82,7 +53,8 @@
    - " disabled> + ">
    @@ -115,12 +82,12 @@
    - +
    - + " .strtoupper($_SESSION['WEB_SYSTEM']) . "";?>
    + " . strtoupper($_SESSION['WEB_BACKEND']) . "";?> +
    + +
    - +
    - +
    + - / - + + + + @@ -213,12 +212,13 @@ @@ -228,7 +228,7 @@ @@ -238,9 +238,76 @@ + + + + +
    + +
    - + + /
    - +
    - +
    - +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    +
    @@ -255,23 +322,23 @@ $value) { $svalue = "'".$value."'"; - echo "\t\t\t\t\n"; + echo ">". htmlentities(__($value)) ."\n"; } - ?> + ?> - - + + - + @@ -281,7 +348,7 @@ @@ -291,7 +358,7 @@
    - ">
    - + " id="v_password">
    @@ -316,9 +383,9 @@ @@ -329,7 +396,8 @@ @@ -340,7 +408,7 @@ @@ -351,9 +419,10 @@ @@ -364,7 +433,7 @@ @@ -372,7 +441,7 @@ - +
    - # () + # () - +
    - name="v_ftp_user[][v_ftp_user]" > + + name="v_ftp_user[][v_ftp_user]" value="">
    - ">
    - - + "> + "> + "> +
    - ">
    @@ -382,10 +451,10 @@
    - + - +
    @@ -393,12 +462,12 @@
    - + - - - - + + diff --git a/web/templates/admin/generate_ssl.html b/web/templates/admin/generate_ssl.html index 1469265a4..0aef60068 100644 --- a/web/templates/admin/generate_ssl.html +++ b/web/templates/admin/generate_ssl.html @@ -1,29 +1,35 @@ - - - - - -
    - → ".$_SESSION['error_msg'].""; - } else { - if (!empty($_SESSION['ok_msg'])) { - echo " → ".$_SESSION['ok_msg'].""; - } - } - ?> -
    +
    +
    +
    + + → ".htmlentities($_SESSION['error_msg']).""; + } else { + if (!empty($_SESSION['ok_msg'])) { + echo " → ".$_SESSION['ok_msg'].""; + } + } + ?>
    +
    +
    +
    + + +
    +
    + + @@ -58,7 +64,7 @@ @@ -69,7 +75,7 @@ @@ -79,7 +85,7 @@ @@ -89,7 +95,7 @@ @@ -99,17 +105,17 @@
    @@ -48,7 +54,7 @@
    - + ">
    - + ">
    - + ">
    - + ">
    - + ">
    - + ">
    - + - +
    @@ -117,3 +123,4 @@
    +
    diff --git a/web/templates/admin/list_backup.html b/web/templates/admin/list_backup.html index 637340132..ef00139df 100644 --- a/web/templates/admin/list_backup.html +++ b/web/templates/admin/list_backup.html @@ -1,145 +1,167 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    -
    -
    - - - -
    -
    - [ ] -
    - -
    +
    +
    + +
    + + + + + + + +
    + + + + + + + + + + + +
    + +
    + +
    + +
    +
    + +
    -
    - +
    + - $value) { - ++$i; - $web = __('no'); - $dns = __('no'); - $mail = __('no'); - $db = __('no'); - $cron = __('no'); - $udir = __('no'); - if (!empty($data[$key]['WEB'])) $web = __('yes'); - if (!empty($data[$key]['DNS'])) $dns = __('yes'); - if (!empty($data[$key]['MAIL'])) $mail = __('yes'); - if (!empty($data[$key]['DB'])) $db = __('yes'); - if (!empty($data[$key]['CRON'])) $cron = __('yes'); - if (!empty($data[$key]['UDIR'])) $udir = __('yes'); +
    + $value) { + ++$i; + $web = __('no'); + $dns = __('no'); + $mail = __('no'); + $db = __('no'); + $cron = __('no'); + $udir = __('no'); - ?> + if (!empty($data[$key]['WEB'])) $web = __('yes'); + if (!empty($data[$key]['DNS'])) $dns = __('yes'); + if (!empty($data[$key]['MAIL'])) $mail = __('yes'); + if (!empty($data[$key]['DB'])) $db = __('yes'); + if (!empty($data[$key]['CRON'])) $cron = __('yes'); + if (!empty($data[$key]['UDIR'])) $udir = __('yes'); -
    - - - + ?> - - -
    - - - - -
    ">
    -     		- - - - - " /> - - - - - - - - - - - - - - - - - - - - - - - - -
    - -
    - - - - -
    - : -
    -     		- - - - - -
    - : - - -
    -     		- - - - - -
    - : - - -
    -
    -
    - - -
    - +
    +
    +
    + + +
    + +
    +
    + '.__('update').' U
    '; + } + ?> +
     D
    +
     ↵
    +
    + + + + + +  Del +
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    +
    + +
    + +
    + + + + + + +
    +
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +
    +
    + +
    + +
    + + + + + +
    + + + +
    +
    +
    +
    +
    +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_backup_detail.html b/web/templates/admin/list_backup_detail.html index 6c0b4c101..39790652e 100644 --- a/web/templates/admin/list_backup_detail.html +++ b/web/templates/admin/list_backup_detail.html @@ -1,266 +1,396 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    -
    -
    - - - - -
    - -
    +
    +
    + +
    + + + + + + +
    + + + + + + + + + +
    + + +
    + +
    + +
    +
    + +
    -
    - - - - -
    - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
    + -
    - - -
    -     		- - - - - - - - - - - -
    - - - -
    -
    - - -
    -     		- - - - - - - - - - - -
    - - - -
    -
    - - -
    -     		- - - - - - - - - - - -
    - - - -
    -
    - - -
    -     		- - - - - - - - - - - -
    - - - -
    -
    - - -
    -     		- - - - - - - - - - - -
    - - - -
    -
    - - -
    -     		- - - - - - - - - - - -
    - - - -
    -
    - +
    +
    +
    +
    + + +
    +
    +
    + + +
    + +
    +
     R
    + +
    +
    + + +
    + +
    + + +
    + + + + +
    +
    +
    +
    +
    +
    +
    + +
    + +
    + + + + + + + + + +
    +
    +
    + + +
    + +
    +
     R
    + +
    + +
    + + +
    + +
    +
    + + + + +
    +
    +
    +
    +
    +
    +
    + +
    + +
    + + + + + + + + + + +
    +
    +
    + + +
    + +
    +
     R
    + +
    + +
    + + +
    + +
    +
    + + + + +
    +
    +
    +
    +
    +
    +
    + +
    + +
    + + + + + + + + + +
    +
    +
    + + +
    + +
    +
     R
    + +
    + +
    + + +
    + +
    +
    + + + + +
    +
    +
    +
    +
    +
    +
    + +
    + +
    + + + + + + + + + + +
    +
    +
    + + +
    + +
    +
     R
    + +
    + +
    + + +
    + +
    +
    + + + + +
    +
    +
    +
    +
    +
    +
    + +
    + +
    + + + + + + + + + + +
    +
    +
    + + +
    + +
    +
     R
    + +
    + +
    + + +
    + +
    +
    + + + + +
    +
    +
    +
    +
    +
    +
    + +
    + +
    + + + + + +
    +
    +
    + + +
    + +
    +
     R
    + +
    + +
    + + +
    + +
    +
    + + + + +
    +
    +
    +
    +
    +
    +
    + +
    + +
    + + + +
    + + + +
    +
    +
    +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_backup_exclusions.html b/web/templates/admin/list_backup_exclusions.html index 19cfd43ca..efaaa4500 100644 --- a/web/templates/admin/list_backup_exclusions.html +++ b/web/templates/admin/list_backup_exclusions.html @@ -1,87 +1,114 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    -
    -
    - - - -
    - -
    +
    +
    + +
    + + + + + +
    + + + + + +
    +
    + +
    -
    - +
    + - $value) { - ?> - - - - +
    + $value) { + ?> - +
    +
    +
    +
    + +
    + -
    - - -
    -     		- - - - - " /> - - - - - - - - -
    - - - - - $ex_value) { - ?> - - - - - -
    -
    -
    - - -
    - ... -
    + +
    +
    + + +
    + +
    +
    + + + + +
    +
    +
    +
    + $ex_value) { + echo ''.$ex_key.' '.$ex_value.'
    '; + } + ?> +
    +
    +
    +
    + +
    + + + + + + + + + + + +
    +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_cron.html b/web/templates/admin/list_cron.html index 7ac971907..4bea20c06 100644 --- a/web/templates/admin/list_cron.html +++ b/web/templates/admin/list_cron.html @@ -1,167 +1,174 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    -
    -
    - - - -
    - -
    - - [ ] - - [ ] - -
    - - -
    +
    +
    + + +
    + + + + + + + + +
    +   + '.__('turn off notifications').''; + } else { + echo ''.__('turn on notifications').''; + } + ?> + + + + + + + + + + +
    + +
    + +
    + +
    		+ : +
    +
    + +
    -
    - +
    + - $value) { - ++$i; - if ($data[$key]['SUSPENDED'] == 'yes') { - $status = 'suspended'; - $spnd_action = 'unsuspend'; - $spnd_confirmation = 'UNSUSPEND_CRON_CONFIRMATION' ; - } else { - $status = 'active'; - $spnd_action = 'suspend'; - $spnd_confirmation = 'SUSPEND_CRON_CONFIRMATION' ; - } - ?> - - - - - -
    - - - - -
    ">
    -     		- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - -
    -
    - -
    -
    - -
    -     		-
    - -
    -
    - -
    -     		-
    - -
    -
    - -
    -     		-
    - -
    -
    - -
    -     		-
    - -
    -
    - -
    -
    -
    - +
    + $value) { + ++$i; + if ($data[$key]['SUSPENDED'] == 'yes') { + $status = 'suspended'; + $spnd_action = 'unsuspend'; + $spnd_confirmation = 'UNSUSPEND_CRON_CONFIRMATION' ; + } else { + $status = 'active'; + $spnd_action = 'suspend'; + $spnd_confirmation = 'SUSPEND_CRON_CONFIRMATION' ; + } + ?> + +
    +
    +
    + + +
    + +
    +
    +
     ↵
    +
    + + + + + +  S +
    +
    + + + + + +  Del +
    + -
    -
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    + +
    +

    +

    +

    +

    +

    +
    + +
    +
    + + +
    + +
    + + + + + +
    + + +
    +
    +
    +
    +
    +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_db.html b/web/templates/admin/list_db.html index 934d6cc09..cdcac786b 100644 --- a/web/templates/admin/list_db.html +++ b/web/templates/admin/list_db.html @@ -1,173 +1,246 @@ - - - - -
    -
    - -
    -
    - - - - -
    -
    -
    - - - -
    - -
    +
    +
    + + +
    + + + $value) { + if ($data[$key]['TYPE'] == 'mysql'){ + $mysql = 1; + + $db_myadmin_link = "http://".$http_host."/phpmyadmin/"; + if (!empty($_SESSION['DB_PMA_URL'])) + $db_myadmin_link = $_SESSION['DB_PMA_URL']; + } + if ($data[$key]['TYPE'] == 'pgsql'){ + $pgsql = 1; + $db_pgadmin_link = "http://".$http_host."/phppgadmin/"; + if (!empty($_SESSION['DB_PGA_URL'])) + $db_pgadmin_link = $_SESSION['DB_PGA_URL']; + } + } + if($mysql){ + echo ''; + } + if($pgsql){ + echo ''; + } + ?> + + + + + +
    phpMyAdminphpPgAdmin + + + + + + + + + +
    + +
    + +
    + +
    		+ : +
    +
    +
    + +
    -
    - - $value) { - ++$i; - if ($data[$key]['SUSPENDED'] == 'yes') { - $status = 'suspended'; - $spnd_action = 'unsuspend' ; - $spnd_confirmation = 'UNSUSPEND_DATABASE_CONFIRMATION' ; - } else { - $status = 'active'; - $spnd_action = 'suspend' ; - $spnd_confirmation = 'SUSPEND_DATABASE_CONFIRMATION' ; - } - if ($data[$key]['HOST'] != 'localhost' ) $http_host = $data[$key]['HOST']; - if ($data[$key]['TYPE'] == 'mysql') $db_admin = "phpMyAdmin"; - if ($data[$key]['TYPE'] == 'mysql') $db_admin_link = "http://".$http_host."/phpmyadmin/"; - if (($data[$key]['TYPE'] == 'mysql') && (!empty($_SESSION['DB_PMA_URL']))) $db_admin_link = $_SESSION['DB_PMA_URL']; - if ($data[$key]['TYPE'] == 'pgsql') $db_admin = "phpPgAdmin"; - if ($data[$key]['TYPE'] == 'pgsql') $db_admin_link = "http://".$http_host."/phppgadmin/"; - if (($data[$key]['TYPE'] == 'pgsql') && (!empty($_SESSION['DB_PGA_URL']))) $db_admin_link = $_SESSION['DB_PGA_URL']; - ?> - - - - - -
    - - - - -
    ">
    -     		- - - - - " /> - - - - - - - - " /> - - - - - - - - - - - - - - - - - - - - - - - - -
    - -
    - - - - - -
    - : -
    -
    -
    -
    -     		- - - - - - - - - -
    - : - - -
    - : - - -
    -     		- - - - - - - - - -
    - : - - -
    - : - - -
    -
    -
    - +
    + -
    - + + +
    + $value) { + ++$i; + if ($data[$key]['SUSPENDED'] == 'yes') { + $status = 'suspended'; + $spnd_action = 'unsuspend' ; + $spnd_confirmation = 'UNSUSPEND_DATABASE_CONFIRMATION' ; + } else { + $status = 'active'; + $spnd_action = 'suspend' ; + $spnd_confirmation = 'SUSPEND_DATABASE_CONFIRMATION' ; + } + if ($data[$key]['HOST'] != 'localhost' ) $http_host = $data[$key]['HOST']; + if ($data[$key]['TYPE'] == 'mysql') $db_admin = "phpMyAdmin"; + if ($data[$key]['TYPE'] == 'mysql') $db_admin_link = "http://".$http_host."/phpmyadmin/"; + if (($data[$key]['TYPE'] == 'mysql') && (!empty($_SESSION['DB_PMA_URL']))) $db_admin_link = $_SESSION['DB_PMA_URL']; + if ($data[$key]['TYPE'] == 'pgsql') $db_admin = "phpPgAdmin"; + if ($data[$key]['TYPE'] == 'pgsql') $db_admin_link = "http://".$http_host."/phppgadmin/"; + if (($data[$key]['TYPE'] == 'pgsql') && (!empty($_SESSION['DB_PGA_URL']))) $db_admin_link = $_SESSION['DB_PGA_URL']; + ?> + + +
    +
    +
    + + +
    + +
    +
    +
     ↵
    +
    + + + + + +  S +
    +
    + + + + + +  Del +
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    + +
    + + + + + + + + + + + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    +
    + +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +
    +
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +
    +
    + +
    + +
    + + + + + +
    + + +
    +
    +
    +
    +
    +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_dns.html b/web/templates/admin/list_dns.html index 70437ece4..5ce29219c 100644 --- a/web/templates/admin/list_dns.html +++ b/web/templates/admin/list_dns.html @@ -1,152 +1,223 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    -
    -
    - - - -
    - -
    +
    +
    + + +
    + + + + + + + +
    + + + + + + + + + +
    + +
    + +
    + +
    		+ : +
    +
    + +
    -
    - - $value) { - ++$i; - if ($data[$key]['SUSPENDED'] == 'yes') { - $status = 'suspended'; - $spnd_action = 'unsuspend' ; - $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ; - } else { - $status = 'active'; - $spnd_action = 'suspend' ; - $spnd_confirmation = 'SUSPEND_DOMAIN_CONFIRMATION' ; - } - ?> - - - - - -
    - - - - -
    ">
    -     		- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - -
    - - - - - - - +
    + -
    - -
    -     		- - - - - - - - - -
    :
    :
    -     		- - - - - -
    :
    -
    -
    - -
    - +
    + $value) { + ++$i; + if ($data[$key]['SUSPENDED'] == 'yes') { + $status = 'suspended'; + $spnd_action = 'unsuspend' ; + $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ; + } else { + $status = 'active'; + $spnd_action = 'suspend' ; + $spnd_confirmation = 'SUSPEND_DOMAIN_CONFIRMATION' ; + } + ?> + +
    +
    +
    + + +
    + +
    +
    +
     L
    +
     N
    +
     ↵
    +
    + + + + + +  S +
    +
    + + + + + +  Del +
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    + +
    + +
    +
    + ⇢ ".$data[$key]['SRC']."    "; if($data[$key]['RECORDS']) echo '/ '.$data[$key]['RECORDS'].'';?> +
    + + + +
    + + + + + + + + + + + + + + +
    +
    +
    .', $data[$key]['IP'])?>
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +
    +
    +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+ +
    +
    :
    +
    + +
    +
    +
    +
    + +
    + +
    + + + + + +
    + + + +
    +
    +
    +
    +
    +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_dns_rec.html b/web/templates/admin/list_dns_rec.html index ec4326cc5..24f281038 100644 --- a/web/templates/admin/list_dns_rec.html +++ b/web/templates/admin/list_dns_rec.html @@ -1,100 +1,142 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    -
    -
    - - - -
    - -
    +
    +
    + +
    + + + + + + +
    + + + + + + + + + +
    + + +
    + +
    + +
    +
    + +
    + + +
    + + + + + +
    + +
    +
    +
    + + $value) { + ++$i; + if ($data[$key]['SUSPENDED'] == 'yes') { + $status = 'suspended'; + $spnd_action = 'unsuspend' ; + $spnd_confirmation = 'UNSUSPEND_RECORD_CONFIRMATION' ; + } else { + $status = 'active'; + $spnd_action = 'suspend' ; + $spnd_confirmation = 'UNSUSPEND_RECORD_CONFIRMATION' ; + } + ?> + + +
    +
    +
    + + +
    + +
    +
    +
     ↵
    +
    + + + + + +  Del +
    -
    - - - - -
    - -
    - - $value) { - ++$i; - if ($data[$key]['SUSPENDED'] == 'yes') { - $status = 'suspended'; - $spnd_action = 'unsuspend' ; - $spnd_confirmation = 'UNSUSPEND_RECORD_CONFIRMATION' ; - } else { - $status = 'active'; - $spnd_action = 'suspend' ; - $spnd_confirmation = 'UNSUSPEND_RECORD_CONFIRMATION' ; - } - ?> - - - - - -
    - - - -
    -     		- - - - - - - - - - - - - - - - - - - - - -
    -
    - -
    -
    + +
    +
    + + +
    +
    +
    + +
    +
    + +
    +
    +
    12 ) echo '...'; ?>
    +
    +
     
    +
    +
    + +
    + +
    + + + + + +
    + +
    +
    +
    +
    +
    + +
    +
    + +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_firewall.html b/web/templates/admin/list_firewall.html index 958ca62f6..889de6a2e 100644 --- a/web/templates/admin/list_firewall.html +++ b/web/templates/admin/list_firewall.html @@ -1,106 +1,155 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    -
    -
    - - - -
    - -
    - [ ] -
    - - -
    -
    - -
    - - $value) { - ++$i; - if ($data[$key]['SUSPENDED'] == 'yes') { - $status = 'suspended'; - $spnd_action = 'unsuspend' ; - $spnd_confirmation = 'UNSUSPEND_RULE_CONFIRMATION' ; - } else { - $status = 'active'; - $spnd_action = 'suspend' ; - $spnd_confirmation = 'SUSPEND_RULE_CONFIRMATION' ; - } - ?> - - - - - -
    - - - -
    -     		- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    -
    - -
    - +
    +
    + + +
    + + + + + + + + +
    + '.__('list fail2ban').''; + } ?> + +
    + + + +
    +     		+ + + +
    + +
    + +
    + +
    		+ : +
    +
    +
    + +
    + + + +
    + $value) { + ++$i; + if ($data[$key]['SUSPENDED'] == 'yes') { + $status = 'suspended'; + $spnd_action = 'unsuspend' ; + $spnd_confirmation = 'UNSUSPEND_RULE_CONFIRMATION' ; + } else { + $status = 'active'; + $spnd_action = 'suspend' ; + $spnd_confirmation = 'SUSPEND_RULE_CONFIRMATION' ; + } + ?> + +
    +
    +
    + + +
    + +
    +
    +
     ↵
    +
    + + + + + +  S +
    +
    + + + + + +  Del +
    + +
    + +
    + +
    + + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    +
    +
    +
    +
    + +
    + +
    + + + + + +
    + +
    +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_firewall_banlist.html b/web/templates/admin/list_firewall_banlist.html index 42ab7203f..e51198566 100644 --- a/web/templates/admin/list_firewall_banlist.html +++ b/web/templates/admin/list_firewall_banlist.html @@ -1,88 +1,121 @@ - - - - -
    -
    - -
    -
    - - - - -
    -
    -
    - - - -
    - -
    -
    +
    +
    + -
    - - - - -
    - Fail2ban -
    - - $value) { - ++$i; - list($ip,$chain) = split(":",$key); - ?> - - - - - -
    - - - -
    -     		- - - - - - - - - - - - - - - -
    -
    - -
    - 1) { - echo __('%s IP addresses',$i); - } - ?> -
    +
    + + + + + + +
    +
    + + + +
    +     		+ + + +
    + +
    + +
    + +
    +
    + +
    + +
    + + + +
    + $value) { + ++$i; + list($ip,$chain) = explode(":",$key); + + ?> + +
    +
    +
    + + +
    + +
    +
    +
    + + + + + +  Del +
    + +
    + +
    + +
    + + +
    + +
    +
    +
     
    +
    +
    +
    +
    + +
    + +
    + + + + + +
    + +
    +
    +
    +
    +
    + +
    +
    + 1) { + echo __('%s IP addresses',$i); + } + ?> +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_ip.html b/web/templates/admin/list_ip.html index 88c5b08cb..7da9fa2cf 100644 --- a/web/templates/admin/list_ip.html +++ b/web/templates/admin/list_ip.html @@ -1,147 +1,199 @@ - - - - -
    -
    - -
    -
    - - - - -
    -
    -
    - - - -
    - -
    +
    +
    + + +
    + + + + + + + +
    + + + + + + + + + +
    + +
    + +
    + +
    		+ : +
    +
    + +
    -
    - +
    + - $value) { - ++$i; - ?> - - - - - - -
    - - - - -
    ">
    -     		- - - - - " /> - - - - - - - - - +
    + $value) { + ++$i; + ?> - - - - - - - - - -
    - - ' . $data[$key]['NAT'] . ''; ?> - -
    - - - - - - - -
    - -
    - -
    -     		- - - - - - - - - -
    - : - - -
    - : - - -
    -     		- - - - - - - - - - -
    - : - - -
    - : - - -
    -
    -
    - - -
    - +
    +
    +
    + + +
    + +
    +
    +
     ↵
    +
    + + + + + +  Del +
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    +
    + +
    +
    + + ' . $data[$key]['NAT'] . ''; ?> + +
    + + + +
    + + + + + + + + + + + + + + + + + + + +
    +
    +
    +
    +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +
    +
    +
    +
    +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +
    +
    + +
    + +
    + + + + + +
    + +
    +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_log.html b/web/templates/admin/list_log.html index 177e38292..9713b34b0 100644 --- a/web/templates/admin/list_log.html +++ b/web/templates/admin/list_log.html @@ -1,58 +1,89 @@ - - - - -
    -
    -
    - - -
    -
    - -
    -
    - -
    - - - $value) { - ++$i; - ?> - - - - +
    +
    +
    +
    - - - -
    ">
    ">
    -     		-
    - - - - -
    - -
    -
    + + - - - -
    +
    + + + +
    +
    - -
    - +
    +
    +
    + +
    + + + +
    + $value) { + ++$i; + ?> + + +
    +
    +
    +
    + +
    +
    +
    + +
    + +
    + + +
    +
    + +
    +
    + +
    +
    + +
    +
    + +
    + + + +
    + +
    + + + + + +
    + +
    +
    +
    +
    +
    +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_mail.html b/web/templates/admin/list_mail.html index 344372c24..6bd27ccae 100644 --- a/web/templates/admin/list_mail.html +++ b/web/templates/admin/list_mail.html @@ -1,183 +1,239 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    -
    -
    - - - -
    - -
    +
    +
    + + +
    + + + + + + + + +
    + + + + + + + + + + + + +
    + +
    + +
    + +
    		+ : +
    +
    +
    + +
    + +
    + + + + +
    + $value) { + ++$i; + if ($data[$key]['SUSPENDED'] == 'yes') { + $status = 'suspended'; + $spnd_action = 'unsuspend' ; + $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ; + } else { + $status = 'active'; + $spnd_action = 'suspend' ; + $spnd_confirmation = 'SUSPEND_DOMAIN_CONFIRMATION' ; + } + if (empty($data[$key]['CATCHALL'])) { + $data[$key]['CATCHALL'] = '/dev/null'; + } + ?> + + +
    "> +
    +
    + + +
    + +
    +
    +
     L
    +
     N
    +
     ↵
    +
    + + + + + +  S +
    +
    + + + + + +  Del +
    -
    - - $value) { - ++$i; - if ($data[$key]['SUSPENDED'] == 'yes') { - $status = 'suspended'; - $spnd_action = 'unsuspend' ; - $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ; - } else { - $status = 'active'; - $spnd_action = 'suspend' ; - $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ; - } - if (empty($data[$key]['CATCHALL'])) { - $data[$key]['CATCHALL'] = '/dev/null'; - } - ?> - - - - - -
    - - - - -
    " >
    ">
    -     		- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - -
    - - - - - -
    - : -
    -
    -
    -
    -     		- - - - - - - - - -
    - : - - -
    - : - - -
    -     		- - - - - - - - - -
    - : - - -
    - : - - -
    -
    -
    - -
    -
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    +
    + +
    +
    + / '.$data[$key]['ACCOUNTS'].'';?> +
    + +
    + + + + + + + + + + + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    +
    + +     		+ +
    + +
    +
    :
    +
    + +
    +
    + +     		+ +
    + +
    +
    :
    +
    + +
    +
    + +
    + +
    + +
    +
    :
    +
    + +
    +
    + +     		+
    +
    :
    +
    + +
    +
    +
    +
    + +
    + +
    + + + + + +
    + + +
    +
    +
    +
    +
    +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_mail_acc.html b/web/templates/admin/list_mail_acc.html index a188707e5..13495ff6b 100644 --- a/web/templates/admin/list_mail_acc.html +++ b/web/templates/admin/list_mail_acc.html @@ -1,160 +1,219 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    -
    -
    - - - -
    - -
    -
    - -
    - - - - -
    - -
    - - $value) { - ++$i; - if ($data[$key]['SUSPENDED'] == 'yes') { - $status = 'suspended'; - $spnd_action = 'unsuspend' ; - $spnd_confirmation = 'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' ; - } else { - $status = 'active'; - $spnd_action = 'suspend'; - $spnd_confirmation = 'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' ; - } +
    +
    + + +
    +
    + + - - - - -
    + - -
    - - - - -
    ">
    -     		- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - -
    - - - - - -
    - : -
    -
    -
    -
    -     		- - - - - - - - - -
    - : - - -
    - : - - -
    -     		- - - - - -
    - : - - -
    -
    -
    - - -
    - -
    + + + +
    + + + +
    + + + + + + +
    + +
    + +
    + + + + : + + + +
    +
    + +
    + +
    + + + + +
    +
    +
    +
    + + $value) { + ++$i; + if ($data[$key]['SUSPENDED'] == 'yes') { + $status = 'suspended'; + $spnd_action = 'unsuspend' ; + $spnd_confirmation = 'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' ; + } else { + $status = 'active'; + $spnd_action = 'suspend'; + $spnd_confirmation = 'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' ; + } + ?> + + +
    " + v_unit_id="" v_section="mail_acc" sort-date="" sort-name="" sort-disk="" +sort-star=""> +
    +
    + + + +
    + +
    +
    +
     ↵
    +
    + + + + + +  S +
    +
    + + + + + +  Del +
    +
    + +
    + +
    + + +
    +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    + +
    + + + + + + + + + + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    +
    + +     		+
    +
    :
    +
    + +
    +
    +     		+ +
    + +
    +
    :
    +
    + +
    +
    + +
    +
    +
    :
    +
    + +
    +
    +
    +
    + +
    + +
    + + + + + +
    + + +
    +
    +
    +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_packages.html b/web/templates/admin/list_packages.html index 05ca162bc..b7fe596c9 100644 --- a/web/templates/admin/list_packages.html +++ b/web/templates/admin/list_packages.html @@ -1,163 +1,305 @@ - - - - -
    -
    - -
    -
    - - - - -
    -
    -
    - - - -
    - -
    +
    +
    + + +
    + + + + + + + +
    + + + + + + + + + +
    + +
    + +
    + +
    		+ : +
    +
    + +
    -
    - +
    + - $value) { - ++$i; - ?> - - - - - -
    - - - -
    ">
    -     		- - - - - " /> - - - +
    + $value) { + ++$i; + ?> - - - - - - - - - - - - - - - -
    - -
    - - - - - - - - - - - - - - - - - - - - - - - - - -
    :
    :
    :
    :
    :
    :
    -     		- - - - - - - - - - - - - - - - - - - - - - - - - -
    :
    :
    :
    :
    :
    :
    -     		- - - - - - - - - - - - - - - - -
    :
    :
    :
    :',$data[$key]['NS']) ?>
    -
    -
    - +
    +
    +
    + + +
    + +
    +
    +
     ↵
    +
    + + + + + +  Del +
    -
    -
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    +
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +
    + +
    +
    :
    +
    + +
    +
    + + +
    +
    :
    +
    + +
    +
    + +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + + + + + + +
    +
    +
    +
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + + + + + + +
    +
    +
    +
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + ',$data[$key]['NS'])?> +
    +
    +
    +
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    + +
    + +
    + + + + + +
    + +
    +
    +
    +
    +
    + +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_rrd.html b/web/templates/admin/list_rrd.html index fc32c6a8d..9245ada44 100644 --- a/web/templates/admin/list_rrd.html +++ b/web/templates/admin/list_rrd.html @@ -1,85 +1,114 @@ - - - + +
    - +
    +
    +
    + + + + -
    - - +
    - -
    +
    + + + +
    +     		+ " href="?period=daily"> + " href="?period=weekly"> + " href="?period=monthly"> + " href="?period=yearly"> + +
    + + -
    -
    -
    -
    -
    -
    -
    -
    -
    - -
    -
    - - -
    -
    - -
    +
    +
    +
    +
    +
    +
    +
    +
    +
    +
    - -
    - - $value) { - ?> - - - - - - - -
    - - - -
    ">
    ">
    -     		- " target="_blank" class="data-controls"> - - - - - - - - - - - -
    - - - - -
    - "> -
    -     		-
    -
    + +
    +
    + +
    + + +
    + $value) { + ?> + + + + +
    +
    +
    +
    +
    + " target="_blank"> +
    +
    + +
    + +
    + + +
    +
    + +
    +
    + +
    + +
    + +
    +
    + +
    + + + +
    + "> +
    + +
    + +
    + + + + + +
    + +
    +
    +
    +
    +
    diff --git a/web/templates/admin/list_search.html b/web/templates/admin/list_search.html index d53a4370b..13aef07f8 100644 --- a/web/templates/admin/list_search.html +++ b/web/templates/admin/list_search.html @@ -1,205 +1,250 @@ - - - - -
    -
    - -
    -
    -
    - - -
    -
    - -
    +
    +
    + +
    + + + + + + +
    +
    + + + +
    +     		+ : +
    +
    + +
    -
    - - $value) { - ++$i; - if ($data[$key]['SUSPENDED'] == 'yes') { - $status = 'suspended'; - $spnd_action = 'unsuspend' ; - } else { - $status = 'active'; - $spnd_action = 'suspend'; - } - if ($data[$key]['TYPE'] == 'db') { - $object = 'database'; - } else { - $object = strtolower($data[$key]['TYPE']." ".$data[$key]['KEY']); - } - ?> +
    + - - - - - -
    - - - -
    ">
    -     		- - - - - - - - - - - - - - - - - - - - - - - - - +
    + $value) { + ++$i; + if ($value['SUSPENDED'] == 'yes') { + $status = 'suspended'; + $spnd_action = 'unsuspend'; + } else { + $status = 'active'; + $spnd_action = 'suspend'; + } + if ($value['TYPE'] == 'db') { + $object = 'database'; + } else { + $object = strtolower($value['TYPE'] . ' ' . $value['KEY']); + } - - - - - - - - + $uniq_id = $value['TYPE'] . '-'; + if ($value['KEY'] == 'ACCOUNT'){ + $uniq_id .= 'acc-'; + } + $uniq_id .= sha1($value['RESULT']); + ?> - - - - - - - -
    - - - - -
    - -
    -     		- - - - - -
    - : - - -
    -     		- - - - - -
    - : - - -
    -
    -
    - -
    - +
    +
    + + +
    +
    + + +
     L
    + +
     L
    + + + + +
     ↵
    + +
     w
    + + + + +
    + + + + + +  S +
    + + +
    + + + + + +  Del +
    + +
    +
    + + +
    +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    + +
    + + + + + + +
    +
    +
    +
    +     		+
    +
    :
    +
    + +
    +
    +     		+
    +
    :
    +
    + +
    +
    +
    +
    + +
    + +
    + + + + + +
    + + +
    +
    +
    +
    +
    +
    +
    + +
    +
    +
    +
    diff --git a/web/templates/admin/list_server_info.html b/web/templates/admin/list_server_info.html new file mode 100644 index 000000000..53dc2185b --- /dev/null +++ b/web/templates/admin/list_server_info.html @@ -0,0 +1,44 @@ + + + + + + Vesta - <?=__($TAB)?> + + + + + + + + + + + + +
    +
    + + +
    +
    +
    +
    +
    +
    +
    +
    +
    +
    + +
    + + +
    + +
    +
    + + +
    .
    + 
    diff --git a/web/templates/admin/list_services.html b/web/templates/admin/list_services.html
index 3460f6c01..6012d2a38 100644
--- a/web/templates/admin/list_services.html
+++ b/web/templates/admin/list_services.html
@@ -1,199 +1,206 @@
-            
-                
-                    
-                
-            
    
-                        
    
-                            
    
-                            
-                            
-                            
    
-                        
    
-                        
    
-                            
    
-                              
-                            
-                            
-                        
    
-                         
-                    
    
+    
    
+      
    
+        
+
+        
    
+          
+            
+              
+              
+              
+              
+            
+          
    
+                
+                  
+                  
+                  
+                
+              
+                  
+              
+                
+                
+              
+                
    
+                
+                
    
+                    
+                
    
+                
+              
    
         
    
+      
    
+      
+    
    
 
-        
    
-            
-                
-                    
-                    
-                
+    
    
+    
 
 
-
-                $value) {
-                        ++$i;
-                        if ($data[$key]['STATE'] == 'running') {
-                            $status = 'active';
-                            $action = 'stop';
-                        } else {
-                            $status = 'suspended';
-                            $action = 'start';
-                        }
-
-                        $cpu = $data[$key]['CPU'] / 10;
-                        $cpu = number_format($cpu, 1);
-                        if ($cpu == '0.0')  $cpu = 0;
-                    ?>
-
-                
-                    
-                    
-                
-
-                 
-            
    
-                        
-                            
-                            
-                        
    
-                        		
-                        
-                            
-                                
-                                  
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
    
-                                    
-                                
    
-                                    
-                                        
-                                            
-
-                                        
-                                    
    
-                                                
-                                                    
-                                                    
-                                                     ()
-                                                
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                
    
-                    
    
-                        
-                            
-                            
-                        
    
-                        		
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                                
-                            
-                        
    
-                                    
-                                
    
-                                    
-                                        
-                                            
-                                        
-                                    
    
-                                                 
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
    
-                                                :
-                                            
-                                                %
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
    
-                                                :
-                                            
-                                                  
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                
    
-                    
    
-            
-
+    
    
+      
    
+        
    
+          
    
+            
+            
+          
    
+          
+          
    
+            
    
+              
      ↵
    
+              
      R
    
+            
    
+            
+          
    
+          
         
    
+        
+
+        
    
+          
    
+          
+        
    
+        
+        
    
+          
    
+            
+          
    
+
+
+          
    
+            
+
+               
+                
+                
+                
+              
+
+            
    
+                  
    
+                    
    
+                      
+                      
+                    
    
+                    
    ()
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                  
    
+                
    
+          
    
+          
+        
    
+        
+      
    
+      
+
+
+
+       $value) {
+        ++$i;
+          if ($data[$key]['STATE'] == 'running') {
+            $status = 'active';
+            $action = 'stop';
+          } else {
+            $status = 'suspended';
+            $action = 'start';
+          }
+
+          $cpu = $data[$key]['CPU'] / 10;
+          $cpu = number_format($cpu, 1);
+          if ($cpu == '0.0')  $cpu = 0;
+      ?>
+
+
+      
    
+        
    
+          
    
+            
+            
+          
    
+          
+          
    
+            
    
+              
      ↵
    
+              
      S
    
+              
      R
    
+            
    
+            
+          
    
+          
+        
    
+        
+
+        
    
+          
+        
    
+        
+        
    
+          
    
+            
+          
    
+
+
+          
    
+            
+
+               
+                
+                
+                
+              
+
+            
    
+                  
    
+                    
    
+                    
    
+                  
    
+                    		
+                  
    
+                    
    : 
    
+                    
    :  
    
+                  
    
+                    		
+                  
    
+                    
    : 
    
+                    
    
+                  
    
+                
    
+          
    
+          
+        
    
+        
+      
    
+      
+      
+      
+      
+
+    
    
+
+    
    
+      
    
+      
    
+        
    
+          
    
+          
    
+        
    
+    
    
+  
    
diff --git a/web/templates/admin/list_ssl.html b/web/templates/admin/list_ssl.html
index 8f583b093..415419046 100644
--- a/web/templates/admin/list_ssl.html
+++ b/web/templates/admin/list_ssl.html
@@ -1,29 +1,34 @@
-            
-            
-                
-                    
-                
-            
    
-                         → ".$_SESSION['error_msg']."";
-                            } else {
-                                if (!empty($_SESSION['ok_msg'])) {
-                                    echo " → ".$_SESSION['ok_msg']."";
-                                }
-                            }
-                        ?> 
-                    
    
+    
    
+      
    
+        
    
+                
+                   → ".$_SESSION['error_msg']."";
+                    } else {
+                      if (!empty($_SESSION['ok_msg'])) {
+                        echo " → ".$_SESSION['ok_msg']."";
+                      }
+                    }
+                  ?>
         
    
+      
    
+    
    
 
+    
    
+    
+
+    
    
+      
         
    
+            
             
    
                 
    
                     
@@ -69,7 +74,7 @@
                         
    
                             
    
                                 
-                                    
+                                    
                                 
                             
    
                         
    
@@ -77,3 +82,4 @@
                 
    
             
    
         
    
+    
    
diff --git a/web/templates/admin/list_stats.html b/web/templates/admin/list_stats.html
index fe4860e4f..bc3192d25 100644
--- a/web/templates/admin/list_stats.html
+++ b/web/templates/admin/list_stats.html
@@ -1,206 +1,264 @@
-            
-                
-                    
-                
-            
    
-                        
    
-                            
    
-                            
-                            
-                            
    
-                        
    
-                        
    
-                            
    
-                            " style="padding: 4px 12px 0 0;" href='/list/stats/'> 
-                            
-                            
-                        
    
-                         
-                    
    
+    
    
+      
    
+        
    
+          
+            
+              
+              
+              
+              
+            
+          
    
+                
+                  
+                  
+                  
+                
+              
+                
+              
+                
    
+                  
+                  
    
+                    
+                  
    
+                  
+                
    
+              
    
         
    
+      
    
+      
+    
    
 
-        
    
-            
+    
    
+    
 
-                 $value) {
-                        ++$i;
-                ?>
 
-                
-                    
-                    
-                
+    
    
+       $value) {
+           ++$i;
+      ?>
 
-                 
 
-            
    
-                        
-                            
-                        
    
-                        		
-                        
    
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
    
-                                    
-                                
    
-                                    
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                    
    
-                                                : 
-                                                
    
-                                                    
    
-                                                
    
-                                            
    
-                                                : 
-                                                
    
-                                                    
    
-                                                
    
-                                            
    
-                                                
-                                                    
-                                                        
-                                                        
-                                                    
-                                                    
-                                                        
-                                                        
-                                                    
-                                                
    
-                                                            : 
-                                                        
-                                                            : 
-                                                        
    
-                                                            : 
-                                                        
-                                                            : 
-                                                        
    
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                                :
-                                            
-                                                
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
    
-                                                :
-                                            
-                                                
-                                            
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                                :
-                                            
-                                                
-                                            
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                
    
-                    
    
-
-            
    
-                 
+      
    
+        
    
+          
    
+          
    
+          
+          
    
+            
    
             
    
+            
+          
    
+          
         
    
+        
+
+        
    
+          
    
+            
+          
    
+        
    
+        
+        
    
+          
    
+            
+          
    
+
+
+          
    
+            
+
+               
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+            
    
+                  
    
+                  
    
+                    
    
+                      
+                    
    
+                    
    
+                       
+                    
    
+                  
    
+                  
    
+                    
    
+                  
    
+                  
+                
    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+                  
    
+                    
    
+                    
    
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+                  
    
+                    
    :
    
+                    
    
+                       
+                    
    
+                  
    
+                  
    
+                    
    
+                  
    
+                  
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+                  
    
+                    
    
+                      :  
+                    
    
+                    
    
+                      :  
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+                  
    
+                    
    
+                      :  
+                    
    
+                    
    
+                      :  
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+          
    
+          
+        
    
+        
+      
    
+      
+      
+      
+      
+
+    
    
+
+    
    
+        
    
+    
    
+        
    
+          
    
+          
+          
    
+          
    
+            
+          
    
+      
    
+    
    
+  
    
diff --git a/web/templates/admin/list_updates.html b/web/templates/admin/list_updates.html
index 12b7b9fe0..f8b02b017 100644
--- a/web/templates/admin/list_updates.html
+++ b/web/templates/admin/list_updates.html
@@ -1,126 +1,141 @@
-
-            
-                
-                    
-                
-            
    
-                        
    
-                            
    
-                            
-                            
-                            
    
-                        
    
-                        
    
-                            
    
-                              
-                            
-                            
-                        
    
-                        
    
-                            
-                            [  ]
-                            
-                            [  ]
-                            
-                        
    
-                         
-                    
    
+    
    
+      
    
+        
    
+          
+            
+              
+              
+              
+              
+            
+          
    
+                '.__('disable autoupdate').'';
+                   } else {
+                     echo ''.__('enable autoupdate').'';
+                   } ?>
+              
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
    
+                
+                
    
+                  
+                
    
+                
+              
    
         
    
+      
    
+      
+    
    
 
-        
    
-            
+    
    
+    
 
-                $value) {
-                        ++$i;
-                        if ($data[$key]['UPDATED'] == 'yes') {
-                            $status = 'active';
-                            $upd_status = __('updated');
-                        } else {
-                            $status = 'suspended';
-                            $upd_status = __('outdated');
-                        }
-                    ?>
 
-                
-                    
-                    
-                
+          if ($data[$key]['UPDATED'] == 'yes') {
+            $status = 'active';
+            $upd_status = 'updated';
+          } else {
+            $status = 'suspended';
+            $upd_status = 'outdated';
+          }
 
-                 
-            
    
-                        
-                            
-                            
-                        
    
-                        		
-                         
-                        
-                            
-                                
-                                
-                            
-                        
-                         
-                        
    
+    
    
+       $value) {
+          ++$i;
 
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
    
-                                    
-                                
    
-                                    
-                                        
-                                            
-                                        
-                                    
    
-                                                 
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
    
-                                                :
-                                            
-                                                 ()
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
    
-                                                :
-                                            
-                                                 
-                                            
    
-                                
    
-                    
    
-            
+      ?>
+
+
+
+
+      
    
+        
    
+          
    
+            
+            
+          
    
+          
+          
    
+            
    
+              '.__('update').' U
    ';
+                 }
+              ?>
+            
    
+            
+          
    
+          
         
    
+        
+
+        
    
+          
    
+            
+          
    
+        
    
+        
+        
    
+          
    
+            
+          
    
+
+
+
+          
    
+            
+
+               
+                
+                
+                
+              
+
+            
    
+                  
    
+                    
    
+                    
    
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                       ()
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+          
    
+          
+        
    
+        
+      
    
+      
+      
+      
+      
+
+    
    
+
+    
    
+        
    
+  
    
diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index c233ca338..b3b627e77 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -1,254 +1,344 @@
-            
-                
-                    
-                
-            
    
-                        
    
-                            " . __('Add User') . "";
-                                } else {
-                                    echo "";
-                                }
-                            ?> 
-                        
    
-                        
    
-                            
    
-                            
-                            
-                            
    
-                        
    
-                        
    
-                            
    
-                              
-                            
-                            
-                        
    
-                         
-                    
    
+    
    
+      
    
+        ';
+          } else {
+            echo '';
+          }
+        ?>
+        
+        
    
+          
+            
+              
+              
+              
+              
+            
+          
    
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
    
+                  
+                  
    
+                    
+                  
    
+                  
+              
    		
+                :  
+              
    
         
    
+      
    
+      
+    
    
 
-        
    
-            
-                 $value) {
-                        ++$i;
-                        if ($data[$key]['SUSPENDED'] == 'yes') {
-                            $status = 'suspended';
-                            $spnd_action = 'unsuspend' ;
-                            $spnd_confirmation = 'UNSUSPEND_USER_CONFIRMATION' ;
-                        } else {
-                            $status = 'active';
-                            $spnd_action = 'suspend' ;
-                            $spnd_confirmation = 'SUSPEND_USER_CONFIRMATION' ;
-                        }
-                    ?> 
-                
-                    
-                    
-                
-                 
-            
    
-                        
-                            
-                            
-                            
-                        
    ">
    
-                        		
-                        
-                            
-                                
-                                 
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                         
-                        
-                            
-                                
-                                 
-                         
-                                    
-                                    
    
-                                        
    
-                                    
    
-                         
-                            
-                            
-                                
-                                 
-                         
-                            
-                        
+    
    
+    
 
-                        
-                            
-                                
-                            
-                                
-                                
-                                
-                            
-                        
    
-                            
    
-                                    
-                                        
-                                        
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                    
     
    
-                                                :  
-                                                
    
-                                                    
    
-                                                
    
-                                            
    :  
-                                                
    
-                                                    
    
-                                                
    
-                                            
    
-                                                
-                                                    
-                                                        
-                                                        
-                                                    
-                                                    
-                                                        
-                                                        
-                                                    
-                                                
    
-                                                            :  
-                                                        
-                                                            :  
-                                                        
    
-                                                            :  
 
-                                                        
-                                                            :  
-                                                        
    
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
    : / 
    : / 
    : / 
    : / 
    : / 
    : / 
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
    :
    :
    :
    :
    :',$data[$key]['NS']) ?>
    
-                                
    
-                    
    
-            
+    
    
+       $value) {
+          ++$i;
+          if ($data[$key]['SUSPENDED'] == 'yes') {
+            $status = 'suspended';
+            $spnd_action = 'unsuspend' ;
+            $spnd_confirmation = 'UNSUSPEND_USER_CONFIRMATION' ;
+          } else {
+            $status = 'active';
+            $spnd_action = 'suspend' ;
+            $spnd_confirmation = 'SUSPEND_USER_CONFIRMATION' ;
+          }
+      ?>
 
-            
    
-                 
+      
    
+        
    
+          
    
+            
+            
+          
    
+          
+          
    
+            
    
+            
+                
      L
    
+
+                
      L
    
+              
+              
      ↵
    
+              
    
+                
+                   
+                  
+                  
+                
+                 S
+              
    
+              
    
+                
+                   
+                  
+                  
+                
+                 Del
+              
    
             
    
+            
+          
    
+          
         
    
+        
+
+        
    
+          
    
+            
+          
    
+          
    
+          
    
+            
+          
    
+        
    
+        
+        
    
+          
    
+            
+          
    
+
+          
    
+             
+          
    
+
+          
    
+            
+
+               
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+
+              
+                
+                
+                
+              
+
+            
    
+                  
    
+                  
    
+                    
    
+                      
+                    
    
+                    
    
+                       
+                    
    
+                  
    
+                  
    
+                    
    
+                  
    
+                  
+                
    		
+                  
    
+                    
    :
    
+                    
    
+                       / 
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+                  
    
+                    
    
+                    
    
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                       / 
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+                  
    
+                    
    :
    
+                    
    
+                       
+                    
    
+                  
    
+                  
    
+                    
    
+                  
    
+                  
+                    		
+                  
    
+                    
    :
    
+                    
    
+                       / 
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+                  
    
+                    
    
+                      :  
+                    
    
+                    
    
+                      :  
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                       / 
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                
    
+                  
    
+                    
    
+                      :  
+                    
    
+                    
    
+                      :  
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                       / 
+                    
    
+                  
    
+                    		
+              
    
+                
+                  
    
+                    
    :
    
+                    
    
+                       / 
+                    
    
+                  
    
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      ',$data[$key]['NS'])?>
+                    
    
+                  
    
+                
    
+          
    
+          
+        
    
+        
+      
    
+      
+      
+      
+      
+
+    
    
+
+    
    
+        
    
+    
    
+        
    
+          
    
+          
+          
    
+          
    
+            
+          
    
+      
    
+    
    
+  
    
diff --git a/web/templates/admin/list_web.html b/web/templates/admin/list_web.html
index 938f0c853..72fe1454d 100644
--- a/web/templates/admin/list_web.html
+++ b/web/templates/admin/list_web.html
@@ -1,34 +1,61 @@
-            
-                
-                    
-                
-            
    
-                        
    
-                            
-                        
    
-                        
    
-                            
    
-                            
-                            
-                            
    
-                        
    
-                        
    
-                            
    
-                              
-                            
-                            
-                        
    
-                         
-                    
    
+    
    
+      
    
+        
+        
+        
    
+          
+            
+              
+              
+              
+              
+            
+          
    
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
    
+                
+                
    
+                  
+                
    
+                
+              
    		
+                :  
+              
    
+          
         
    
+        
+      
    
+    
    
 
-        
    
-            
+    
    
+    
+
+
+
+
+
+
+    
    
                  $value) {
                         ++$i;
@@ -69,6 +96,11 @@
                             $ftp_user = str_replace(':', ', ', $ftp_user);
                         }
 
+                        $backend_support='no';
+                        if (!empty($data[$key]['BACKEND'])) {
+                            $backend_support='yes';
+                        }
+
                         $proxy_support='no';
                         if (!empty($data[$key]['PROXY'])) {
                             $proxy_support='yes';
@@ -83,151 +115,245 @@
                             $proxy_ext_title = '';
                             $proxy_ext = str_replace(',', ', ', $data[$key]['PROXY_EXT']);
                         }
-                    ?> 
-                
    
-                    
-                    
-                
-                 
-            
    
-                        
-                            
-                            
-                            
-                        
    ">
    
-                        		
-                        
-                            
-                                
-                                  
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
+                    ?>
 
-                         
-                        
-                            
-                                
-                                 
-                            
-                        
-                         
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
    
-                                    
-                                    
-                                
    
-                                    
-                                        
-                                            
-                                        
-                                        
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                    
    
-                                                 
-                                            
    
-                                                :  
-                                                
    
-                                                    
    
-                                                
    
-                                            
    
-                                                :  
-                                                
    
-                                                    
    
-                                                
    
-                                            
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
+      
    
+        
    
+          
    
+            
+            
+          
    
+          
+          
    
+            
    
+              
      ↵
    
+              
      L
    
+              
+                  
      W
    
+              
+              
    
+                
+                   
+                  
+                  
+                
+                 S
+              
    
+              
    
+                
+                   
+                  
+                  
+                
+                 Del
+              
    
 
-                                        
    
-                                            
-                                            
-                                        
-
-                                        
-                                            
-                                            
-                                        
-
-                                    
    :
    :
    :  
    :
    
-                                    		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
    :
    :
     : 
    
-                                
    
-                    
    
-            
-
-            
    
-                 
             
    
+            
+          
    
+          
         
    
+        
+
+        
    
+          
    
+            
+          
    
+          
    
+          
    
+            
+          
    
+        
    
+        
+        
    
+          
    
+             
+          
    
+          
+          
    
+            
+          
    
+          
+          
    
+            
+              
+                
+                
+                
+              
+              
+                
+                
+                
+              
+                
+              
+                
+                
+                
+              
+            
    
+                  
    
+                    
    
+                      
+                    
    
+                    
    
+                       
+                    
    
+                  
    
+                  
    
+                    
    
+                  
    
+                  
+                    		
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                    		
+                  
+                  
+                    
    
+                  
+                    
    
+                      
    :
    
+                      
    
+                        
+                      
    
+                    
    
+                  
+                  
+                  
+                  
+                    
    
+                  
+                    
    
+                      
    :
    
+                      
    
+                        
+                      
    
+                    
    
+                  
+                  
+                
    
+                  
+                    
    
+                  
+                    
    
+                      
    :
    
+                      
    
+                        
+                            
+                        
+                      
    
+                    
    
+                  
+                    		
+                  
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                  
+                  
+                  
    
+                    
    :
    
+                    
    
+                      
+                    
    
+                  
    
+                  
+                
    
+                  
    
+                    
    :
    
+                    
    
+                       
+                    
    
+                  
    
+                  
    
+                    
    
+                  
    
+                  
+                    		
+                  
+                    
    
+                  
+                    
    
+                      
    :
    
+                      
    
+                        
+                      
    
+                    
    
+                  
+                    		
+                  
+                    
    
+                  
+                    
    
+                      
    :
    
+                      
    
+                        
+                      
    
+                    
    
+                  
+                
    
+          
    
+          
+        
    
+        
+      
    
+      
+      
+      
+      
+
+    
    
+
+
+    
    
+      
    
+      
    
+        
    
+          
    
+          
    
+          
    
+            
+          
    
+        
    
+      
    
+    
    
diff --git a/web/templates/admin/list_weblog.html b/web/templates/admin/list_weblog.html
index 7aa7de688..0627c477f 100644
--- a/web/templates/admin/list_weblog.html
+++ b/web/templates/admin/list_weblog.html
@@ -1,29 +1,40 @@
-
-
+
+
 
-    
-    Web Log Manager
-    
-    
+  
+  
+  Vesta - <?=__('Web Log Manager')?> 
+  
+
+  
+  
+  
+  
+  
 
 
-    
    
-        
    
-            
    
-                ">
-                     
-                
-                ">
-                     
-                
-                ">
-                    
-                
-                ">
-                    
-                
-            
    
-        
    
+  
+    
+  
+  
    
+    
    
+      
+      
+      
    
+        
    
+        
    
+        
    
+        
    
+      
    
+      
+      
    
+        
+          
+      
    
+      
     
    
-    
    
-    
    +  
    
+  
+
+  
    
+  
    diff --git a/web/templates/admin/panel.html b/web/templates/admin/panel.html
index d8bcea573..57f377dbd 100644
--- a/web/templates/admin/panel.html
+++ b/web/templates/admin/panel.html
@@ -1,120 +1,124 @@
-    
    
-        
    
-            
    
-                
-                      
-                      
-                      
-                      
-                      
-                       
-                     
-                      
-                     
-                      
-                
-                
-                    
-                      
-                
-            
    
-            
    
-                
+  
+  
+    
+  
+  
+    
+  
 
-                
-                
-                    
    
-                         
-                    
    
-                    
    
-                        : 
    
-                        :  
-                    
    
-                    
    
-                    
-                    
+  
    
+    
    
+      
+      
+      
    
+        
    
+        
    
+        
    
+        
    
+        
    
+        
    
+        
    
+        
    
+        
    
+        
    
+      
    
+      
+      
    
+        "> 
+        
+          
+      
    
+      
+    
    
+  
    
+  
 
-                
-                
-                    
    
-                         
-                    
    
-                    
    
-                        : 
    
-                        : 
    
-                        :  
-                    
    
-                    
    
-                    
-                    
+  
 
-                
-                
-                    
    
-                         
-                    
    
-                    
    
-                        : 
    
-                        : 
    
-                        :  
-                    
    
-                    
    
-                    
-                    
 
-                
-                
-                    
    
-                         
-                    
    
-                    
    
-                        : 
    
-                        : 
    
-                        :  
-                    
    
-                    
    
-                    
-                    
 
-                
-                
-                    
    
-                         
-                    
    
-                    
    
-                        : 
    
-                        :  
-                    
    
-                    
    
-                    
-                    
-
-                
-                
-                    
    
-                         
-                    
    
-                    
    
-                        : 
    
-                        :  
-                    
    
-                    
    
-                    
-                    
-
-                
-                
-                    
    
-                         
-                    
    
-                    
    
-                        : 
    
-                    
    
-                    
    
-                    
-                    
-            
    
+  
    
+    
    
+      
    
+        
    
+          
+            
    
+            
      
+              
    • : 
      • 
+              
    • : 
      • 
+            
    
+              
+        
    
+		
+	        
    
+	          
+	            
    
+	            
      
+	              
    • : 
      • 
+	              
    • : 
      • 
+	              
    • : 
      • 
+	            
    
+	              
+	        
    
+		
+		
+	        
    
+	          
+	            
    
+	            
      
+	              
    • : 
      • 
+	              
    • : 
      • 
+	              
    • : 
      • 
+	            
    
+	              
+	        
    
+		
+		
+	        
    
+	          
+	            
    
+	            
      
+	              
    • : 
      • 
+	              
    • : 
      • 
+	              
    • : 
      • 
+	            
    
+	              
+	        
    
+		
+		
+	        
    
+	          
+	            
    
+	            
      
+	              
    • : 
      • 
+	              
    • : 
      • 
+	            
    
+	              
+	        
    
+		
+		
+	        
    
+	          
+	            
    
+	            
      
+	              
    • : 
      • 
+	              
    • : 
      • 
+	            
    
+	              
+	        
    
+		
+		
+	        
    
+	          
+	            
    
+	            
      
+	              
    • : 
      • 
+	            
    
+	              
+	        
    
+		
+      
    
+      
+    
    
+    
    
+    
diff --git a/web/templates/file_manager/main.php b/web/templates/file_manager/main.php
new file mode 100644
index 000000000..e3427bb79
--- /dev/null
+++ b/web/templates/file_manager/main.php
@@ -0,0 +1,362 @@
+
+
+
+<?=__('File Manager')?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+    
+        
+    
+
+    
    
+        
    
+            
+            
    
+            
    
+                
+            
    
+            
      
+        
      
+
+        
      
+            
      
+            
      
+                
+            
      
+            
        
+        
        
+        
        
+
+    
+
+    
+
+
+    
+
+
+    
+
+    
+
+
+
+            
        
+            
+
+    
+
+
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+
+        
+            
+        
+
+        
+
+        
+        
+        
+
+        
+
+
diff --git a/web/templates/file_manager/tab_menu.php b/web/templates/file_manager/tab_menu.php
new file mode 100644
index 000000000..9953c230f
--- /dev/null
+++ b/web/templates/file_manager/tab_menu.php
@@ -0,0 +1,29 @@
+
+    
+    
+    
+    
+
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
        
+
+
+
        
diff --git a/web/templates/footer.html b/web/templates/footer.html
index 344e5a411..ca48e4b7f 100644
--- a/web/templates/footer.html
+++ b/web/templates/footer.html
@@ -1,10 +1,39 @@
-    
        
+  
        
+
+  
+
+  
+
 
diff --git a/web/templates/header.html b/web/templates/header.html
index f002ecf76..b254b166e 100644
--- a/web/templates/header.html
+++ b/web/templates/header.html
@@ -1,185 +1,20 @@
-
+
 
-    
-        
-        Vesta - <?php echo "$TAB"; ?> 
-        
-        
-        
-        
-        
-        
-        
-        
-        
-        
-        
-    
-    
\ No newline at end of file
+
+  
+  
+  Vesta - <?=__($TAB)?>
+  
+  
+  
+
+
diff --git a/web/templates/login.html b/web/templates/login.html
index d6c838bcc..ee7f9ca4a 100644
--- a/web/templates/login.html
+++ b/web/templates/login.html
@@ -5,13 +5,14 @@
                         
        
                             
        
                                 
-                                    Vesta Control Panel
+                                    Vesta Control Panel
                                 
                                 
                                     
        
+                                    
                                     
-                                            
@@ -24,7 +25,7 @@
                                             
diff --git a/web/templates/reset_1.html b/web/templates/reset_1.html
index 291ecba83..b48f37067 100644
--- a/web/templates/reset_1.html
+++ b/web/templates/reset_1.html
@@ -28,7 +28,7 @@
                                             
        
                                                 
                                                     
-                                                    
+                                                    
                                                 
                                             
        
                                         
        
diff --git a/web/templates/reset_2.html b/web/templates/reset_2.html
index 917bb0ff1..58c3b94fe 100644
--- a/web/templates/reset_2.html
+++ b/web/templates/reset_2.html
@@ -21,14 +21,14 @@
                                             
                                                 
                                                     
-                                                    
+                                                    
                                                     
                                                 
                                             
                                             
                                                 
                                                     
-                                                    
+                                                    
                                                 
                                             
                                         
diff --git a/web/templates/reset_3.html b/web/templates/reset_3.html
index fdd0192ea..0cc54bda2 100644
--- a/web/templates/reset_3.html
+++ b/web/templates/reset_3.html
@@ -13,8 +13,8 @@
                                             
                                                 
                                                     
-                                                    
-                                                    
+                                                    
+                                                    
                                                     
                                                 
                                             
@@ -36,7 +36,7 @@
                                             
                                                 
                                                     
-                                                    
+                                                    
                                                 
                                             
                                         
diff --git a/web/templates/scripts.html b/web/templates/scripts.html
new file mode 100644
index 000000000..7c1e551e6
--- /dev/null
+++ b/web/templates/scripts.html
@@ -0,0 +1,71 @@
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+
+  
+
+
+  
+  
        
+    
        
+  
        
+
+  
        
+    
+    
        
+      
        
+    
        
+  
        
+
\ No newline at end of file
diff --git a/web/templates/user/edit_dns.html b/web/templates/user/edit_dns.html
index 29494e506..b8c11723a 100644
--- a/web/templates/user/edit_dns.html
+++ b/web/templates/user/edit_dns.html
@@ -1,40 +1,46 @@
+    
        
+      
        
+        
        
+          
              → ".htmlentities($_SESSION['error_msg'])."";
+              } else {
+                if (!empty($_SESSION['ok_msg'])) {
+                  echo " → ".htmlentities($_SESSION['ok_msg'])."";
                 }
-            ?> 
-            
-                
-                    
-                
-            
        
-                         → ".$_SESSION['error_msg']."";
-                            } else {
-                                if (!empty($_SESSION['ok_msg'])) {
-                                    echo " → ".$_SESSION['ok_msg']."";
-                                }
-                            }
-                        ?> 
-                    
        
+              }
+            ?>
         
        
+      
        
+    
        
 
-        
+    
        
+    
+
+    
        
+      
+        
+            
+            
             
@@ -56,17 +63,17 @@
                             
@@ -76,7 +83,7 @@
                             
@@ -86,21 +93,22 @@
                             
        
                 
        
                     
                         
-                            
+                            
        
                             
        
                                 
-                                    
        
-                                    
+                                    
        
+                                    
                                         		
                             
        
                         
        
                             		
                     
@@ -46,7 +52,8 @@
                             
        
                             
        
                                 
-                                    " disabled>
+                                  ">
                                 
                             
        
                             
        
                             
        
                                 
-                                    ">
                                 
                             
        
                             
        
                                 
-                                    ()
+                                    ()
                                 
                             
        
                             
        
                                 
-                                    ">
                                 
                             
        
                             
        
                             
        
                                 
-                                    ">
                                 
                             
        
                             
        
                             
        
                                 
-                                    ">
                                 
                             
        
                         
        
                         
        
                             
        
                                 
-                                    
+                                    
                                 
                                 
-                                    
+                                    
                                 
                             
        
                         
        
                     
                 
             
-        
\ No newline at end of file
+        
+    
        
diff --git a/web/templates/user/edit_user.html b/web/templates/user/edit_user.html
index bd5ef6a73..d4faf5d97 100644
--- a/web/templates/user/edit_user.html
+++ b/web/templates/user/edit_user.html
@@ -1,52 +1,47 @@
+    
        
+      
        
+        
        
+          
              → ".htmlentities($_SESSION['error_msg'])."";
+              } else {
+                if (!empty($_SESSION['ok_msg'])) {
+                  echo " → ".htmlentities($_SESSION['ok_msg'])."";
                 }
-            ?> 
-            
-                
-                    
-                
-            
        
-                         → ".$_SESSION['error_msg']."";
-                            } else {
-                                if (!empty($_SESSION['ok_msg'])) {
-                                    echo " → ".$_SESSION['ok_msg']."";
-                                }
-                            }
-                        ?> 
-                    
        
+              }
+            ?>
         
        
+      
        
+    
        
+
+    
        
+    
+
+    
        
+      
+        
        
+            
+            
 
-        
-            
             
@@ -68,7 +64,7 @@
                             
@@ -78,7 +74,7 @@
                             
@@ -91,53 +87,121 @@
                                     
+                            
+                                
+                            
+                            
+                                
+                            
+                            
+                                
+                            
+                            
+                                
+                            
-                            
-                                
+                                        
+                                        
+                                            
+                                        
+
+                            
+                                    
+                                ';
+
+                                if($v_ns4)
+                                  echo '
+                                    
+                                ';
+
+                                if($v_ns5)
+                                  echo '
+                                    
+                                ';
+
+                                if($v_ns6)
+                                  echo '
+                                    
+                                ';
+
+                                if($v_ns7)
+                                  echo '
+                                    
+                                ';
+
+                                if($v_ns8)
+                                  echo '
+                                    
+                                ';
+                            ?>
+                                 >
+                                    
+                                
+
                         
        
                 
        
                     
                         
-                            
+                            
        
                             
        
                                 
-                                    
        
-                                    
+                                    
        
+                                    
                                         		
                             
        
                         
        
                             		
                     
@@ -58,7 +53,8 @@
                             
        
                             
        
                                 
-                                    " disabled>
+                                  ">
                                 
                             
        
                             
        
                             
        
                                 
-                                    ">
                                 
                             
        
                             
        
                             
        
                                 
-                                    ">
                                 
                             
        
                             
        
                                 
                             
        
+                                    
+                                
        
+                                    ">
+                                
        
+                                    
+                                
        
+                                    ">
+                                
        
                             
        
                                 
                                     
                                 
                             
        
-                                    ">
+                                                
+                                            
        
+                                                ">
+                                                
+                                            
        
+                                        
+                                        '.__('delete').'
+                                    
        
+                                        
+                                        '.__('delete').'
+                                    
        
+                                        
+                                        '.__('delete').'
+                                    
        
+                                        
+                                        '.__('delete').'
+                                    
        
+                                        
+                                        '.__('delete').'
+                                    
        
+                                        
+                                        '.__('delete').'
+                                    
        
+                                      
+                                    
        
                         
        
                             
        
                                 
-                                    
+                                    
                                 
                                 
-                                    
+                                    
                                 
                             
        
                         
        
@@ -145,3 +209,4 @@
                 
             
         
        
+    
        
diff --git a/web/templates/user/edit_web.html b/web/templates/user/edit_web.html
index ad969f1b9..911ab0bf1 100644
--- a/web/templates/user/edit_web.html
+++ b/web/templates/user/edit_web.html
@@ -1,76 +1,47 @@
+    
        
+      
        
+        
        
+          
              → ".htmlentities($_SESSION['error_msg'])."";
+              } else {
+                if (!empty($_SESSION['ok_msg'])) {
+                  echo " → ".$_SESSION['ok_msg']."";
                 }
+              }
             ?>
-            
-                
-                    
-                
-            
        
-                         → ".$_SESSION['ok_msg']."";
-                            }
-                            if (!empty($_SESSION['error_msg'])) {
-                                echo " → ".$_SESSION['error_msg']."";
-                            }
-                            if (!empty($_SESSION['flash_error_msg'])) {
-                                echo "
         → ".$_SESSION['flash_error_msg']."";
-                                unset($_SESSION['flash_error_msg']);
-                            }
-                        ?> 
-                    
        
         
        
+      
        
+    
        
 
-        
        
-            
             
@@ -94,15 +66,10 @@
                                 
+                            
+                            
@@ -210,23 +251,23 @@
                                          $value) {
                                                 $svalue = "'".$value."'";
-                                                echo "\t\t\t\t\n";
+                                            echo ">". htmlentities(__($value)) ."\n";
                                             }
-                                    ?> 
+                                    ?>
                                     
-                            
-                                
+                                
-                            
+                            
@@ -286,7 +325,7 @@
                                         
@@ -297,7 +336,7 @@
                                         
 
@@ -308,9 +347,10 @@
                                         
@@ -321,7 +361,7 @@
                                         
@@ -329,7 +369,7 @@
                                     
-                            
+
                             
        
                 
        
                     
                         
-                            
+                            
        
                             
        
                                 
-                                    
        
-                                    
+                                    
        
+                                    
                                         		
                             
        
                         
        
                             		
                     
@@ -82,7 +53,8 @@
                             
        
                             
        
                                 
-                                    " disabled>
+                                  ">
                                 
                             
        
                             
        
                                     
@@ -115,40 +82,46 @@
                             
        
                             
        
                                 
-                                    
+                                    
                                 
                             
        
                             
        
                                 
-                                    
+                                    
                                 
                             
        
                             
        
                                 
                                     
-                                            
        
                                         
        
+                                            
                                                 
                                             
                                         
        
                                         
        
                                             
-                                                
+                                                
                                             
                                         
        
                                     
        
                                         		
                             
        
                             
        
                                 
-                                     /
-                                    
+                                    
                                 
                             
        
                             
        
                                 
                                     
+                                          
+                                      
+                                      
@@ -158,7 +131,7 @@
                                                 
@@ -183,7 +157,7 @@
                                         
@@ -193,9 +167,76 @@
                                         
+                                        
+                                        
+                                            
+                                        
+                                        
        
                                         
        
+                                              
+                                          
        
                                             
                                                 
                                             
        
                                         
        
                                             
-                                                 
+                                                
+                                                 / ">
                                             
                                         
        
                                         
        
                                             
-                                                
+                                                
                                             
                                         
        
                                         
        
                                         
        
                                             
-                                                
+                                                
                                             
                                         
        
                                         
        
                                         
        
                                             
-                                                
+                                                
                                             
                                         
        
+                                                
+                                                    
+                                                        
+                                                        
+                                                    
+                                                    
+                                                    
+                                                        
+                                                        
+                                                    
+                                                    
+                                                    
+                                                        
+                                                        
+                                                    
+                                                    
+                                                        
+                                                        
+                                                    
+                                                    
+                                                        
+                                                        
+                                                    
+                                                    
+                                                        
+                                                        
+                                                    
+                                                    
+                                                        
+                                                        
+                                                    
+                                                
        
+                                                            :
+                                                        
+                                                            
+                                                        
        
+                                                            :
+                                                        
+                                                            
+                                                        
        
+                                                            :
+                                                        
+                                                            
+                                                        
        
+                                                            :
+                                                        
+                                                            
+                                                        
        
+                                                            :
+                                                        
+                                                            
+                                                        
        
+                                                            :
+                                                        
+                                                            
+                                                        
        
+                                                            :
+                                                        
+                                                            
+                                                        
        
+                                            
        
                                     
        
                                         		
                             
        
                                 
                             
        
-                                    
+                            
        
+                                    
                                 
                             
        
                                 
                                     
@@ -236,7 +277,7 @@
                                         
@@ -246,7 +287,7 @@
                                         
        
                                         
        
                                         
        
                                             
-                                                ">
                                             
                                         
        
                                         
        
                                         
        
                                             
-                                                
+                                                " id="v_password">
                                             
                                         
        
                                     
        
@@ -260,8 +301,6 @@
                             
        
                                 
 
-
-
                                      $ftp_user): ?>
                                      ;" class="ftptable ftptable-nrm" name="v_add_domain_ftp">
                                         
        
                                             
-                                                 # ()
+                                                 # ()
                                                 
-                                                
+                                                
                                             
                                         
        
                                         
        
                                         
        
                                             
-                                                 name="v_ftp_user[][v_ftp_user]" >
+                                                 name="v_ftp_user[][v_ftp_user]" value="">
                                                 
                                             
                                         
        
                                         
        
                                             
-                                                ">
                                             
                                         
        
                                         
        
                                             
-                                                
-                                                
+                                                ">
+                                                ">
+                                                ">
+                                                
        
                                                     		
                                         
        
                                         
                                         
        
                                             
-                                                ">
                                             
                                         
        
                                         
                                 
                             
        
                                 
                                     
@@ -339,10 +379,10 @@
                         
        
                             
        
                                 
-                                    
+                                    
                                 
                                 
-                                    
+                                    
                                 
                             
        
                         
        
@@ -350,12 +390,12 @@
                 
        
             
        
         
        
-        
+
         
-        
-        
-        
+    
        
+    
diff --git a/web/templates/user/list_cron.html b/web/templates/user/list_cron.html
index fc6f7807a..1a80dfb46 100644
--- a/web/templates/user/list_cron.html
+++ b/web/templates/user/list_cron.html
@@ -1,155 +1,161 @@
-            
-                
-                    
-                
-            
        
-                        
        
-                            
-                        
        
-                        
        
-                            
        
-                            
-                            
-                            
        
-                        
        
-                        
        
-                            
        
-                              
-                            
-                            
-                        
        
-                        
-                        
        
-                             
-                            [  ]
-                             
-                            [  ]
-                             
-                        
        
-                         
-                         
-                    
        
+    
        
+      
        
+        
+        
+        
        
+          
+            
+              
+
+              
+              
+              
+              
+            
+          
        
+              '.__('turn off notifications').'';
+                } else {
+                  echo ''.__('turn on notifications').'';
+                }
+              ?>
+              
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
        
+                
+                
        
+                  
+                
        
+                
+              
        		
+                :  
+              
        
         
        
+      
        
+      
+    
        
 
-        
        
-            
+    
        
+    
 
-                 $value) {
-                        ++$i;
-                        if ($data[$key]['SUSPENDED'] == 'yes') {
-                            $status = 'suspended';
-                            $spnd_action = 'unsuspend';
-                            $spnd_confirmation = 'UNSUSPEND_CRON_CONFIRMATION' ;
-                        } else {
-                            $status = 'active';
-                            $spnd_action = 'suspend';
-                            $spnd_confirmation = 'SUSPEND_CRON_CONFIRMATION' ;
-                        }
-                ?> 
 
-                
-                    
-                    
-                
 
-                 
-            
        
-                        
-                            
-                            
-                            
-                        
        ">
        
-                            		
-                        
-                            
-                                
-                                 
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                                
-                                
-                                
-                            
-                        
        
-                                    
-                                
        
-                                    
        
-                                         
-                                    
        
-                                    
        
-                                         
-                                    
        
-                                        		
-                                    
        
-                                         
-                                    
        
-                                    
        
-                                         
-                                    
        
-                                        		
-                                    
        
-                                         
-                                    
        
-                                    
        
-                                         
-                                    
        
-                                        		
-                                    
        
-                                         
-                                    
        
-                                    
        
-                                         
-                                    
        
-                                        		
-                                    
        
-                                         
-                                    
        
-                                    
        
-                                         
-                                    
        
-                                
        
-                    
        
-            
+    
        
+       $value) {
+          ++$i;
+          if ($data[$key]['SUSPENDED'] == 'yes') {
+            $status = 'suspended';
+            $spnd_action = 'unsuspend';
+            $spnd_confirmation = 'UNSUSPEND_CRON_CONFIRMATION' ;
+          } else {
+            $status = 'active';
+            $spnd_action = 'suspend';
+            $spnd_confirmation = 'SUSPEND_CRON_CONFIRMATION' ;
+          }
+      ?>
+
+
+      
        
+        
        
+          
        
+            
+            
+          
        
+          
+          
        
+            
        
+              
          ↵
        
+              
        
+                
+                   
+                  
+                  
+                
+                 Del
+              
        
 
-            
        
-                 
             
        
+            
+          
        
+          
         
        
+        
+
+        
        
+          
        
+            
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+            
+          
        
+          
+          
        
+            

        
+            

        
+            

        
+            

        
+            

        
+          
        
+
+          
        
+          
        
+          
+
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+
+    
        
+      
        
+      
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+      
        
+    
        
diff --git a/web/templates/user/list_db.html b/web/templates/user/list_db.html
index fb4c67fc8..63972dba3 100644
--- a/web/templates/user/list_db.html
+++ b/web/templates/user/list_db.html
@@ -1,161 +1,235 @@
-            
-                
-                    
-                
-            
        
-                        
        
-                            
-                        
        
-                        
        
-                            
-                            
-                            
-                            
-                        
        
-                        
        
-                            
        
-                              
-                            
-                            
-                        
        
-                         
-                    
        
+    
        
+      
        
+        
+        
+        
        
+          
+            
+             $value) {
+                if ($data[$key]['TYPE'] == 'mysql'){
+                  $mysql = 1;
+
+                  $db_myadmin_link = "http://".$http_host."/phpmyadmin/";
+                  if (!empty($_SESSION['DB_PMA_URL']))
+                    $db_myadmin_link = $_SESSION['DB_PMA_URL'];
+                }
+                if ($data[$key]['TYPE'] == 'pgsql'){
+                  $pgsql = 1;
+                  $db_pgadmin_link = "http://".$http_host."/phppgadmin/";
+                  if (!empty($_SESSION['DB_PGA_URL']))
+                    $db_pgadmin_link = $_SESSION['DB_PGA_URL'];
+                }
+              }
+              if($mysql){
+                echo '';
+              }
+              if($pgsql){
+                echo '';
+              }
+            ?>
+
+              
+              
+              
+              
+            
+          
        phpMyAdminphpPgAdmin
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
        
+                
+                
        
+                  
+                
        
+                
+              
        		
+                :  
+              
        
+          
         
        
+      
        
+      
+    
        
 
-        
        
-            
-                 $value) {
-                        ++$i;
-                        if ($data[$key]['SUSPENDED'] == 'yes') {
-                            $status = 'suspended';
-                            $spnd_action = 'unsuspend' ;
-                            $spnd_confirmation = 'UNSUSPEND_DATABASE_CONFIRMATION' ;
-                        } else {
-                            $status = 'active';
-                            $spnd_action = 'suspend' ;
-                            $spnd_confirmation = 'SUSPEND_DATABASE_CONFIRMATION' ;
-                        }
-                        if ($data[$key]['HOST'] != 'localhost' ) $http_host = $data[$key]['HOST'];
-                        if ($data[$key]['TYPE'] == 'mysql') $db_admin = "phpMyAdmin";
-                        if ($data[$key]['TYPE'] == 'mysql') $db_admin_link = "http://".$http_host."/phpmyadmin/";
-                        if (($data[$key]['TYPE'] == 'mysql') && (!empty($_SESSION['DB_PMA_URL']))) $db_admin_link = $_SESSION['DB_PMA_URL'];
-                        if ($data[$key]['TYPE'] == 'pgsql') $db_admin = "phpPgAdmin";
-                        if ($data[$key]['TYPE'] == 'pgsql') $db_admin_link = "http://".$http_host."/phppgadmin/";
-                        if (($data[$key]['TYPE'] == 'pgsql') && (!empty($_SESSION['DB_PGA_URL']))) $db_admin_link = $_SESSION['DB_PGA_URL'];
-                ?> 
-                
-                    
-                    
-                
-                
-            
        
-                        
-                            
-                            
-                            
-                        
        ">
        
-                            		
-                        
-                            
-                                
-                                 
-                                " />
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
        
-                                     
-                                
        
-                                    
-                                        
-                                        
-                                            
-                                        
-                                    
        
-                                                :  
-                                                
        
-                                                    
        
-                                                
        
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                
        
-                    
        
-            
+    
        
+    
 
-            
        
-                 
+
+
+    
        
+       $value) {
+          ++$i;
+          if ($data[$key]['SUSPENDED'] == 'yes') {
+            $status = 'suspended';
+            $spnd_action = 'unsuspend' ;
+            $spnd_confirmation = 'UNSUSPEND_DATABASE_CONFIRMATION' ;
+          } else {
+            $status = 'active';
+            $spnd_action = 'suspend' ;
+            $spnd_confirmation = 'SUSPEND_DATABASE_CONFIRMATION' ;
+          }
+          if ($data[$key]['HOST'] != 'localhost' ) $http_host = $data[$key]['HOST'];
+          if ($data[$key]['TYPE'] == 'mysql') $db_admin = "phpMyAdmin";
+          if ($data[$key]['TYPE'] == 'mysql') $db_admin_link = "http://".$http_host."/phpmyadmin/";
+          if (($data[$key]['TYPE'] == 'mysql') && (!empty($_SESSION['DB_PMA_URL']))) $db_admin_link = $_SESSION['DB_PMA_URL'];
+          if ($data[$key]['TYPE'] == 'pgsql') $db_admin = "phpPgAdmin";
+          if ($data[$key]['TYPE'] == 'pgsql') $db_admin_link = "http://".$http_host."/phppgadmin/";
+          if (($data[$key]['TYPE'] == 'pgsql') && (!empty($_SESSION['DB_PGA_URL']))) $db_admin_link = $_SESSION['DB_PGA_URL'];
+      ?>
+
+
+      
        
+        
        
+          
        
+            
+            
+          
        
+          
+          
        
+            
        
+              
          ↵
        
+              
        
+                
+                   
+                  
+                  
+                
+                 Del
+              
        
             
        
+            
+          
        
+          
         
        
+        
+
+        
        
+          
        
+            
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+            
+          
        
+          
+          
        
+            
+              
+                
+                
+                
+              
+              
+                
+                
+                
+              
+            
        
+                  
        
+                    
        
+                      
+                    
        
+                    
        
+                       
+                    
        
+                  
        
+                  
        
+                    
        
+                  
        
+                  
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                
        
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+          
        
+          
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+
+    
        
+      
        
+      
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+      
        
+    
        
diff --git a/web/templates/user/list_dns.html b/web/templates/user/list_dns.html
index d1638ee16..360936604 100644
--- a/web/templates/user/list_dns.html
+++ b/web/templates/user/list_dns.html
@@ -1,141 +1,185 @@
-            
-                
-                    
-                
-            
        
-                        
        
-                            
-                        
        
-                        
        
-                            
        
-                            
-                            
-                            
        
-                        
        
-                        
        
-                            
        
-                              
-                            
-                            
-                        
        
-                         
-                    
        
+    
        
+      
        
+        
+        
+        
        
+          
+            
+              
+              
+              
+              
+            
+          
        
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
        
+                
+                
        
+                  
+                
        
+                
+              
        		
+                :  
+              
        
         
        
+      
        
+      
+    
        
 
-        
        
-            
-                 $value) {
-                        ++$i;
-                        if ($data[$key]['SUSPENDED'] == 'yes') {
-                            $status = 'suspended';
-                            $spnd_action = 'unsuspend' ;
-                            $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ;
-                        } else {
-                            $status = 'active';
-                            $spnd_action = 'suspend' ;
-                            $spnd_confirmation = 'SUSPEND_DOMAIN_CONFIRMATION' ;
-                        }
-                ?> 
-                
-                    
-                    
-                
-                 
-            
        
-                        
-                            
-                            
-                            
-                        
        ">
        
-                            		
-                        
-                            
-                                
-                                 
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
+    
        
+    
 
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
        
-                                    
-                                     
-                                
        
-                                    
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
 
-                                    
        
-                                                 
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        :
        :
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
        :
        
-                                
        
-                    
        
-            
+    
        
+       $value) {
+          ++$i;
+          if ($data[$key]['SUSPENDED'] == 'yes') {
+            $status = 'suspended';
+            $spnd_action = 'unsuspend' ;
+            $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ;
+          } else {
+            $status = 'active';
+            $spnd_action = 'suspend' ;
+            $spnd_confirmation = 'SUSPEND_DOMAIN_CONFIRMATION' ;
+          }
+      ?>
 
-            
        
-                 
+      
        
+        
        
+          
        
+            
+            
+          
        
+          
+          
        
+            
        
+              
          L
        
+              
          N
        
+              
          ↵
        
+              
        
+                
+                   
+                  
+                  
+                
+                 Del
+              
        
             
        
+            
+          
        
+          
         
        
+        
+
+        
        
+          
        
+            
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+             ⇢ ".$data[$key]['SRC']."    ";  if($data[$key]['RECORDS']) echo '/ '.$data[$key]['RECORDS'].'';?>
+          
        
+          
        
+            .', $data[$key]['IP'])?>
+          
        
+          
+
+          
        
+            
+               
+                
+                
+                
+              
+              
+                
+                
+            
        
+                  
        
+                    
        
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+              
        
+          
        
+          
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+
+
+    
        
+      
        
+      
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+      
        
+    
        
diff --git a/web/templates/user/list_dns_rec.html b/web/templates/user/list_dns_rec.html
index c2bd88378..d3749234d 100644
--- a/web/templates/user/list_dns_rec.html
+++ b/web/templates/user/list_dns_rec.html
@@ -1,99 +1,139 @@
-            
-                
-                    
-                
-            
        
-                        
        
-                            
-                        
        
-                        
        
-                            
        
-                            
-                            
-                            
        
-                        
        
-                        
        
-                            
        
-                              
-                            
-                            
-                        
        
-                         
-                    
        
+    
        
+      
        
+        
+        
        
+          
+            
+              
+              
+              
+            
+          
        
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
        
+                
+                
+                
        
+                  
+                
        
+                
+              
        
         
        
+      
        
+      
+    
        
 
-        
        
-                
-                    
-                        
-                    
-                
        
-                              
-                        
        
-                
-                     $value) {
-                            ++$i;
-                            if ($data[$key]['SUSPENDED'] == 'yes') {
-                                $status = 'suspended';
-                                $spnd_action = 'unsuspend' ;
-                                $spnd_confirmation = 'UNSUSPEND_RECORD_CONFIRMATION' ;
-                            } else {
-                                $status = 'active';
-                                $spnd_action = 'suspend' ;
-                                $spnd_confirmation = 'UNSUSPEND_RECORD_CONFIRMATION' ;
-                            }
-                    ?> 
-                    
-                        
-                        
-                    
-                     
-                
        
-                            
-                                
-                                
-                            
         
        
-                                		
-                            
-                                
-                                    
-                                    
-                                    
-                                    
-                                
-                            
-                            
-                                
-                                    
-                                     
-                                
-                            
-                            
-                                
-                                    
-                                    
-                                    
-                                    
-                                
-                            
        
-                        
        
-            
 
-            
        
-                 
+    
        
+    
+
+
+
+
+    
        
+
+    
        
+      
          
        
+    
        
+
+       $value) {
+          ++$i;
+          if ($data[$key]['SUSPENDED'] == 'yes') {
+            $status = 'suspended';
+            $spnd_action = 'unsuspend' ;
+            $spnd_confirmation = 'UNSUSPEND_RECORD_CONFIRMATION' ;
+          } else {
+            $status = 'active';
+            $spnd_action = 'suspend' ;
+            $spnd_confirmation = 'UNSUSPEND_RECORD_CONFIRMATION' ;
+          }
+      ?>
+
+
+      
        
+        
        
+          
        
+            
+            
+          
        
+          
+          
        
+            
        
+              
          ↵
        
+              
        
+                
+                   
+                  
+                  
+                
+                 Del
+              
        
+
             
        
+            
+          
        
+          
         
        
+        
+
+        
        
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+            
         14 ) echo '..'; ?>
        
+            
        
+            
         
        
+            
        
+          
        
+          
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+    
        
+        
        
+    
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+          
        
+            
+          
        
+      
        
+    
        
+  
        
diff --git a/web/templates/user/list_mail.html b/web/templates/user/list_mail.html
index d7e792871..40284380f 100644
--- a/web/templates/user/list_mail.html
+++ b/web/templates/user/list_mail.html
@@ -1,172 +1,227 @@
-           
-                
-                    
-                
-            
        
-                        
        
-                            
-                        
        
-                        
        
-                            
        
-                            
-                            
-                            
        
-                        
        
-                        
        
-                            
        
-                              
-                                
-                            
-                        
        
-                         
-                    
        
+    
        
+      
        
+        
+        
+        
        
+          
+            
+              
+              
+              
+              
+              
+            
+          
        
+                
+                 
+              
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
        
+                
+                
        
+                  
+                
        
+                
+              
        		
+                :  
+              
        
+          
         
        
+      
        
+      
+    
        
 
-        
        
-            
-                
+    
+
+
+
+    
        
+       $value) {
+          ++$i;
+          if ($data[$key]['SUSPENDED'] == 'yes') {
+            $status = 'suspended';
+            $spnd_action = 'unsuspend' ;
+            $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ;
+          } else {
+            $status = 'active';
+            $spnd_action = 'suspend' ;
+            $spnd_confirmation = 'SUSPEND_DOMAIN_CONFIRMATION' ;
+          }
+          if (empty($data[$key]['CATCHALL'])) {
+            $data[$key]['CATCHALL'] = '/dev/null';
+          }
+      ?>
+
+
+      
        
+        
        
+          
        
+            
+            
+          
        
+          
+          
        
+            
        
+              
          L
        
+              
          N
        
+              
          ↵
        
+              
        
+                
+                   
+                  
+                  
+                
+                 Del
+              
        
 
-                    foreach ($data as $key => $value) {
-                        ++$i;
-                        if ($data[$key]['SUSPENDED'] == 'yes') {
-                            $status = 'suspended';
-                            $spnd_action = 'unsuspend' ;
-                            $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ;
-                        } else {
-                            $status = 'active';
-                            $spnd_action = 'suspend' ;
-                            $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ;
-                        }
-                        if (empty($data[$key]['CATCHALL'])) {
-                            $data[$key]['CATCHALL'] = '/dev/null';
-                        }
-                ?> 
-                
        
-                    
-                    
-                
-                 
-            
        
-                        
-                            
-                            
-                            
-                        
        " >
        ">
        
-                            		
-                        
-                            
-                                
-                                 
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
        
-                                    
-                                
        
-                                    
-                                        
-                                        
-                                            
-                                        
-                                    
        
-                                                :  
-                                                
        
-                                                    
        
-                                                
        
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                
        
-                    
        
-            
 
-            
        
-                 
             
        
+            
+          
        
+          
         
        
+        
+
+        
        
+          
        
+            
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+             / '.$data[$key]['ACCOUNTS'].'';?>
+          
        
+          
+          
        
+            
+              
+                
+                
+                
+              
+              
+                
+                
+                
+              
+            
        
+                  
        
+                    
        
+                      
+                    
        
+                    
        
+                       
+                    
        
+                  
        
+                  
        
+                    
        
+                  
        
+                  
+                        		
+                  
+                    
        
+                  
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                  
+                        		
+                  
+                    
        
+                  
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                  
+                
        
+                  
+                    
        
+                  
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                  
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+          
        
+          
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+
+    
        
+      
        
+      
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+      
        
+    
        
diff --git a/web/templates/user/list_mail_acc.html b/web/templates/user/list_mail_acc.html
index 28a38cb25..8c5ef5678 100644
--- a/web/templates/user/list_mail_acc.html
+++ b/web/templates/user/list_mail_acc.html
@@ -1,148 +1,207 @@
-           
-                
-                    
-                
-            
        
-                        
        
-                            
-                        
        
-                        
        
-                            
        
-                            
-                            
-                            
        
-                        
        
-                        
        
-                            
        
-                              
-                            
-                            
-                        
        
-                         
-                    
        
-        
        
-
-        
        
-            
-                
-                    
-                
-            
        
-                          
-                    
        
-            
-                 $value) {
-                        ++$i;
-                        if ($data[$key]['SUSPENDED'] == 'yes') {
-                            $status = 'suspended';
-                            $spnd_action = 'unsuspend' ;
-                            $spnd_confirmation = 'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' ;
-                        } else {
-                            $status = 'active';
-                            $spnd_action = 'suspend';
-                            $spnd_confirmation = 'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' ;
-                        }
+    
        
+      
        
+        
+        
+        
        
+          
        
+            
+              
-                    
-                    
-                
-                 
-            
        
+                
-
-                
        
-                        
-                            
-                            
-                            
-                        
        ">
        
-                            		
-                        
-                            
-                                
-                                 
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
        
-                                     
-                                    
-                                
        
-                                    
-                                        
-                                        
-                                            
-                                        
-                                    
        
-                                                :  
-                                                
        
-                                                    
        
-                                                
        
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                            
-                                            
-                                                
-                                                
-                                            
-                                    
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                    :
-                                                
-                                                     
-                                                
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                
        
-                    
        
-            
-
-            
        
-                 
-            
        
+                 
+              
+              
+                
        
+                  
+                  
+                  
+                
        
+              
+              
+                
+                
+              
+              
+                
        
+                
+                
        
+                  
+                
        
+                
+              
+              
+                :  
+              
+            
+          
+          
         
        
+      
        
+      
+    
        
+
+    
        
+    
+
+
+
+    
        
+      
        
+        
          
        
+      
        
+
+
+       $value) {
+          ++$i;
+          if ($data[$key]['SUSPENDED'] == 'yes') {
+            $status = 'suspended';
+            $spnd_action = 'unsuspend' ;
+            $spnd_confirmation = 'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' ;
+          } else {
+            $status = 'active';
+            $spnd_action = 'suspend';
+            $spnd_confirmation = 'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' ;
+          }
+      ?>
+
+
+      
        " v_unit_id="" v_section="mail_acc"
+sort-date="" sort-name="" sort-disk=""
+sort-star="">
+        
        
+          
        
+            
+            
+          
        
+          
+          
        
+            
        
+              
          ↵
        
+              
        
+                
+                   
+                  
+                  
+                
+                 Del
+              
        
+            
        
+            
+          
        
+          
+        
        
+        
+
+        
        
+          
        
+            
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+             
+          
        
+          
+          
        
+            
+              
+                
+                
+                
+              
+              
+                
+                
+              
+            
        
+                  
        
+                    
        
+                      
+                    
        
+                    
        
+                       
+                    
        
+                  
        
+                  
        
+                    
        
+                  
        
+                  
+                        		
+                  
        
+                    
        :
        
+                    
        
+                       
+                    
        
+                  
        
+                        		
+                  
+                    
        
+                  
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                  
+                
        
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+          
        
+          
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+
+    
        
+      
        
+      
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+          
        
+            
+          
        
+        
        
+      
        
+    
        
diff --git a/web/templates/user/list_search.html b/web/templates/user/list_search.html
index c13e1ac49..a9198d1d6 100644
--- a/web/templates/user/list_search.html
+++ b/web/templates/user/list_search.html
@@ -1,182 +1,215 @@
-            
-                
-                    
-                
-            
        
-                        
        
-                            
-                        
        
-                        
        
-                            
-                            
-                            
-                            
-                        
        
-                         
-                    
        
+    
        
+      
        
+        
+        
        
+          
+          
+            
+              
+              
+            
+          
        
+                
        
+                  
+                  
+                  
+                
        
+                      		
+                :  
+              
        
         
        
+      
        
+      
+    
        
 
-        
        
-            
-                 $value) {
-                        ++$i;
-                        if ($data[$key]['SUSPENDED'] == 'yes') {
-                            $status = 'suspended';
-                            $spnd_action = 'unsuspend' ;
-                        } else {
-                            $status = 'active';
-                            $spnd_action = 'suspend';
-                        }
-                        if ($data[$key]['TYPE'] == 'db') {
-                            $object = 'database';
-                        } else {
-                            $object = strtolower($data[$key]['TYPE']." ".$data[$key]['KEY']);
-                        }
-                ?>
+    
        
+    
 
-                
-                    
-                    
-                
-                 
-            
        
-                        
-                            
-                            
-                        
        ">
        
-                            		
-                         
-                        
-                            
-                                
-                                 
-                                
-                                
-                            
-                        
 
-                         
 
-                         
-                        
-                            
-                                
-                                 
-                            
-                        
+    
        
+       $value) {
+          ++$i;
+          if ($value['SUSPENDED'] == 'yes') {
+            $status = 'suspended';
+            $spnd_action = 'unsuspend' ;
+          } else {
+            $status = 'active';
+            $spnd_action = 'suspend';
+          }
+            if ($value['TYPE'] == 'db') {
+            $object = 'database';
+          } else {
+            $object = strtolower($value['TYPE']." ".$value['KEY']);
+          }
 
-                        
-                            
-                            
-                                
-                                
-                                
-                            
-                        
         
        
-                                    
-                                        
-                                            
-                                        
-                                    
        
-                                                 
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                    
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                
        
-                    
        
-            
+          $uniq_id = $value['TYPE'].'-';
+          if($value['KEY'] == 'ACCOUNT'){
+            $uniq_id .= 'acc-';
+          }
+          $uniq_id .= sha1($value['RESULT']);
+        ?>
 
-            
        
-                 
+      
        
+        
        
+          
+          
+          
        
+            
        
+
+            
+                  
          L
        
+
+                  
          L
        
+            
+
+
+            
+              
          ↵
        
+              
+                  
          W
        
+              
+
+              
+              
        
+                
+                   
+                  
+                  
+                
+                 Del
+              
        
             
        
+            
+          
        
+          
         
        
+        
+
+        
        
+          
        
+            
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+             
+          
        
+          
+          
        
+            
+              
+                
+                
+                
+              
+            
        
+                  
        
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+          
        
+          
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+
+    
        
+      
        
+      
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+      
        
+    
        
diff --git a/web/templates/user/list_stats.html b/web/templates/user/list_stats.html
index f1d3ac385..7313060b8 100644
--- a/web/templates/user/list_stats.html
+++ b/web/templates/user/list_stats.html
@@ -1,191 +1,267 @@
-            
-                
-                    
-                
-            
        
-                        
        
-                            
        
-                            
-                            
-                            
        
-                        
        
-                        
        
-                        
        
-                         
-                    
        
+    
        
+      
        
+        
        
+          
+            
+              
+              
+              
+              
+            
+          
        
+                
        
+                  
+                  
+                  
+                
        
+                      		
+                
+              
+                
        
+                  
+                  
        
+                    
+                  
        
+                  
+                
        
+              
        
         
        
+      
        
+      
+    
        
 
-        
        
-            
+    
        
+    
 
-                 $value) {
-                        ++$i;
-                ?>
 
-                
-                    
-                    
-                
+    
        
+       $value) {
+           ++$i;
+      ?>
 
-                 
 
-            
        
-                        
-                            
-                        
        
-                            		
-                        
        
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
        
-                                    
-                                
        
-                                    
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                    
        
-                                                : 
-                                                
        
-                                                    
        
-                                                
        
-                                            
        
-                                                : 
-                                                
        
-                                                    
        
-                                                
        
-                                            
        
-                                                
-                                                    
-                                                        
-                                                        
-                                                    
-                                                    
-                                                        
-                                                        
-                                                    
-                                                
        
-                                                            : 
-                                                        
-                                                            : 
-                                                        
        
-                                                            : 
-                                                        
-                                                            : 
-                                                        
        
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        
-                                                :
-                                            
-                                                
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                                :
-                                            
-                                                
-                                            
        
-                                                :
-                                            
-                                                 
-                                            
        
-                                
        
-                    
        
-
-            
        
-                 
+      
        
+        
        
+          
        
+          
        
+          
+          
        
+            
        
             
        
+            
+          
        
+          
         
        
+        
+
+        
        
+          
        
+            
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+            
+          
        
+
+
+
+          
        
+            
+
+               
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+            
        
+                  
        
+                  
        
+                    
        
+                      
+                    
        
+                    
        
+                       
+                    
        
+                  
        
+                  
        
+                    
        
+                  
        
+                  
+                
        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+                  
        
+                    
        
+                    
        
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+                  
        
+                    
        :
        
+                    
        
+                       
+                    
        
+                  
        
+                  
        
+                    
        
+                  
        
+                  
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+                  
        
+                    
        
+                      :  
+                    
        
+                    
        
+                      :  
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+                  
        
+                    
        
+                      :  
+                    
        
+                    
        
+                      :  
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+          
        
+          
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+    
        
+        
        
+    
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+      
        
+    
        
+  
        
diff --git a/web/templates/user/list_user.html b/web/templates/user/list_user.html
index 2d3686b3e..85ed64c33 100644
--- a/web/templates/user/list_user.html
+++ b/web/templates/user/list_user.html
@@ -1,179 +1,332 @@
-            
-                
-                    
-                
-            
        
-                        
        
-                            
-                        
        
-                        
        
-                            
        
-                            
-                            
-                            
        
-                        
        
-                        
        
-                            
        
-                              
-                            
-                            
-                        
        
-                         
-                    
        
+    
        
+      
        
+        ';
+          } else {
+            echo '';
+          }
+        ?>
+        
+        
        
+          
+            
+              
+              
+              
+              
+            
+          
        
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
        
+                  
+                  
        
+                    
+                  
        
+                  
+              
        		
+                :  
+              
        
         
        
+      
        
+      
+    
        
 
-        
        
-            
-                 $value) {
-                        ++$i;
-                        if ($data[$key]['SUSPENDED'] == 'yes') {
-                            $status = 'suspended';
-                            $spnd_action = 'unsuspend' ;
-                            $spnd_confirmation = 'UNSUSPEND_USER_CONFIRMATION' ;
-                        } else {
-                            $status = 'active';
-                            $spnd_action = 'suspend' ;
-                            $spnd_confirmation = 'SUSPEND_USER_CONFIRMATION' ;
-                        }
-                    ?> 
-                
-                    
-                    
-                
-                 
-            
        
-                        
-                            
-                            
-                            
-                        
        ">
        
-                            		
-                        
-                            
-                                
-                                 
-                            
-                        
+    
        
+    
 
-                        
-                            
-                                
-                            
-                                
-                                
-                                
-                            
-                        
        
-                            
        
-                                    
-                                        
-                                        
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                    
         
        
-                                                :  
-                                                
        
-                                                    
        
-                                                
        
-                                            
        :  
-                                                
        
-                                                    
        
-                                                
        
-                                            
        
-                                                
-                                                    
-                                                        
-                                                        
-                                                    
-                                                    
-                                                        
-                                                        
-                                                    
-                                                
        
-                                                            :  
-                                                        
-                                                            :  
-                                                        
        
-                                                            :  
 
-                                                        
-                                                            :  
-                                                        
        
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        : / 
        : / 
        : / 
        : / 
        : / 
        : / 
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        :
        :
        :
        :
        :',$data[$key]['NS']) ?>
        
-                                
        
-                    
        
-            
+    
        
+       $value) {
+          ++$i;
+          if ($data[$key]['SUSPENDED'] == 'yes') {
+            $status = 'suspended';
+            $spnd_action = 'unsuspend' ;
+            $spnd_confirmation = 'UNSUSPEND_USER_CONFIRMATION' ;
+          } else {
+            $status = 'active';
+            $spnd_action = 'suspend' ;
+            $spnd_confirmation = 'SUSPEND_USER_CONFIRMATION' ;
+          }
+      ?>
 
-            
        
-                 
+      
        
+        
        
+          
        
+            
+            
+          
        
+          
+          
        
+            
        
+            
+                
          L
        
+
+                
          L
        
+              
+              
          ↵
        
+              
        
+                
+                   
+                  
+                  
+                
+                 Del
+              
        
             
        
+            
+          
        
+          
         
        
+        
+
+        
        
+          
        
+            
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+            
+          
        
+
+          
        
+             
+          
        
+
+          
        
+            
+
+               
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+              
+                
+                
+                
+              
+
+            
        
+                  
        
+                  
        
+                    
        
+                      
+                    
        
+                    
        
+                       
+                    
        
+                  
        
+                  
        
+                    
        
+                  
        
+                  
+                
        		
+                  
        
+                    
        :
        
+                    
        
+                       / 
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+                  
        
+                    
        
+                    
        
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                       / 
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+                  
        
+                    
        :
        
+                    
        
+                       
+                    
        
+                  
        
+                  
        
+                    
        
+                  
        
+                  
+                        		
+                  
        
+                    
        :
        
+                    
        
+                       / 
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+                  
        
+                    
        
+                      :  
+                    
        
+                    
        
+                      :  
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                       / 
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                
        
+                  
        
+                    
        
+                      :  
+                    
        
+                    
        
+                      :  
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                       / 
+                    
        
+                  
        
+                        		
+                
        
+                
+                  
        
+                    
        :
        
+                    
        
+                       / 
+                    
        
+                  
        
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      ',$data[$key]['NS'])?>
+                    
        
+                  
        
+                
        
+          
        
+          
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+    
        
+        
        
+    
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+      
        
+    
        
+  
        
diff --git a/web/templates/user/list_web.html b/web/templates/user/list_web.html
index 2c4f57135..7b4a9db01 100644
--- a/web/templates/user/list_web.html
+++ b/web/templates/user/list_web.html
@@ -1,32 +1,59 @@
-            
-                
-                    
-                
-            
        
-                        
        
-                            
-                        
        
-                        
        
-                            
        
-                            
-                            
-                            
        
-                        
        
-                        
        
-                            
        
-                              
-                            
-                            
-                        
        
-                         
-                    
        
+    
        
+      
        
+        
+        
+        
        
+          
+            
+              
+              
+              
+              
+            
+          
        
+                
+                  
+                  
+                  
+                
+              
+                
+                
+              
+                
        
+                
+                
        
+                  
+                
        
+                
+              
        		
+                :  
+              
        
+          
         
        
+        
+      
        
+    
        
 
-        
        
-            
+    
        
+    
+
+
+
+
+
+
+    
        
                  $value) {
                         ++$i;
@@ -55,14 +82,30 @@
                         $ftp_user='no';
                         if (!empty($data[$key]['FTP_USER'])) {
                             $ftp_user=$data[$key]['FTP_USER'];
+
                         }
+                        if (strlen($ftp_user) > 24 ) {
+                            $ftp_user = str_replace(':', ', ', $ftp_user);
+                            $ftp_user = substr($ftp_user, 0, 24);
+                            $ftp_user = trim($ftp_user, ":");
+                            $ftp_user = str_replace(':', ', ', $ftp_user);
+                            $ftp_user = $ftp_user.", ...";
+                        } else {
+                            $ftp_user = str_replace(':', ', ', $ftp_user);
+                        }
+
+                        $backend_support='no';
+                        if (!empty($data[$key]['BACKEND'])) {
+                            $backend_support='yes';
+                        }
+
                         $proxy_support='no';
                         if (!empty($data[$key]['PROXY'])) {
                             $proxy_support='yes';
                         }
-                        if (strlen($data[$key]['PROXY_EXT']) > 16 ) {
+                        if (strlen($data[$key]['PROXY_EXT']) > 24 ) {
                             $proxy_ext_title = str_replace(',', ', ', $data[$key]['PROXY_EXT']);
-                            $proxy_ext = substr($data[$key]['PROXY_EXT'], 0, 16);
+                            $proxy_ext = substr($data[$key]['PROXY_EXT'], 0, 24);
                             $proxy_ext = trim($proxy_ext, ",");
                             $proxy_ext = str_replace(',', ', ', $proxy_ext);
                             $proxy_ext = $proxy_ext.", ...";
@@ -70,142 +113,222 @@
                             $proxy_ext_title = '';
                             $proxy_ext = str_replace(',', ', ', $data[$key]['PROXY_EXT']);
                         }
-                    ?> 
-                
        
-                    
-                    
-                
-                 
-            
        
-                        
-                            
-                            
-                            
-                        
        ">
        
-                            		
-                        
-                            
-                                
-                                  
-                                
-                                
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
-                        
-                            
-                                
-                                 
-                            
-                        
+                    ?>
 
-                         
-                        
-                            
-                                
-                                 
-                            
-                        
-                         
 
-                        
-                            
-                                
-                            
-                            
-                                
-                                
-                                
-                            
-                        
        
-                                    
-                                    
-                                
        
-                                    
-                                        
-                                            
-                                        
-                                        
-                                        
-                                            
-                                        
-                                        
-                                            
-                                        
-                                    
        
-                                                 
-                                            
        
-                                                :  
-                                                
        
-                                                    
        
-                                                
        
-                                            
        
-                                                :  
-                                                
        
-                                                    
        
-                                                
        
-                                            
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
 
-                                        
-                                            
-                                            
-                                        
+      
        
+        
        
+          
        
+            
+            
+          
        
+          
+          
        
+            
        
+              
          ↵
        
+              
          L
        
+              
+                  
          W
        
+              
+              
        
+                
+                   
+                  
+                  
+                
+                 Del
+              
        
 
-                                        
        
-                                            
-                                            
-                                        
 
-                                    
        :
        :
        :  
        :
        
-                                        		
-                                    
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                        
-                                            
-                                            
-                                        
-                                    
        :
        :
         : 
        
-                                
        
-                    
        
-            
-
-            
        
-                 
             
        
+            
+          
        
+          
         
        
+        
+
+        
        
+          
        
+            
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+        
+        
        
+          
        
+             
+          
        
+          
+          
        
+            .', $data[$key]['IP'])?>
+          
        
+          
+          
        
+            
+              
+                
+                
+                
+              
+              
+                
+                
+                
+              
+              
+                
+                
+                
+              
+            
        
+                  
        
+                    
        
+                      
+                    
        
+                    
        
+                       
+                    
        
+                  
        
+                  
        
+                    
        
+                  
        
+                  
+                        		
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                        		
+                  .
+                  
+                    
        
+                  
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                  
+                  
+                  .
+                  
+                    
        
+                  
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                  
+                  
+                
        
+                  
+                    
        
+                  
+                    
        
+                      
        :
        
+                      
        
+                       
+                            
+                        
+                      
        
+                    
        
+                  
+                        		
+                  .
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                  
+                  .
+                  
        
+                    
        :
        
+                    
        
+                      
+                    
        
+                  
        
+                  
+                
        
+                  
        
+                    
        :
        
+                    
        
+                       
+                    
        
+                  
        
+                  
        
+                    
        
+                  
        
+                  
+                        		
+                  
+                    
        
+                  
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                  
+                        		
+                  
+                    
        
+                  
+                    
        
+                      
        :
        
+                      
        
+                        
+                      
        
+                    
        
+                  
+                
        
+          
        
+          
+        
        
+        
+      
        
+      
+      
+      
+      
+
+    
        
+
+
+    
        
+      
        
+      
        
+        
        
+          
        
+          
        
+          
        
+            
+          
        
+        
        
+      
        
+    
        
diff --git a/web/templates/user/panel.html b/web/templates/user/panel.html
index fb6af499d..452105ee9 100644
--- a/web/templates/user/panel.html
+++ b/web/templates/user/panel.html
@@ -1,112 +1,117 @@
-    
        
-        
        
-            
        
-                
-                      
-                      
-                
-                
-                    
-                     
-                
-            
        
-            
        
-                
+  
+  
+    
+  
+  
+    
+  
+  
        
+    
        
+      
+      
+      
        
+        
        
+        
        
+        
        
+        
        
+      
        
+      
 
-                
-                
-                    
        
-                         
-                    
        
-                    
        
-                        :  
        
-                        :  
-                    
        
-                    
        
-                        
-                        
+      
        
+        "> 
+        
+          
+      
        
+      
+    
        
+  
        
+  
+  
 
-                
-                
-                    
        
-                         
-                    
        
-                    
        
-                        : 
        
-                        : 
        
-                        :  
-                    
        
-                    
        
-                        
-                        
 
-                
-                
-                    
        
-                         
-                    
        
-                    
        
-                        : 
        
-                        : 
        
-                        :  
-                    
        
-                    
        
-                        
-                        
 
-                
-                
-                    
        
-                         
-                    
        
-                    
        
-                        : 
        
-                        : 
        
-                        :  
-                    
        
-                    
        
-                        
-                        
-
-                
-                
-                    
        
-                         
-                    
        
-                    
        
-                        : 
        
-                        :  
-                    
        
-                    
        
-                        
-                        
-
-                
-                
-                    
        
-                         
-                    
        
-                    
        
-                        : 
        
-                        :  
-                    
        
-                    
        
-                        
-                        
-
-                
-                
-                    
        
-                         
-                    
        
-                    
        
-                        : 
        
-                    
        
-                    
        
-                        
-                        
-            
        
\ No newline at end of file
+  
        
+    
        
+      
        
+        
        
+          
+            
        
+            
          
+              
        • :  
          • 
+              
        • :   
          • 
+            
        
+                  
+        
        
+		
+	        
        
+	          
+	            
        
+	            
          
+	              
        • : 
          • 
+	              
        • : 
          • 
+	              
        • : 
          • 
+	            
        
+	                  
+	        
        
+		
+		
+	        
        
+	          
+	            
        
+	            
          
+	              
        • : 
          • 
+	              
        • : 
          • 
+	              
        • : 
          • 
+	            
        
+	                  
+	        
        
+		
+		
+	        
        
+	          
+	            
        
+	            
          
+	              
        • : 
          • 
+	              
        • : 
          • 
+	              
        • : 
          • 
+	            
        
+	                  
+	        
        
+		
+		
+	        
        
+	          
+	            
        
+	            
          
+	              
        • : 
          • 
+	              
        • : 
          • 
+	            
        
+	                  
+	        
        
+		
+		
+	        
        
+	          
+	            
        
+	            
          
+	              
        • : 
          • 
+	              
        • : 
          • 
+	            
        
+	                  
+	        
        
+		
+		
+	        
        
+	          
+	            
        
+	            
          
+	              
        • : 
          • 
+	            
        
+	                  
+	        
        
+		
+      
        
+      
+    
        
+    
        
+    
diff --git a/web/unsuspend/cron/index.php b/web/unsuspend/cron/index.php
index 24f03d8ed..30e3dec0b 100644
--- a/web/unsuspend/cron/index.php
+++ b/web/unsuspend/cron/index.php
@@ -1,34 +1 @@
-
diff --git a/web/unsuspend/db/index.php b/web/unsuspend/db/index.php
index dfd5d684c..30e3dec0b 100644
--- a/web/unsuspend/db/index.php
+++ b/web/unsuspend/db/index.php
@@ -1,32 +1 @@
-
diff --git a/web/unsuspend/dns/index.php b/web/unsuspend/dns/index.php
index 2ba3706ec..30e3dec0b 100644
--- a/web/unsuspend/dns/index.php
+++ b/web/unsuspend/dns/index.php
@@ -1,66 +1 @@
-', $output);
-        if (empty($error)) $error = __('Error: vesta did not return any output.');
-        $_SESSION['error_msg'] = $error;
-    }
-    unset($output);
-    $back=getenv("HTTP_REFERER");
-    if (!empty($back)) {
-        header("Location: ".$back);
-        exit;
-    }
-    header("Location: /list/dns/");
-    exit;
-}
-
-// DNS record
-if ((!empty($_GET['domain'])) && (!empty($_GET['record_id'])))  {
-    $v_username = escapeshellarg($user);
-    $v_domain = escapeshellarg($_GET['domain']);
-    $v_record_id = escapeshellarg($_GET['record_id']);
-    exec (VESTA_CMD."v-unsuspend-dns-record ".$v_username." ".$v_domain." ".$v_record_id, $output, $return_var);
-    if ($return_var != 0) {
-        $error = implode('
        ', $output);
-        if (empty($error)) $error = __('Error: vesta did not return any output.');
-        $_SESSION['error_msg'] = $error;
-    }
-    unset($output);
-    $back=getenv("HTTP_REFERER");
-    if (!empty($back)) {
-        header("Location: ".$back);
-        exit;
-    }
-    header("Location: /list/dns/?domain=".$_GET['domain']);
-    exit;
-}
-
-$back=getenv("HTTP_REFERER");
-if (!empty($back)) {
-    header("Location: ".$back);
-    exit;
-}
-
-header("Location: /list/dns/");
-exit;
+
diff --git a/web/unsuspend/firewall/index.php b/web/unsuspend/firewall/index.php
index ab2ebc72b..30e3dec0b 100644
--- a/web/unsuspend/firewall/index.php
+++ b/web/unsuspend/firewall/index.php
@@ -1,28 +1 @@
-
diff --git a/web/unsuspend/mail/index.php b/web/unsuspend/mail/index.php
index 16011c366..30e3dec0b 100644
--- a/web/unsuspend/mail/index.php
+++ b/web/unsuspend/mail/index.php
@@ -1,66 +1 @@
-', $output);
-        if (empty($error)) $error = __('Error: vesta did not return any output.');
-        $_SESSION['error_msg'] = $error;
-    }
-    unset($output);
-    $back=getenv("HTTP_REFERER");
-    if (!empty($back)) {
-        header("Location: ".$back);
-        exit;
-    }
-    header("Location: /list/mail/");
-    exit;
-}
-
-// Mail account
-if ((!empty($_GET['domain'])) && (!empty($_GET['account'])))  {
-    $v_username = escapeshellarg($user);
-    $v_domain = escapeshellarg($_GET['domain']);
-    $v_account = escapeshellarg($_GET['account']);
-    exec (VESTA_CMD."v-unsuspend-mail-account ".$v_username." ".$v_domain." ".$v_account, $output, $return_var);
-    if ($return_var != 0) {
-        $error = implode('
        ', $output);
-        if (empty($error)) $error = __('Error: vesta did not return any output.');
-        $_SESSION['error_msg'] = $error;
-    }
-    unset($output);
-    $back=getenv("HTTP_REFERER");
-    if (!empty($back)) {
-        header("Location: ".$back);
-        exit;
-    }
-    header("Location: /list/mail/?domain=".$_GET['domain']);
-    exit;
-}
-
-$back=getenv("HTTP_REFERER");
-if (!empty($back)) {
-    header("Location: ".$back);
-    exit;
-}
-
-header("Location: /list/mail/");
-exit;
+
diff --git a/web/unsuspend/user/index.php b/web/unsuspend/user/index.php
index 4002428cc..30e3dec0b 100644
--- a/web/unsuspend/user/index.php
+++ b/web/unsuspend/user/index.php
@@ -1,29 +1 @@
-
diff --git a/web/unsuspend/web/index.php b/web/unsuspend/web/index.php
index 8b467dcb6..30e3dec0b 100644
--- a/web/unsuspend/web/index.php
+++ b/web/unsuspend/web/index.php
@@ -1,31 +1 @@
-
diff --git a/web/update/vesta/index.php b/web/update/vesta/index.php
index a025c7bf0..30e3dec0b 100644
--- a/web/update/vesta/index.php
+++ b/web/update/vesta/index.php
@@ -1,23 +1 @@
-', $output);
-        if (empty($error)) $error = 'Error: '.$v_pkg.' update failed';
-            $_SESSION['error_msg'] = $error;
-    }
-    unset($output);
-}
-
-header("Location: /list/updates/");
-exit;
+
diff --git a/web/upload/UploadHandler.php b/web/upload/UploadHandler.php
new file mode 100755
index 000000000..515a885b9
--- /dev/null
+++ b/web/upload/UploadHandler.php
@@ -0,0 +1,1411 @@
+ 'The uploaded file exceeds the upload_max_filesize directive in php.ini',
+        2 => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form',
+        3 => 'The uploaded file was only partially uploaded',
+        4 => 'No file was uploaded',
+        6 => 'Missing a temporary folder',
+        7 => 'Failed to write file to disk',
+        8 => 'A PHP extension stopped the file upload',
+        'post_max_size' => 'The uploaded file exceeds the post_max_size directive in php.ini',
+        'max_file_size' => 'File is too big',
+        'min_file_size' => 'File is too small',
+        'accept_file_types' => 'Filetype not allowed',
+        'max_number_of_files' => 'Maximum number of files exceeded',
+        'max_width' => 'Image exceeds maximum width',
+        'min_width' => 'Image requires a minimum width',
+        'max_height' => 'Image exceeds maximum height',
+        'min_height' => 'Image requires a minimum height',
+        'abort' => 'File upload aborted',
+        'image_resize' => 'Failed to resize image'
+    );
+
+    protected $image_objects = array();
+
+    function __construct($options = null, $initialize = true, $error_messages = null) {
+        $this->options = array(
+            'script_url' => $this->get_full_url().'/',
+            'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/files/',
+            'upload_url' => $this->get_full_url().'/files/',
+            'user_dirs' => false,
+            'mkdir_mode' => 0755,
+            'param_name' => 'files',
+            // Set the following option to 'POST', if your server does not support
+            // DELETE requests. This is a parameter sent to the client:
+            'delete_type' => 'DELETE',
+            'access_control_allow_origin' => '*',
+            'access_control_allow_credentials' => false,
+            'access_control_allow_methods' => array(
+                'OPTIONS',
+                'HEAD',
+                'GET',
+                'POST',
+                'PUT',
+                'PATCH',
+                'DELETE'
+            ),
+            'access_control_allow_headers' => array(
+                'Content-Type',
+                'Content-Range',
+                'Content-Disposition'
+            ),
+            // Enable to provide file downloads via GET requests to the PHP script:
+            //     1. Set to 1 to download files via readfile method through PHP
+            //     2. Set to 2 to send a X-Sendfile header for lighttpd/Apache
+            //     3. Set to 3 to send a X-Accel-Redirect header for nginx
+            // If set to 2 or 3, adjust the upload_url option to the base path of
+            // the redirect parameter, e.g. '/files/'.
+            'download_via_php' => false,
+            // Read files in chunks to avoid memory limits when download_via_php
+            // is enabled, set to 0 to disable chunked reading of files:
+            'readfile_chunk_size' => 10 * 1024 * 1024, // 10 MiB
+            // Defines which files can be displayed inline when downloaded:
+            'inline_file_types' => '/\.(gif|jpe?g|png)$/i',
+            // Defines which files (based on their names) are accepted for upload:
+            'accept_file_types' => '/.+$/i',
+            // The php.ini settings upload_max_filesize and post_max_size
+            // take precedence over the following max_file_size setting:
+            'max_file_size' => null,
+            'min_file_size' => null,
+            // The maximum number of files for the upload directory:
+            'max_number_of_files' => null,
+            // Defines which files are handled as image files:
+            'image_file_types' => '/\.(gif|jpe?g|png)$/i',
+            // Use exif_imagetype on all files to correct file extensions:
+            'correct_image_extensions' => false,
+            // Image resolution restrictions:
+            'max_width' => null,
+            'max_height' => null,
+            'min_width' => 1,
+            'min_height' => 1,
+            // Set the following option to false to enable resumable uploads:
+            'discard_aborted_uploads' => true,
+            // Set to 0 to use the GD library to scale and orient images,
+            // set to 1 to use imagick (if installed, falls back to GD),
+            // set to 2 to use the ImageMagick convert binary directly:
+            'image_library' => 1,
+            // Uncomment the following to define an array of resource limits
+            // for imagick:
+            /*
+            'imagick_resource_limits' => array(
+                imagick::RESOURCETYPE_MAP => 32,
+                imagick::RESOURCETYPE_MEMORY => 32
+            ),
+            */
+            // Command or path for to the ImageMagick convert binary:
+            'convert_bin' => 'convert',
+            // Uncomment the following to add parameters in front of each
+            // ImageMagick convert call (the limit constraints seem only
+            // to have an effect if put in front):
+            /*
+            'convert_params' => '-limit memory 32MiB -limit map 32MiB',
+            */
+            // Command or path for to the ImageMagick identify binary:
+            'identify_bin' => 'identify',
+            'image_versions' => array(
+                // The empty image version key defines options for the original image:
+                '' => array(
+                    // Automatically rotate images based on EXIF meta data:
+                    'auto_orient' => true
+                ),
+                // Uncomment the following to create medium sized images:
+                /*
+                'medium' => array(
+                    'max_width' => 800,
+                    'max_height' => 600
+                ),
+                */
+                'thumbnail' => array(
+                    // Uncomment the following to use a defined directory for the thumbnails
+                    // instead of a subdirectory based on the version identifier.
+                    // Make sure that this directory doesn't allow execution of files if you
+                    // don't pose any restrictions on the type of uploaded files, e.g. by
+                    // copying the .htaccess file from the files directory for Apache:
+                    //'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/thumb/',
+                    //'upload_url' => $this->get_full_url().'/thumb/',
+                    // Uncomment the following to force the max
+                    // dimensions and e.g. create square thumbnails:
+                    //'crop' => true,
+                    'max_width' => 80,
+                    'max_height' => 80
+                )
+            )
+        );
+        if ($options) {
+            $this->options = $options + $this->options;
+        }
+        if ($error_messages) {
+            $this->error_messages = $error_messages + $this->error_messages;
+        }
+        if ($initialize) {
+            $this->initialize();
+        }
+    }
+
+    protected function initialize() {
+        switch ($this->get_server_var('REQUEST_METHOD')) {
+            case 'OPTIONS':
+            case 'HEAD':
+                $this->head();
+                break;
+            case 'GET':
+                $this->get();
+                break;
+            case 'PATCH':
+            case 'PUT':
+            case 'POST':
+                $this->post();
+                break;
+            case 'DELETE':
+                $this->delete();
+                break;
+            default:
+                $this->header('HTTP/1.1 405 Method Not Allowed');
+        }
+    }
+
+    protected function get_full_url() {
+        $https = !empty($_SERVER['HTTPS']) && strcasecmp($_SERVER['HTTPS'], 'on') === 0 ||
+            !empty($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
+                strcasecmp($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') === 0;
+        return
+            ($https ? 'https://' : 'http://').
+            (!empty($_SERVER['REMOTE_USER']) ? $_SERVER['REMOTE_USER'].'@' : '').
+            (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : ($_SERVER['SERVER_NAME'].
+            ($https && $_SERVER['SERVER_PORT'] === 443 ||
+            $_SERVER['SERVER_PORT'] === 80 ? '' : ':'.$_SERVER['SERVER_PORT']))).
+            substr($_SERVER['SCRIPT_NAME'],0, strrpos($_SERVER['SCRIPT_NAME'], '/'));
+    }
+
+    protected function get_user_id() {
+        @session_start();
+        return session_id();
+    }
+
+    protected function get_user_path() {
+        if ($this->options['user_dirs']) {
+            return $this->get_user_id().'/';
+        }
+        return '';
+    }
+
+    protected function get_upload_path($file_name = null, $version = null) {
+        $relocate_directory = $_GET['dir'];
+        if (empty($relocate_directory)) {
+            $relocate_directory = '/home/admin/'; // fallback dir
+        }
+        if ($relocate_directory[strlen($relocate_directory) -1] != '/') {
+            $relocate_directory .= '/';
+        }
+        $file_name = $file_name ? $file_name : '';
+        if (empty($version)) {
+            $version_path = '';
+        } else {
+            $version_dir = @$this->options['image_versions'][$version]['upload_dir'];
+            if ($version_dir) {
+                return $version_dir.$this->get_user_path().$file_name;
+            }
+            $version_path = $version.'/';
+        }
+        //return $this->options['upload_dir'].$this->get_user_path()
+        //    .$version_path.$file_name;
+        return $relocate_directory
+            .$version_path.$file_name;
+    }
+
+    protected function get_query_separator($url) {
+        return strpos($url, '?') === false ? '?' : '&';
+    }
+
+    protected function get_download_url($file_name, $version = null, $direct = false) {
+        if (!$direct && $this->options['download_via_php']) {
+            $url = $this->options['script_url']
+                .$this->get_query_separator($this->options['script_url'])
+                .$this->get_singular_param_name()
+                .'='.rawurlencode($file_name);
+            if ($version) {
+                $url .= '&version='.rawurlencode($version);
+            }
+            return $url.'&download=1';
+        }
+        if (empty($version)) {
+            $version_path = '';
+        } else {
+            $version_url = @$this->options['image_versions'][$version]['upload_url'];
+            if ($version_url) {
+                return $version_url.$this->get_user_path().rawurlencode($file_name);
+            }
+            $version_path = rawurlencode($version).'/';
+        }
+        return $this->options['upload_url'].$this->get_user_path()
+            .$version_path.rawurlencode($file_name);
+    }
+
+    protected function set_additional_file_properties($file) {
+        $file->deleteUrl = $this->options['script_url']
+            .$this->get_query_separator($this->options['script_url'])
+            .$this->get_singular_param_name()
+            .'='.rawurlencode($file->name);
+        $file->deleteType = $this->options['delete_type'];
+        if ($file->deleteType !== 'DELETE') {
+            $file->deleteUrl .= '&_method=DELETE';
+        }
+        if ($this->options['access_control_allow_credentials']) {
+            $file->deleteWithCredentials = true;
+        }
+    }
+
+    // Fix for overflowing signed 32 bit integers,
+    // works for sizes up to 2^32-1 bytes (4 GiB - 1):
+    protected function fix_integer_overflow($size) {
+        if ($size < 0) {
+            $size += 2.0 * (PHP_INT_MAX + 1);
+        }
+        return $size;
+    }
+
+    protected function get_file_size($file_path, $clear_stat_cache = false) {
+        if ($clear_stat_cache) {
+            if (version_compare(PHP_VERSION, '5.3.0') >= 0) {
+                clearstatcache(true, $file_path);
+            } else {
+                clearstatcache();
+            }
+        }
+
+        return $this->fix_integer_overflow(filesize($file_path));
+    }
+
+    protected function is_valid_file_object($file_name) {
+        $file_path = $this->get_upload_path($file_name);
+        if (is_file($file_path) && $file_name[0] !== '.') {
+            return true;
+        }
+        return false;
+    }
+
+    protected function get_file_object($file_name) {
+        if ($this->is_valid_file_object($file_name)) {
+            $file = new \stdClass();
+            $file->name = $file_name;
+            $file->size = $this->get_file_size(
+                $this->get_upload_path($file_name)
+            );
+            $file->url = $this->get_download_url($file->name);
+            foreach($this->options['image_versions'] as $version => $options) {
+                if (!empty($version)) {
+                    if (is_file($this->get_upload_path($file_name, $version))) {
+                        $file->{$version.'Url'} = $this->get_download_url(
+                            $file->name,
+                            $version
+                        );
+                    }
+                }
+            }
+            $this->set_additional_file_properties($file);
+            return $file;
+        }
+        return null;
+    }
+
+    protected function get_file_objects($iteration_method = 'get_file_object') {
+        $upload_dir = $this->get_upload_path();
+        if (!is_dir($upload_dir)) {
+            return array();
+        }
+        return array_values(array_filter(array_map(
+            array($this, $iteration_method),
+            scandir($upload_dir)
+        )));
+    }
+
+    protected function count_file_objects() {
+        return count($this->get_file_objects('is_valid_file_object'));
+    }
+
+    protected function get_error_message($error) {
+        return array_key_exists($error, $this->error_messages) ?
+            $this->error_messages[$error] : $error;
+    }
+
+    function get_config_bytes($val) {
+        $val = trim($val);
+        $last = strtolower($val[strlen($val)-1]);
+        switch($last) {
+            case 'g':
+                $val *= 1024;
+            case 'm':
+                $val *= 1024;
+            case 'k':
+                $val *= 1024;
+        }
+        return $this->fix_integer_overflow($val);
+    }
+
+    protected function validate($uploaded_file, $file, $error, $index) {
+        if ($error) {
+            $file->error = $this->get_error_message($error);
+            return false;
+        }
+        $content_length = $this->fix_integer_overflow(intval(
+            $this->get_server_var('CONTENT_LENGTH')
+        ));
+        $post_max_size = $this->get_config_bytes(ini_get('post_max_size'));
+        if ($post_max_size && ($content_length > $post_max_size)) {
+            $file->error = $this->get_error_message('post_max_size');
+            return false;
+        }
+        if (!preg_match($this->options['accept_file_types'], $file->name)) {
+            $file->error = $this->get_error_message('accept_file_types');
+            return false;
+        }
+        if ($uploaded_file && is_uploaded_file($uploaded_file)) {
+            $file_size = $this->get_file_size($uploaded_file);
+        } else {
+            $file_size = $content_length;
+        }
+        if ($this->options['max_file_size'] && (
+                $file_size > $this->options['max_file_size'] ||
+                $file->size > $this->options['max_file_size'])
+            ) {
+            $file->error = $this->get_error_message('max_file_size');
+            return false;
+        }
+        if ($this->options['min_file_size'] &&
+            $file_size < $this->options['min_file_size']) {
+            $file->error = $this->get_error_message('min_file_size');
+            return false;
+        }
+        if (is_int($this->options['max_number_of_files']) &&
+                ($this->count_file_objects() >= $this->options['max_number_of_files']) &&
+                // Ignore additional chunks of existing files:
+                !is_file($this->get_upload_path($file->name))) {
+            $file->error = $this->get_error_message('max_number_of_files');
+            return false;
+        }
+        $max_width = @$this->options['max_width'];
+        $max_height = @$this->options['max_height'];
+        $min_width = @$this->options['min_width'];
+        $min_height = @$this->options['min_height'];
+        if (($max_width || $max_height || $min_width || $min_height)
+           && preg_match($this->options['image_file_types'], $file->name)) {
+            list($img_width, $img_height) = $this->get_image_size($uploaded_file);
+        }
+        if (!empty($img_width)) {
+            if ($max_width && $img_width > $max_width) {
+                $file->error = $this->get_error_message('max_width');
+                return false;
+            }
+            if ($max_height && $img_height > $max_height) {
+                $file->error = $this->get_error_message('max_height');
+                return false;
+            }
+            if ($min_width && $img_width < $min_width) {
+                $file->error = $this->get_error_message('min_width');
+                return false;
+            }
+            if ($min_height && $img_height < $min_height) {
+                $file->error = $this->get_error_message('min_height');
+                return false;
+            }
+        }
+        return true;
+    }
+
+    protected function upcount_name_callback($matches) {
+        $index = isset($matches[1]) ? intval($matches[1]) + 1 : 1;
+        $ext = isset($matches[2]) ? $matches[2] : '';
+        return ' ('.$index.')'.$ext;
+    }
+
+    protected function upcount_name($name) {
+        return preg_replace_callback(
+            '/(?:(?: \(([\d]+)\))?(\.[^.]+))?$/',
+            array($this, 'upcount_name_callback'),
+            $name,
+            1
+        );
+    }
+
+    protected function sanitizeFileName($file) {
+        // (|\\?*<\":>+[]/')
+        // \|\\\?\*\<\"\'\:\>\+\[\]
+        $file = preg_replace("/'/", '', $file);
+
+        return $file;
+    }
+
+    protected function get_unique_filename($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+        $name = $this->sanitizeFileName($name);
+
+        while(is_dir($this->get_upload_path($name))) {
+            $name = $this->upcount_name($name);
+        }
+        // Keep an existing filename if this is part of a chunked upload:
+        $uploaded_bytes = $this->fix_integer_overflow(intval($content_range[1]));
+        while(is_file($this->get_upload_path($name))) {
+            if ($uploaded_bytes === $this->get_file_size(
+                    $this->get_upload_path($name))) {
+                break;
+            }
+            $name = $this->upcount_name($name);
+        }
+        return $name;
+    }
+
+    protected function fix_file_extension($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+        // Add missing file extension for known image types:
+        if (strpos($name, '.') === false &&
+                preg_match('/^image\/(gif|jpe?g|png)/', $type, $matches)) {
+            $name .= '.'.$matches[1];
+        }
+        if ($this->options['correct_image_extensions'] &&
+                function_exists('exif_imagetype')) {
+            switch(@exif_imagetype($file_path)){
+                case IMAGETYPE_JPEG:
+                    $extensions = array('jpg', 'jpeg');
+                    break;
+                case IMAGETYPE_PNG:
+                    $extensions = array('png');
+                    break;
+                case IMAGETYPE_GIF:
+                    $extensions = array('gif');
+                    break;
+            }
+            // Adjust incorrect image file extensions:
+            if (!empty($extensions)) {
+                $parts = explode('.', $name);
+                $extIndex = count($parts) - 1;
+                $ext = strtolower(@$parts[$extIndex]);
+                if (!in_array($ext, $extensions)) {
+                    $parts[$extIndex] = $extensions[0];
+                    $name = implode('.', $parts);
+                }
+            }
+        }
+        return $name;
+    }
+
+    protected function trim_file_name($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+        // Remove path information and dots around the filename, to prevent uploading
+        // into different directories or replacing hidden system files.
+        // Also remove control characters and spaces (\x00..\x20) around the filename:
+        $name = trim(basename(stripslashes($name)), ".\x00..\x20");
+        // Use a timestamp for empty filenames:
+        if (!$name) {
+            $name = str_replace('.', '-', microtime(true));
+        }
+        return $name;
+    }
+
+    protected function get_file_name($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+        $name = $this->trim_file_name($file_path, $name, $size, $type, $error,
+            $index, $content_range);
+        return $this->get_unique_filename(
+            $file_path,
+            $this->fix_file_extension($file_path, $name, $size, $type, $error,
+                $index, $content_range),
+            $size,
+            $type,
+            $error,
+            $index,
+            $content_range
+        );
+    }
+
+    protected function get_current_file_name($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+
+        $name = $this->trim_file_name($file_path, $name, $size, $type, $error, $index, $content_range);
+
+
+        return $this->get_unique_filename(
+            $file_path,
+            $this->fix_file_extension($file_path, $name, $size, $type, $error,
+                $index, $content_range),
+            $size,
+            $type,
+            $error,
+            $index,
+            $content_range
+        );
+    }
+
+
+    protected function handle_form_data($file, $index) {
+        // Handle form data, e.g. $_REQUEST['description'][$index]
+    }
+
+    protected function get_scaled_image_file_paths($file_name, $version) {
+        $file_path = $this->get_upload_path($file_name);
+        if (!empty($version)) {
+            $version_dir = $this->get_upload_path(null, $version);
+            if (!is_dir($version_dir)) {
+                mkdir($version_dir, $this->options['mkdir_mode'], true);
+            }
+            $new_file_path = $version_dir.'/'.$file_name;
+        } else {
+            $new_file_path = $file_path;
+        }
+        return array($file_path, $new_file_path);
+    }
+
+    protected function gd_get_image_object($file_path, $func, $no_cache = false) {
+        if (empty($this->image_objects[$file_path]) || $no_cache) {
+            $this->gd_destroy_image_object($file_path);
+            $this->image_objects[$file_path] = $func($file_path);
+        }
+        return $this->image_objects[$file_path];
+    }
+
+    protected function gd_set_image_object($file_path, $image) {
+        $this->gd_destroy_image_object($file_path);
+        $this->image_objects[$file_path] = $image;
+    }
+
+    protected function gd_destroy_image_object($file_path) {
+        $image = (isset($this->image_objects[$file_path])) ? $this->image_objects[$file_path] : null ;
+        return $image && imagedestroy($image);
+    }
+
+    protected function gd_imageflip($image, $mode) {
+        if (function_exists('imageflip')) {
+            return imageflip($image, $mode);
+        }
+        $new_width = $src_width = imagesx($image);
+        $new_height = $src_height = imagesy($image);
+        $new_img = imagecreatetruecolor($new_width, $new_height);
+        $src_x = 0;
+        $src_y = 0;
+        switch ($mode) {
+            case '1': // flip on the horizontal axis
+                $src_y = $new_height - 1;
+                $src_height = -$new_height;
+                break;
+            case '2': // flip on the vertical axis
+                $src_x  = $new_width - 1;
+                $src_width = -$new_width;
+                break;
+            case '3': // flip on both axes
+                $src_y = $new_height - 1;
+                $src_height = -$new_height;
+                $src_x  = $new_width - 1;
+                $src_width = -$new_width;
+                break;
+            default:
+                return $image;
+        }
+        imagecopyresampled(
+            $new_img,
+            $image,
+            0,
+            0,
+            $src_x,
+            $src_y,
+            $new_width,
+            $new_height,
+            $src_width,
+            $src_height
+        );
+        return $new_img;
+    }
+
+    protected function gd_orient_image($file_path, $src_img) {
+        if (!function_exists('exif_read_data')) {
+            return false;
+        }
+        $exif = @exif_read_data($file_path);
+        if ($exif === false) {
+            return false;
+        }
+        $orientation = intval(@$exif['Orientation']);
+        if ($orientation < 2 || $orientation > 8) {
+            return false;
+        }
+        switch ($orientation) {
+            case 2:
+                $new_img = $this->gd_imageflip(
+                    $src_img,
+                    defined('IMG_FLIP_VERTICAL') ? IMG_FLIP_VERTICAL : 2
+                );
+                break;
+            case 3:
+                $new_img = imagerotate($src_img, 180, 0);
+                break;
+            case 4:
+                $new_img = $this->gd_imageflip(
+                    $src_img,
+                    defined('IMG_FLIP_HORIZONTAL') ? IMG_FLIP_HORIZONTAL : 1
+                );
+                break;
+            case 5:
+                $tmp_img = $this->gd_imageflip(
+                    $src_img,
+                    defined('IMG_FLIP_HORIZONTAL') ? IMG_FLIP_HORIZONTAL : 1
+                );
+                $new_img = imagerotate($tmp_img, 270, 0);
+                imagedestroy($tmp_img);
+                break;
+            case 6:
+                $new_img = imagerotate($src_img, 270, 0);
+                break;
+            case 7:
+                $tmp_img = $this->gd_imageflip(
+                    $src_img,
+                    defined('IMG_FLIP_VERTICAL') ? IMG_FLIP_VERTICAL : 2
+                );
+                $new_img = imagerotate($tmp_img, 270, 0);
+                imagedestroy($tmp_img);
+                break;
+            case 8:
+                $new_img = imagerotate($src_img, 90, 0);
+                break;
+            default:
+                return false;
+        }
+        $this->gd_set_image_object($file_path, $new_img);
+        return true;
+    }
+
+    protected function gd_create_scaled_image($file_name, $version, $options) {
+        if (!function_exists('imagecreatetruecolor')) {
+            error_log('Function not found: imagecreatetruecolor');
+            return false;
+        }
+        list($file_path, $new_file_path) =
+            $this->get_scaled_image_file_paths($file_name, $version);
+        $type = strtolower(substr(strrchr($file_name, '.'), 1));
+        switch ($type) {
+            case 'jpg':
+            case 'jpeg':
+                $src_func = 'imagecreatefromjpeg';
+                $write_func = 'imagejpeg';
+                $image_quality = isset($options['jpeg_quality']) ?
+                    $options['jpeg_quality'] : 75;
+                break;
+            case 'gif':
+                $src_func = 'imagecreatefromgif';
+                $write_func = 'imagegif';
+                $image_quality = null;
+                break;
+            case 'png':
+                $src_func = 'imagecreatefrompng';
+                $write_func = 'imagepng';
+                $image_quality = isset($options['png_quality']) ?
+                    $options['png_quality'] : 9;
+                break;
+            default:
+                return false;
+        }
+        $src_img = $this->gd_get_image_object(
+            $file_path,
+            $src_func,
+            !empty($options['no_cache'])
+        );
+        $image_oriented = false;
+        if (!empty($options['auto_orient']) && $this->gd_orient_image(
+                $file_path,
+                $src_img
+            )) {
+            $image_oriented = true;
+            $src_img = $this->gd_get_image_object(
+                $file_path,
+                $src_func
+            );
+        }
+        $max_width = $img_width = imagesx($src_img);
+        $max_height = $img_height = imagesy($src_img);
+        if (!empty($options['max_width'])) {
+            $max_width = $options['max_width'];
+        }
+        if (!empty($options['max_height'])) {
+            $max_height = $options['max_height'];
+        }
+        $scale = min(
+            $max_width / $img_width,
+            $max_height / $img_height
+        );
+        if ($scale >= 1) {
+            if ($image_oriented) {
+                return $write_func($src_img, $new_file_path, $image_quality);
+            }
+            if ($file_path !== $new_file_path) {
+                return copy($file_path, $new_file_path);
+            }
+            return true;
+        }
+        if (empty($options['crop'])) {
+            $new_width = $img_width * $scale;
+            $new_height = $img_height * $scale;
+            $dst_x = 0;
+            $dst_y = 0;
+            $new_img = imagecreatetruecolor($new_width, $new_height);
+        } else {
+            if (($img_width / $img_height) >= ($max_width / $max_height)) {
+                $new_width = $img_width / ($img_height / $max_height);
+                $new_height = $max_height;
+            } else {
+                $new_width = $max_width;
+                $new_height = $img_height / ($img_width / $max_width);
+            }
+            $dst_x = 0 - ($new_width - $max_width) / 2;
+            $dst_y = 0 - ($new_height - $max_height) / 2;
+            $new_img = imagecreatetruecolor($max_width, $max_height);
+        }
+        // Handle transparency in GIF and PNG images:
+        switch ($type) {
+            case 'gif':
+            case 'png':
+                imagecolortransparent($new_img, imagecolorallocate($new_img, 0, 0, 0));
+            case 'png':
+                imagealphablending($new_img, false);
+                imagesavealpha($new_img, true);
+                break;
+        }
+        $success = imagecopyresampled(
+            $new_img,
+            $src_img,
+            $dst_x,
+            $dst_y,
+            0,
+            0,
+            $new_width,
+            $new_height,
+            $img_width,
+            $img_height
+        ) && $write_func($new_img, $new_file_path, $image_quality);
+        $this->gd_set_image_object($file_path, $new_img);
+        return $success;
+    }
+
+    protected function imagick_get_image_object($file_path, $no_cache = false) {
+        if (empty($this->image_objects[$file_path]) || $no_cache) {
+            $this->imagick_destroy_image_object($file_path);
+            $image = new \Imagick();
+            if (!empty($this->options['imagick_resource_limits'])) {
+                foreach ($this->options['imagick_resource_limits'] as $type => $limit) {
+                    $image->setResourceLimit($type, $limit);
+                }
+            }
+            $image->readImage($file_path);
+            $this->image_objects[$file_path] = $image;
+        }
+        return $this->image_objects[$file_path];
+    }
+
+    protected function imagick_set_image_object($file_path, $image) {
+        $this->imagick_destroy_image_object($file_path);
+        $this->image_objects[$file_path] = $image;
+    }
+
+    protected function imagick_destroy_image_object($file_path) {
+        $image = (isset($this->image_objects[$file_path])) ? $this->image_objects[$file_path] : null ;
+        return $image && $image->destroy();
+    }
+
+    protected function imagick_orient_image($image) {
+        $orientation = $image->getImageOrientation();
+        $background = new \ImagickPixel('none');
+        switch ($orientation) {
+            case \imagick::ORIENTATION_TOPRIGHT: // 2
+                $image->flopImage(); // horizontal flop around y-axis
+                break;
+            case \imagick::ORIENTATION_BOTTOMRIGHT: // 3
+                $image->rotateImage($background, 180);
+                break;
+            case \imagick::ORIENTATION_BOTTOMLEFT: // 4
+                $image->flipImage(); // vertical flip around x-axis
+                break;
+            case \imagick::ORIENTATION_LEFTTOP: // 5
+                $image->flopImage(); // horizontal flop around y-axis
+                $image->rotateImage($background, 270);
+                break;
+            case \imagick::ORIENTATION_RIGHTTOP: // 6
+                $image->rotateImage($background, 90);
+                break;
+            case \imagick::ORIENTATION_RIGHTBOTTOM: // 7
+                $image->flipImage(); // vertical flip around x-axis
+                $image->rotateImage($background, 270);
+                break;
+            case \imagick::ORIENTATION_LEFTBOTTOM: // 8
+                $image->rotateImage($background, 270);
+                break;
+            default:
+                return false;
+        }
+        $image->setImageOrientation(\imagick::ORIENTATION_TOPLEFT); // 1
+        return true;
+    }
+
+    protected function imagick_create_scaled_image($file_name, $version, $options) {
+        list($file_path, $new_file_path) =
+            $this->get_scaled_image_file_paths($file_name, $version);
+        $image = $this->imagick_get_image_object(
+            $file_path,
+            !empty($options['no_cache'])
+        );
+        if ($image->getImageFormat() === 'GIF') {
+            // Handle animated GIFs:
+            $images = $image->coalesceImages();
+            foreach ($images as $frame) {
+                $image = $frame;
+                $this->imagick_set_image_object($file_name, $image);
+                break;
+            }
+        }
+        $image_oriented = false;
+        if (!empty($options['auto_orient'])) {
+            $image_oriented = $this->imagick_orient_image($image);
+        }
+        $new_width = $max_width = $img_width = $image->getImageWidth();
+        $new_height = $max_height = $img_height = $image->getImageHeight();
+        if (!empty($options['max_width'])) {
+            $new_width = $max_width = $options['max_width'];
+        }
+        if (!empty($options['max_height'])) {
+            $new_height = $max_height = $options['max_height'];
+        }
+        if (!($image_oriented || $max_width < $img_width || $max_height < $img_height)) {
+            if ($file_path !== $new_file_path) {
+                return copy($file_path, $new_file_path);
+            }
+            return true;
+        }
+        $crop = !empty($options['crop']);
+        if ($crop) {
+            $x = 0;
+            $y = 0;
+            if (($img_width / $img_height) >= ($max_width / $max_height)) {
+                $new_width = 0; // Enables proportional scaling based on max_height
+                $x = ($img_width / ($img_height / $max_height) - $max_width) / 2;
+            } else {
+                $new_height = 0; // Enables proportional scaling based on max_width
+                $y = ($img_height / ($img_width / $max_width) - $max_height) / 2;
+            }
+        }
+        $success = $image->resizeImage(
+            $new_width,
+            $new_height,
+            isset($options['filter']) ? $options['filter'] : \imagick::FILTER_LANCZOS,
+            isset($options['blur']) ? $options['blur'] : 1,
+            $new_width && $new_height // fit image into constraints if not to be cropped
+        );
+        if ($success && $crop) {
+            $success = $image->cropImage(
+                $max_width,
+                $max_height,
+                $x,
+                $y
+            );
+            if ($success) {
+                $success = $image->setImagePage($max_width, $max_height, 0, 0);
+            }
+        }
+        $type = strtolower(substr(strrchr($file_name, '.'), 1));
+        switch ($type) {
+            case 'jpg':
+            case 'jpeg':
+                if (!empty($options['jpeg_quality'])) {
+                    $image->setImageCompression(\imagick::COMPRESSION_JPEG);
+                    $image->setImageCompressionQuality($options['jpeg_quality']);
+                }
+                break;
+        }
+        if (!empty($options['strip'])) {
+            $image->stripImage();
+        }
+        return $success && $image->writeImage($new_file_path);
+    }
+
+    protected function imagemagick_create_scaled_image($file_name, $version, $options) {
+        list($file_path, $new_file_path) =
+            $this->get_scaled_image_file_paths($file_name, $version);
+        $resize = @$options['max_width']
+            .(empty($options['max_height']) ? '' : 'X'.$options['max_height']);
+        if (!$resize && empty($options['auto_orient'])) {
+            if ($file_path !== $new_file_path) {
+                return copy($file_path, $new_file_path);
+            }
+            return true;
+        }
+        $cmd = $this->options['convert_bin'];
+        if (!empty($this->options['convert_params'])) {
+            $cmd .= ' '.$this->options['convert_params'];
+        }
+        $cmd .= ' '.escapeshellarg($file_path);
+        if (!empty($options['auto_orient'])) {
+            $cmd .= ' -auto-orient';
+        }
+        if ($resize) {
+            // Handle animated GIFs:
+            $cmd .= ' -coalesce';
+            if (empty($options['crop'])) {
+                $cmd .= ' -resize '.escapeshellarg($resize.'>');
+            } else {
+                $cmd .= ' -resize '.escapeshellarg($resize.'^');
+                $cmd .= ' -gravity center';
+                $cmd .= ' -crop '.escapeshellarg($resize.'+0+0');
+            }
+            // Make sure the page dimensions are correct (fixes offsets of animated GIFs):
+            $cmd .= ' +repage';
+        }
+        if (!empty($options['convert_params'])) {
+            $cmd .= ' '.$options['convert_params'];
+        }
+        $cmd .= ' '.escapeshellarg($new_file_path);
+        exec($cmd, $output, $error);
+        if ($error) {
+            error_log(implode('\n', $output));
+            return false;
+        }
+        return true;
+    }
+
+    protected function get_image_size($file_path) {
+        if ($this->options['image_library']) {
+            if (extension_loaded('imagick')) {
+                $image = new \Imagick();
+                try {
+                    if (@$image->pingImage($file_path)) {
+                        $dimensions = array($image->getImageWidth(), $image->getImageHeight());
+                        $image->destroy();
+                        return $dimensions;
+                    }
+                    return false;
+                } catch (Exception $e) {
+                    error_log($e->getMessage());
+                }
+            }
+            if ($this->options['image_library'] === 2) {
+                $cmd = $this->options['identify_bin'];
+                $cmd .= ' -ping '.escapeshellarg($file_path);
+                exec($cmd, $output, $error);
+                if (!$error && !empty($output)) {
+                    // image.jpg JPEG 1920x1080 1920x1080+0+0 8-bit sRGB 465KB 0.000u 0:00.000
+                    $infos = preg_split('/\s+/', $output[0]);
+                    $dimensions = preg_split('/x/', $infos[2]);
+                    return $dimensions;
+                }
+                return false;
+            }
+        }
+        if (!function_exists('getimagesize')) {
+            error_log('Function not found: getimagesize');
+            return false;
+        }
+        return @getimagesize($file_path);
+    }
+
+    protected function create_scaled_image($file_name, $version, $options) {
+        if ($this->options['image_library'] === 2) {
+            return $this->imagemagick_create_scaled_image($file_name, $version, $options);
+        }
+        if ($this->options['image_library'] && extension_loaded('imagick')) {
+            return $this->imagick_create_scaled_image($file_name, $version, $options);
+        }
+        return $this->gd_create_scaled_image($file_name, $version, $options);
+    }
+
+    protected function destroy_image_object($file_path) {
+        if ($this->options['image_library'] && extension_loaded('imagick')) {
+            return $this->imagick_destroy_image_object($file_path);
+        }
+    }
+
+    protected function is_valid_image_file($file_path) {
+        if (!preg_match($this->options['image_file_types'], $file_path)) {
+            return false;
+        }
+        if (function_exists('exif_imagetype')) {
+            return @exif_imagetype($file_path);
+        }
+        $image_info = $this->get_image_size($file_path);
+        return $image_info && $image_info[0] && $image_info[1];
+    }
+
+    protected function handle_image_file($file_path, $file) {
+        $failed_versions = array();
+        foreach($this->options['image_versions'] as $version => $options) {
+            if ($this->create_scaled_image($file->name, $version, $options)) {
+                if (!empty($version)) {
+                    $file->{$version.'Url'} = $this->get_download_url(
+                        $file->name,
+                        $version
+                    );
+                } else {
+                    $file->size = $this->get_file_size($file_path, true);
+                }
+            } else {
+                $failed_versions[] = $version ? $version : 'original';
+            }
+        }
+        if (count($failed_versions)) {
+            $file->error = $this->get_error_message('image_resize')
+                    .' ('.implode($failed_versions,', ').')';
+        }
+        // Free memory:
+        $this->destroy_image_object($file_path);
+    }
+
+    protected function handle_file_upload($uploaded_file, $name, $size, $type, $error,
+        $index = null, $content_range = null) {
+
+        $file = new \stdClass();
+//        $file->name = $this->get_file_name($uploaded_file, $name, $size, $type, $error,
+//            $index, $content_range);
+
+        $file->name = $this->trim_file_name($uploaded_path, $name, $size, $type, $error, $index, $content_range);
+        $file->name = $this->fix_file_extension($uploaded_path, $name, $size, $type, $error, $index, $content_range);
+
+
+        $file->size = $this->fix_integer_overflow(intval($size));
+        $file->type = $type;
+        if ($this->validate($uploaded_file, $file, $error, $index)) {
+            $this->handle_form_data($file, $index);
+            $upload_dir = $this->get_upload_path();
+            if (!is_dir($upload_dir)) {
+                mkdir($upload_dir, $this->options['mkdir_mode'], true);
+            }
+            $file_path = $this->get_upload_path($file->name);
+            $append_file = $content_range && is_file($file_path) &&
+                $file->size > $this->get_file_size($file_path);
+            if ($uploaded_file && is_uploaded_file($uploaded_file)) {
+                chmod($uploaded_file, 0644);
+                exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." ".$uploaded_file." ".escapeshellarg($file_path), $output, $return_var);
+                $error = check_return_code($return_var, $output);
+                if ($return_var != 0) {
+                    $file->error = 'Error while saving file ';
+                }
+            }
+            $file_size = $this->get_file_size($file_path, $append_file);
+
+            if ($file_size === $file->size) {
+                $file->url = $this->get_download_url($file->name);
+                // uncomment if images also need to be resized
+                //if ($this->is_valid_image_file($file_path)) {
+                //    $this->handle_image_file($file_path, $file);
+                //}
+            } else {
+                //$file->size = $file_size;
+                //if (!$content_range && $this->options['discard_aborted_uploads']) {
+                //    unlink($file_path);
+                //    $file->error = $this->get_error_message('abort');
+                //}
+            }
+            $this->set_additional_file_properties($file);
+        }
+        return $file;
+    }
+
+    protected function readfile($file_path) {
+        $file_size = $this->get_file_size($file_path);
+        $chunk_size = $this->options['readfile_chunk_size'];
+        if ($chunk_size && $file_size > $chunk_size) {
+            $handle = fopen($file_path, 'rb');
+            while (!feof($handle)) {
+                echo fread($handle, $chunk_size);
+                @ob_flush();
+                @flush();
+            }
+            fclose($handle);
+            return $file_size;
+        }
+        return readfile($file_path);
+    }
+
+    protected function body($str) {
+        echo $str;
+    }
+
+    protected function header($str) {
+        header($str);
+    }
+
+    protected function get_server_var($id) {
+        return isset($_SERVER[$id]) ? $_SERVER[$id] : '';
+    }
+
+    protected function generate_response($content, $print_response = true) {
+        if ($print_response) {
+            $json = json_encode($content);
+            $redirect = isset($_REQUEST['redirect']) ?
+                stripslashes($_REQUEST['redirect']) : null;
+            if ($redirect) {
+                $this->header('Location: '.sprintf($redirect, rawurlencode($json)));
+                return;
+            }
+            $this->head();
+            if ($this->get_server_var('HTTP_CONTENT_RANGE')) {
+                $files = isset($content[$this->options['param_name']]) ?
+                    $content[$this->options['param_name']] : null;
+                if ($files && is_array($files) && is_object($files[0]) && $files[0]->size) {
+                    $this->header('Range: 0-'.(
+                        $this->fix_integer_overflow(intval($files[0]->size)) - 1
+                    ));
+                }
+            }
+            $this->body($json);
+        }
+        return $content;
+    }
+
+    protected function get_version_param() {
+        return isset($_GET['version']) ? basename(stripslashes($_GET['version'])) : null;
+    }
+
+    protected function get_singular_param_name() {
+        return substr($this->options['param_name'], 0, -1);
+    }
+
+    protected function get_file_name_param() {
+        $name = $this->get_singular_param_name();
+        return isset($_REQUEST[$name]) ? basename(stripslashes($_REQUEST[$name])) : null;
+    }
+
+    protected function get_file_names_params() {
+        $params = isset($_REQUEST[$this->options['param_name']]) ?
+            $_REQUEST[$this->options['param_name']] : array();
+        foreach ($params as $key => $value) {
+            $params[$key] = basename(stripslashes($value));
+        }
+        return $params;
+    }
+
+    protected function get_file_type($file_path) {
+        switch (strtolower(pathinfo($file_path, PATHINFO_EXTENSION))) {
+            case 'jpeg':
+            case 'jpg':
+                return 'image/jpeg';
+            case 'png':
+                return 'image/png';
+            case 'gif':
+                return 'image/gif';
+            default:
+                return '';
+        }
+    }
+
+    protected function download() {
+        switch ($this->options['download_via_php']) {
+            case 1:
+                $redirect_header = null;
+                break;
+            case 2:
+                $redirect_header = 'X-Sendfile';
+                break;
+            case 3:
+                $redirect_header = 'X-Accel-Redirect';
+                break;
+            default:
+                return $this->header('HTTP/1.1 403 Forbidden');
+        }
+        $file_name = $this->get_file_name_param();
+        if (!$this->is_valid_file_object($file_name)) {
+            return $this->header('HTTP/1.1 404 Not Found');
+        }
+        if ($redirect_header) {
+            return $this->header(
+                $redirect_header.': '.$this->get_download_url(
+                    $file_name,
+                    $this->get_version_param(),
+                    true
+                )
+            );
+        }
+        $file_path = $this->get_upload_path($file_name, $this->get_version_param());
+        // Prevent browsers from MIME-sniffing the content-type:
+        $this->header('X-Content-Type-Options: nosniff');
+        if (!preg_match($this->options['inline_file_types'], $file_name)) {
+            $this->header('Content-Type: application/octet-stream');
+            $this->header('Content-Disposition: attachment; filename="'.$file_name.'"');
+        } else {
+            $this->header('Content-Type: '.$this->get_file_type($file_path));
+            $this->header('Content-Disposition: inline; filename="'.$file_name.'"');
+        }
+        $this->header('Content-Length: '.$this->get_file_size($file_path));
+        $this->header('Last-Modified: '.gmdate('D, d M Y H:i:s T', filemtime($file_path)));
+        $this->readfile($file_path);
+    }
+
+    protected function send_content_type_header() {
+        $this->header('Vary: Accept');
+        if (strpos($this->get_server_var('HTTP_ACCEPT'), 'application/json') !== false) {
+            $this->header('Content-type: application/json');
+        } else {
+            $this->header('Content-type: text/plain');
+        }
+    }
+
+    protected function send_access_control_headers() {
+        $this->header('Access-Control-Allow-Origin: '.$this->options['access_control_allow_origin']);
+        $this->header('Access-Control-Allow-Credentials: '
+            .($this->options['access_control_allow_credentials'] ? 'true' : 'false'));
+        $this->header('Access-Control-Allow-Methods: '
+            .implode(', ', $this->options['access_control_allow_methods']));
+        $this->header('Access-Control-Allow-Headers: '
+            .implode(', ', $this->options['access_control_allow_headers']));
+    }
+
+    public function head() {
+        $this->header('Pragma: no-cache');
+        $this->header('Cache-Control: no-store, no-cache, must-revalidate');
+        $this->header('Content-Disposition: inline; filename="files.json"');
+        // Prevent Internet Explorer from MIME-sniffing the content-type:
+        $this->header('X-Content-Type-Options: nosniff');
+        if ($this->options['access_control_allow_origin']) {
+            $this->send_access_control_headers();
+        }
+        $this->send_content_type_header();
+    }
+
+    public function get($print_response = true) {
+        if ($print_response && isset($_GET['download'])) {
+            return $this->download();
+        }
+        $file_name = $this->get_file_name_param();
+        if ($file_name) {
+            $response = array(
+                $this->get_singular_param_name() => $this->get_file_object($file_name)
+            );
+        } else {
+            $response = array(
+                $this->options['param_name'] => $this->get_file_objects()
+            );
+        }
+        return $this->generate_response($response, $print_response);
+    }
+
+    public function post($print_response = true) {
+        if (isset($_REQUEST['_method']) && $_REQUEST['_method'] === 'DELETE') {
+            return $this->delete($print_response);
+        }
+        $upload = isset($_FILES[$this->options['param_name']]) ?
+            $_FILES[$this->options['param_name']] : null;
+        // Parse the Content-Disposition header, if available:
+        $file_name = $this->get_server_var('HTTP_CONTENT_DISPOSITION') ?
+            rawurldecode(preg_replace(
+                '/(^[^"]+")|("$)/',
+                '',
+                $this->get_server_var('HTTP_CONTENT_DISPOSITION')
+            )) : null;
+        // Parse the Content-Range header, which has the following form:
+        // Content-Range: bytes 0-524287/2000000
+        $content_range = $this->get_server_var('HTTP_CONTENT_RANGE') ?
+            preg_split('/[^0-9]+/', $this->get_server_var('HTTP_CONTENT_RANGE')) : null;
+        $size =  $content_range ? $content_range[3] : null;
+        $files = array();
+        if ($upload && is_array($upload['tmp_name'])) {
+            // param_name is an array identifier like "files[]",
+            // $_FILES is a multi-dimensional array:
+            foreach ($upload['tmp_name'] as $index => $value) {
+                $files[] = $this->handle_file_upload(
+                    $upload['tmp_name'][$index],
+                    $file_name ? $file_name : $upload['name'][$index],
+                    $size ? $size : $upload['size'][$index],
+                    $upload['type'][$index],
+                    $upload['error'][$index],
+                    $index,
+                    $content_range
+                );
+            }
+        } else {
+            // param_name is a single object identifier like "file",
+            // $_FILES is a one-dimensional array:
+            $files[] = $this->handle_file_upload(
+                isset($upload['tmp_name']) ? $upload['tmp_name'] : null,
+                $file_name ? $file_name : (isset($upload['name']) ?
+                        $upload['name'] : null),
+                $size ? $size : (isset($upload['size']) ?
+                        $upload['size'] : $this->get_server_var('CONTENT_LENGTH')),
+                isset($upload['type']) ?
+                        $upload['type'] : $this->get_server_var('CONTENT_TYPE'),
+                isset($upload['error']) ? $upload['error'] : null,
+                null,
+                $content_range
+            );
+        }
+        return $this->generate_response(
+            array($this->options['param_name'] => $files),
+            $print_response
+        );
+    }
+
+    public function delete($print_response = true) {
+        $file_names = $this->get_file_names_params();
+        if (empty($file_names)) {
+            $file_names = array($this->get_file_name_param());
+        }
+        $response = array();
+        foreach($file_names as $file_name) {
+            $file_path = $this->get_upload_path($file_name);
+            $success = is_file($file_path) && $file_name[0] !== '.' && unlink($file_path);
+            if ($success) {
+                foreach($this->options['image_versions'] as $version => $options) {
+                    if (!empty($version)) {
+                        $file = $this->get_upload_path($file_name, $version);
+                        if (is_file($file)) {
+                            unlink($file);
+                        }
+                    }
+                }
+            }
+            $response[$file_name] = $success;
+        }
+        return $this->generate_response($response, $print_response);
+    }
+
+}
diff --git a/web/upload/files/.gitignore b/web/upload/files/.gitignore
new file mode 100644
index 000000000..e24a60fae
--- /dev/null
+++ b/web/upload/files/.gitignore
@@ -0,0 +1,3 @@
+*
+!.gitignore
+!.htaccess
diff --git a/web/upload/files/.htaccess b/web/upload/files/.htaccess
new file mode 100644
index 000000000..56689f0bb
--- /dev/null
+++ b/web/upload/files/.htaccess
@@ -0,0 +1,18 @@
+# The following directives force the content-type application/octet-stream
+# and force browsers to display a download dialog for non-image files.
+# This prevents the execution of script files in the context of the website:
+ForceType application/octet-stream
+Header set Content-Disposition attachment
+
+	ForceType none
+	Header unset Content-Disposition
+
+
+# The following directive prevents browsers from MIME-sniffing the content-type.
+# This is an important complement to the ForceType directive above:
+Header set X-Content-Type-Options nosniff
+
+# Uncomment the following lines to prevent unauthorized download of files:
+#AuthName "Authorization required"
+#AuthType Basic
+#require valid-user
diff --git a/web/upload/index.php b/web/upload/index.php
new file mode 100644
index 000000000..30e3dec0b
--- /dev/null
+++ b/web/upload/index.php
@@ -0,0 +1 @@
+
diff --git a/web/view/file/index.php b/web/view/file/index.php
new file mode 100644
index 000000000..30e3dec0b
--- /dev/null
+++ b/web/view/file/index.php
@@ -0,0 +1 @@
+